Running a small dental or medical office means wearing a lot of hats. Beyond delivering great care, there's the crucial task of staying compliant with laws like HIPAA, OSHA, and CDC guidelines. An effective compliance program is more than a formality, it’s a vital part of safeguarding your patients, supporting your team, and maintaining your professional credibility. To make things easier, the U.S. Department of Health and Human Services (HHS) Office of Inspector General has outlined seven core elements every compliance program should include. Here's what they mean for small healthcare practices like yours: 1. Written Policies and Procedures Start with clear, straightforward policies that reflect how your office operates. Cover essential topics like patient privacy, billing practices, workplace safety, and infection control. Make sure everyone knows where to find these documents and how to follow them. 2. Compliance Oversight Appoint someone to oversee your compliance efforts. It might be your office manager, lead assistant, or even you. What's important is that someone keeps tabs on updates, deadlines, and compliance tasks. 3. Staff Training and Education Everyone in your office should understand the rules that apply to their job. That means training on HIPAA privacy and security, OSHA safety, and your specific office protocols. Do this when people are hired and at least annually. 4. Open Communication Create a work environment where team members feel comfortable speaking up. Whether it's an anonymous suggestion box, regular check-ins, or just a culture of openness, employees need a way to share concerns without fear. 5. Regular Monitoring and Auditing Check in regularly to see how things are going. That could mean reviewing OSHA logs, spot-checking sterilization records, or ensuring patient forms are properly handled. These routine audits help catch small problems before they become big ones. 6. Fair Enforcement of Rules Make sure your team understands that policies are enforced fairly and consistently. A simple, written discipline policy helps set expectations and avoid confusion. 7. Quick Response and Follow-Up If something goes wrong, act quickly to fix it. That might mean retraining a staff member, updating a policy, or reporting a serious issue. The goal is to correct the problem and make sure it doesn’t happen again. Putting these seven elements in place can seem like a big task, but you don’t have to do it all at once. Start with what you already have and build from there. Over time, these steps will help your office run more smoothly and with less risk. Bonus Resource: If you're ready to elevate your practice's success beyond compliance, check out my new book, Good Dentist, Poor Dentist—a practical guide for running a smarter, more profitable practice. Get your copy today at gooddentistbook.com .

Discover the benefits of onsite OSHA compliance training for healthcare offices—live staff education, inspection support, HIPAA compliance, and peace of mind.

In the hustle of running a dental office, it's easy to cut corners—especially if “no one's gotten hurt yet.” But when it comes to OSHA’s Bloodborne Pathogens Standard, skipping PPE like gowns isn’t just risky... it could be classified as willful neglect . And that’s a whole different level of consequence. Let’s break this down. The Gown Requirement (Yes, It’s a Requirement) Under 29 CFR 1910.1030(d)(3), OSHA requires employers to provide appropriate personal protective equipment (PPE) at no cost to employees. That includes gowns or lab coats when there’s a risk of exposure to blood, saliva, or other potentially infectious materials (OPIM)—which, let’s be honest, is every dental procedure. Willful = You Knew Better and Did It Anyway If your office knows gowns are required but chooses not to wear them, OSHA can classify this as a willful violation. That means you weren’t just unaware—you consciously decided not to comply. Potential fine? Up to $162,000 per violation in Oregon . And if multiple team members are working unprotected, each instance could be cited separately. Real Talk: What We’re Hearing in the Field At Healthcare Compliance Associates, we’ve had clients say: “We just don’t wear gowns—it gets too hot.” “Our hygienists think it’s unnecessary.” “We never had a problem before.” But here’s the thing: OSHA doesn’t base their standards on comfort or office culture. They base them on safety—and they have the authority to issue serious citations and hefty fines when those standards are knowingly ignored. What You Should Do Right Now 1. Review your PPE policy — Is it clear? Is it enforced? 2. Train your team — Make sure everyone knows when and why gowns are required. 3. Document your efforts — Annual training, policies, and regular safety meetings matter. 4. Talk to your safety officer — They should be empowered to monitor and correct compliance issues in real time. Final Word Wearing a gown might feel like a small thing. But choosing not to? That could become a very expensive decision. Protect your team, protect your patients, and protect your practice—don’t let something as preventable as gown compliance turn into a willful OSHA violation. Need help updating your policy or training your team? We’ve got you covered. Contact us at Kelli@OshaHipaaTraining.com.

