Here are seven most common questions that may come to your mind when you think about these training programs for medical and dental practices.
The meaning of HIPAA and OSHA:
HIPAA stands for Health Insurance Portability and Accountability Act. It was mainly formulated to protect sensitive health information about patients. OSHA stands for Occupational Health and Safety Act. It was formulated to ensure healthy and safe working conditions. It is important that both these laws are followed and training in both is a must. But there can be a lot of confusion and questions with regards to these two acts.
- Is HIPAA and OSHA annual training mandatory?
OSHA training for all employees is compulsory. New joinees need to complete their training within 10 days of joining.
HIPAA training for all employees is also mandatory. Periodic training is a must but there is no clear definition of periodic. To be on the safe side, it is better to have this HIPAA certification training annually so that the employees are well versed with any new developments and changes.
- Who all need to be trained?
It should be noted that OSHA training is mandatory for everyone, including the healthcare staff that is nurses, doctors etc.
In case of HIPAA training all those employees who will be handling or accessing protected health information will have to undergo the HIPAA training. The healthcare staff and system administrators etc will have to undergo this training.
- What is the duration of training?
The duration is not specified, but it is important that all the correct information is given. The training is not a matter of few minutes and one may have to give a couple of days for OSHA and HIPAA certification training.
- What are the topics that need to be covered in these training programs?
One can easily get all the correct information from the websites of OSHA and HIPAA.
- Is documentation of the training session mandatory?
Yes, the documentation is essential as auditors will normally check the training logs. These records are a proof that you have been conducting the training sessions on a regular basis and they will be of great help if a breach occurs. You need to maintain all the details like date of training, name and qualification trainer, name of employees who attended the training program etc.
- Are any penalties imposed if training is not conducted on a periodic basis?
Yes in both cases penalties are imposed. In case of OSHA the penalty can be upto $ 70,000 and in case of HIPAA it can be upto $ 1.5 million. The amount will depend on the breach that has occurred. There can also be civil and criminal penalties and healthcare professionals may also lose their license.
- What are some of the examples of violations?
In case of OSHA it can be failure in implementation and maintenance of control plan, bad housekeeping, failure to train employees etc. In case of HIPAA it will be giving wrong patient information, not disposing the records properly etc.