HR for Medical

HR for Medical Teams Tackling OSHA & HIPAA in 2022

Today we'll be talking about a topic that is near and dear to the hearts of us here at Done Desk — and that is your HR and Medical teams’ OSHA and HIPAA compliance in your practice! Now, if everybody in your practice is able to do one little piece or 1% — that elevates your practice significantly. So, we recommend making sure all your employees get their annual OSHA training as a team and making sure EVERYBODY is on the same page.

HR for Medical and Dental Teams

As the admin staff, HR’s job is supporting and encouraging everyone at your practices to actually build it into their schedule to be focused on OSHA and HIPAA throughout the year.

It’s important to remember that OSHA Training Courses for your team are mandatory for all your employees — including dentists, hygienists, receptionists, and your part-time employees.

Your OSHA Manual — and OSHA training — provide you with technical information about workplace hazards and how to keep you, your team, and your patients safe.

Federal OSHA Standards

These apply to all employers while State Standards can differ depending on where your practice is based. However, State OSHA exists when a state decides that its workplaces require additional clarification and regulation to ensure employee safety. So, if you are an employer in one of the 22 states or territories that has its own state-run program, are you obligated by both federal and state OSHA, or does one agency supersede the other?

HR For Healthcare teams

chart via

If you are in a state that falls under federal OSHA's jurisdiction, then you must comply with all federal regulations. Federal OSHA encourages states to run their own programs, but only about 50 percent of the states choose to do so. Employers are required only to comply with their state-run program if they are in a state with its own program.

HR for Medical Team’s Manuals - Walkthrough and Documentation

To be in complete OSHA compliance, your OSHA manual must be customized and completed in its entirety so that it reflects the actual circumstance in your practice. Your manual requires a few specific areas to be completed:

  • Your OSHA Manual
  • Sharps Injury Instructions
  • Exposure Control Plan & Exposure Incident Evaluations
  • Hazard Communication Plan
  • Training Records
  • Safety: Needles And Scalpels
  • Hepatitis B Vaccination 
  • Employee Training & Medical Records
  • Biosafety Manual
  • Inventory List Of Hazardous Chemicals

HR for Medical and Dental Team’s HIPAA Standards

  • What is HIPAA?
  • Understanding your patient's rights.
  • Ensuring HIPAA compliance in your Practice
  • Recognizing HIPAA violations and managing a data breach.

HIPAA applies to all forms of written electronic and spoken health information including any information about health status, provision of healthcare, or payment for healthcare that is created or collected by a covered entity and can be linked to a specific individual.

Each violation of HIPAA law can range from 100 to $50,000 per violation!

Patients Have Six Basic Rights:

  • The right to receive a notice about your privacy policies.
  • The right to access the medical information you maintain about him or her.
  • The right to limit the uses and disclosure of medical information.
  • The right to request amendments to the medical record.
  • The right to revoke or limit authorization for disclosure.
  • The right to an accounting of disclosures of protected health information.

Your office's Notice of Privacy Practices should outline all of your obligations and the rights of the patient.

To develop your practices administrative, physical, and technical safeguards you should complete a security risk assessment. The security risk assessment analyzes your business practices and determines which risks require a policy and or procedure to manage that risk. Want a personalized coaching session with a Done Desk expert to go through your HIPAA Risk Assessment? Hire a coach here.

Want to learn more about taking the stress of compliance off of your shoulders?

Schedule a quick demo to see how Done Desk will make your practice life easy.

Although every effort has been made to ensure the accuracy of this information, Done Desk is not responsible for any errors and omissions, or anyone’s interpretations, applications, and changes of regulations described. This ain’t a substitute for review of the applicable regulations and standards, and should not be construed as legal advice, okay? Check with your state board for details on this and all compliance programs for your practice. We're happy to help you implement the appropriate programs using our platform Done Desk.

Want to learn more about taking the stress of compliance off of your shoulders?

Schedule a quick demo to see how Done Desk helps you spend effective time managing your business so you can get back to medicine.

Let's Talk!

Don't Have Done Desk, But Looking For Medical CE?

Done Desk EDU is an active healthcare learning platform hosted by experts in practice management, OSHA and HIPAA employee training and compliance, risk management, and teams’ development.

On-Line & On-Demand

CE Anytime, Anywhere. Learn at times that work for you. We have many courses you can take at your own pace.

Live Monthly Webinars

OSHA, HIPAA, Risk Management CE, and more. Jump into our standing monthly training courses.

done desk edu