A HIPAA violation occurs when a covered entity (such as a healthcare provider) or a business associate (a contractor handling PHI on behalf of a covered entity) fails to comply with any aspect of the HIPAA Privacy, Security, or Breach Notification Rules. This includes the improper use, disclosure, access, or safeguarding of Protected Health Information (PHI), even if no actual harm results. Common Examples of HIPAA Violations: Unauthorized Access or Disclosure Accessing patient records without a work-related reason. Sharing patient information with unauthorized individuals. Sending PHI to the wrong recipient by fax, email, or mail. Failure to Secure Patient Information Leaving paper records or computer screens containing PHI visible to unauthorized individuals. Storing PHI on unencrypted devices (such as laptops, smartphones, or flash drives). Using weak passwords or failing to log off systems appropriately. Lack of Proper Administrative Safeguards Failing to conduct regular HIPAA risk assessments. Not having updated HIPAA policies and procedures in place. Not providing regular HIPAA training for all employees handling PHI. Improper Disposal of PHI Disposing of documents containing PHI without proper shredding or destruction. Reselling or discarding electronic devices without securely wiping stored PHI. Failure to Provide Patients Access to Their Records Refusing or delaying a patient's lawful request to view or obtain copies of their medical records. Charging unreasonable fees for accessing records. Using PHI for Marketing or Fundraising Without Authorization • Sharing or using patient information for marketing communications without obtaining prior written authorization from the patient. Who Must Comply with HIPAA? HIPAA applies to: Covered Entities: Healthcare providers, health plans, and healthcare clearinghouses. Business Associates: Vendors or contractors that handle PHI on behalf of a covered entity. Both are legally required to comply with the HIPAA Privacy, Security, and Breach Notification Rules. Compliance obligations extend to all workforce members, including employees, volunteers, and contractors. The Importance of Proactive Compliance A good HIPAA compliance program means prioritizing preventative measures. This includes regular risk assessments, proper employee training, and clear policies and procedures is the best defense against HIPAA violations. By maintaining compliance, healthcare organizations not only avoid financial and reputational harm — they also build trust with the patients and communities they serve. Take the Next Step Toward Stronger HIPAA Compliance Proactive compliance starts with understanding your risks. 👉 Download our HIPAA Security Risk Analysis Plan to help identify vulnerabilities, strengthen safeguards, and protect your organization and patients.

If you're a dentist, office manager, or team lead, you’ve likely faced the same challenge: keeping your dental practice organized, compliant, and efficient — all while managing a growing list of patients, staff responsibilities, and regulatory changes. That’s exactly why Good Dentist, Poor Dentist was written. This practical guide is packed with proven systems designed to reduce confusion, improve dental staff training, and help you run your office with less stress and more confidence. What Is Good Dentist, Poor Dentist About? Good Dentist, Poor Dentist introduces the SAFER Compliance System — a five-step framework specifically created for the dental industry. It’s built to help you streamline operations, stay on top of compliance requirements like OSHA and HIPAA, and build stronger systems that support your team. You’ll learn how to: S urvey your risks and compliance requirements A rchitect written procedures (SOPs) for key dental tasks F acilitate consistent performance using those SOPs E ducate and onboard your dental staff with clarity R eview and refine your systems for long-term success 5 Real Benefits Dental Practices See from the SAFER System 1. Clarity in Daily Dental Office Operations Confusion leads to mistakes. SOPs (Standard Operating Procedures) give your dental team a clear roadmap for how to perform daily tasks, from instrument sterilization to patient check-ins. 2. Improved Dental Staff Satisfaction and Retention When team members understand their roles and responsibilities, they feel more confident and supported. This leads to stronger morale and less turnover in your dental practice. 3. Faster Onboarding for New Dental Employees Well-documented systems reduce the burden on your “go-to” employee. With SOPs in place, training becomes faster and more consistent — even when you're onboarding multiple roles at once. 4. Stronger OSHA, HIPAA, and Infection Control Compliance Compliance doesn’t have to be overwhelming. With structured systems in place, your dental practice can meet regulatory standards and avoid costly mistakes or fines. 5. A More Self-Sufficient Dental Practice Let’s be honest — many dental offices rely heavily on one team member who “knows everything.” If that person calls in sick, takes a vacation, or moves on, the entire workflow can grind to a halt. With written systems and SOPs in place, your practice continues to function smoothly — even when your MVP isn’t there. Why This Book Is Different This isn’t another dry dental management textbook. Good Dentist, Poor Dentist is written in clear, conversational language, making it accessible for any team member — whether you’re in the operatory or at the front desk. You’ll find real examples, common pitfalls, and simple checklists to help you create SOPs for your most essential dental tasks. It’s the missing manual for running a more efficient, compliant, and low-stress practice. Want to Improve Your Dental Practice Systems? If you’re ready to stop reinventing the wheel and start building a more reliable dental office, Good Dentist, Poor Dentist will show you how — one system at a time. Order now at GoodDentistBook.com Or connect with the author to bring the SAFER System to your team through coaching or speaking.

If your dental, medical, dermatology, or surgical clinic uses cold sterilant or high-level disinfectants, there’s a good chance glutaraldehyde is in your facility right now. While it’s incredibly effective at killing harmful microorganisms, it also comes with some serious safety and compliance strings attached. Let’s break it down—without the jargon, confusion, or fearmongering. The Hidden Dangers of Glutaraldehyde Glutaraldehyde has been a go-to disinfectant for years. It’s powerful, but that power comes at a price. Exposure—especially over time—can cause: Irritated eyes, nose, and throat Skin rashes or allergic reactions Headaches and dizziness Respiratory problems, including occupational asthma Because it evaporates easily at room temperature, clinics that use it without the right ventilation or containment measures may regularly unknowingly expose staff to harmful vapors. According to OSHA: “Glutaraldehyde vapors can be released during cold sterilization and can linger in the air without proper ventilation.” (Source: OSHA Glutaraldehyde Fact Sheet) Are You Sure Your Clinic Is Handling Glutaraldehyde Safely? Many clinics assume they’re compliant—until an audit or employee complaint says otherwise. Ask yourself: Has your team received updated training on glutaraldehyde handling? Do you use proper ventilation systems and ensure they’re regularly maintained? Are staff provided with—and consistently using—appropriate PPE? Is your documentation complete and current, including Safety Data Sheets (SDS) and training logs? If you’re unsure or answered “no” to any of these, now’s the time to take action—before OSHA steps in. The Compliance Solution: Simple, Clear, and Oregon-Specific At Healthcare Compliance Associates (HCA), we specialize in helping clinics like yours take the guesswork out of OSHA compliance—including chemical safety and glutaraldehyde use. Here’s how we support you: On-Site Risk Assessments We’ll review your current processes, storage practices, ventilation, and PPE usage. Custom Compliance Plans Tailored to your clinic’s needs and Oregon-specific regulations. Engaging, Practical Training Staff learn what matters most—without the boring slide decks or outdated videos. Documentation & Support We help you maintain inspection-ready records and respond confidently during audits. Whether you're a small dental office or a multi-provider surgical center, we make it easy to stay compliant without losing focus on patient care. How to Get Started Step 1: Book a Free Compliance Check-Up No pressure, just a quick review of your current safety protocols and documentation. Step 2: Get a Personalized Plan We’ll show you exactly what needs fixing—then give you a roadmap to compliance. Step 3: Stay Protected With our ongoing support, you’ll be prepared for any inspection or incident. Pro Tip for Busy Office Managers Compliance doesn’t have to mean more stress. We know you’re wearing ten hats. That’s why HCA does the heavy lifting—so your team can stay focused on what they do best. You’ll get reminders, updates, and real-time support when you need it. Ready to Eliminate Compliance Guesswork? When it comes to chemical safety, doing nothing isn’t just risky—it’s costly. Protect your staff, your patients, and your practice. Schedule Your Free Compliance Check-Up Or Subscribe to Our Safety Meeting Blog

The release of the 2024 Oregon Community TB Profile means it’s time to update your required TB Facility Risk Assessment form . If this is the first time you’re hearing about this requirement—no worries. We’ve got you covered! Keep reading to learn what’s required and how to stay compliant with confidence. The Requirement for Healthcare (Including Dental) Clinics in Oregon The Oregon Health Authority (OHA) requires all healthcare and outpatient clinics—including dental practices—to meet specific TB compliance standards. What This Means for YOU To stay compliant, your clinic must have: An annually updated TB Facility Risk Assessment (using the most up-to-date Oregon Community TB Profile ) Healthcare personnel screening and documentation at the time of hire A written TB Exposure Control Plan with clear roles, responsibilities, and protocols All of these pieces must be in place to meet OSHA and OHA requirements—and to ensure your practice is audit-ready year-round. What Happens If You Skip This Step Failing to complete your TB Facility Risk Assessment may seem minor—but it’s a required part of annual compliance for all healthcare and outpatient clinics in Oregon, including dental practices. Here’s what your clinic could face if this step is missed: Citations or fines from OSHA: Inspectors may request your TB risk assessment, employee screening records, and written exposure control plan. If anything is missing, your clinic could be cited for non-compliance. Increased inspection scrutiny: Missing documentation can trigger broader reviews into your compliance program—leading to more time, paperwork, and potential violations. Reputation and trust issues: Even small oversight can reflect poorly on your clinic’s commitment to safety. Being prepared shows your patients and staff that you take compliance seriously. Whether your clinic is high-risk or low risk, you're required to assess, document, and maintain a TB compliance plan every year. Staying current protects your license, your team, and your reputation. Make Sure Your Clinic Is Fully Covered—No Gaps, No Guessing Getting compliant doesn’t have to be overwhelming. At Healthcare Compliance Associates (HCA) , we help Oregon clinics simplify OSHA, infection control, and HIPAA compliance—starting with one quick call. Here’s what to expect: Book a Discovery Call: We’ll ask a few questions to understand how your clinic currently handles compliance. Identify hidden gaps: Walk away with clear, actionable strategies to boost safety, efficiency, and full compliance. Relax: We'll handle the rest. 😊 You shouldn’t have to second-guess your compliance program. We’ll help you get clear, confident, and covered—so you’re ready for whatever comes your way. 👉 Schedule Your Call TODAY! Sources: Tuberculosis Screening, Testing, and Treatment of U.S. Health Care Personnel: Recommendations from the National Tuberculosis Controllers Association and CDC, 2019 TB Screening, Testing and Treatment of Oregon Health Care Personnel Webinar (YouTube) July 2019 Facilities Required to Test New Employees for Tuberculosis upon Hire (pdf) Latent Tuberculosis Infection (LTBI)

A recent HIPAA Journal Annual Survey uncovered something every healthcare clinic should pay attention to: management support for compliance directly impacts the likelihood of a data breach. The survey focused on clinics with 200 or fewer employees—like many dental, dermatology, and surgical practices in Oregon—and the findings were eye-opening: Here’s What They Found: 75% of clinics where staff felt the culture didn't encourage HIPAA compliance had under 200 employees. 66% of respondents who lacked management support were also from smaller practices. Organizations with strong leadership support were more likely to take a proactive approach to compliance (audits, training, monitoring). And here's the kicker: Clinics with a proactive approach experienced nearly 3x fewer data breaches than those with a reactive one. Why This Matters If leadership isn’t fully behind your compliance efforts, it can: Erode workplace culture. Lead to inconsistent HIPAA enforcement. Increase your risk of costly data breaches and violations. The Takeaway Management support isn’t just nice—it’s necessary. A proactive, supported approach to HIPAA leads to stronger compliance and fewer breaches. Especially in smaller practices, empowering your team with expert-led systems makes all the difference. Need help making compliance a priority at your clinic? At HCA, we partner with Oregon practices to take the stress out of HIPAA and OSHA. We make it simple, actionable, and customized to your office. Book a Free Compliance Check-Up → Click here to Book now!

As a healthcare employer, you may wonder about your rights when an OSHA (Occupational Safety and Health Administration) inspector arrives at your clinic. One of the most common questions is: Can I refuse an OSHA inspection? The short answer is yes, but refusing an inspection is not the best course of action. Instead, ensuring your practice is always inspection-ready and compliant with OSHA standards is far better. What Happens if You Refuse an Inspection? If you refuse entry, the following steps typically occur: The Inspector Leaves: The inspector may terminate or limit the inspection to areas where no objection was raised. OSHA May Obtain a Warrant: The CSHO will report the refusal to their Area Director, who may seek a warrant from a federal judge. Inspection Proceeds with a Warrant: Once a warrant is granted, OSHA will return to conduct the inspection, and at that point, you must comply. While you have the right to refuse, this can lead to increased scrutiny and a more adversarial inspection. Instead of delaying the inevitable, the best approach is to ensure your practice is always prepared for an OSHA visit. 📌 Want to avoid unnecessary stress? Our compliance experts can help you prepare before OSHA arrives for just $197. Book your evaluation today! Read to the end to learn more about this special offer. How to Ensure You're Ready for an Inspection Being proactive about compliance helps avoid last-minute stress and demonstrates your commitment to workplace safety. Here’s how you can stay prepared: Prepare Your Team: OSHA inspectors may interview employees about your safety policies. Regularly review the location of safety plans, policies, first aid kits, and other critical safety items with your team. Keep Records Inspection-Ready: Ensure that all safety training logs, incident reports, and inspection records are well-organized and easily accessible. Get Expert Compliance Support: Compliance regulations are complex and constantly changing. Working with a knowledgeable compliance consultant ensures you have expert guidance to keep your practice inspection ready. Stay Proactive with Regular Assessments: Conduct routine hazard assessments and safety audits to catch and correct potential risks before they become violations. 💡 Compliance doesn’t have to be overwhelming! Get expert guidance and feel confident in your OSHA readiness. Schedule your compliance evaluation now. Read to the end to learn more about this special offer. How to Handle an OSHA Inspection with Confidence If an OSHA inspector arrives, follow these best practices to protect your practice while maintaining compliance: Contact Your Compliance Support Team ASAP: If you work with a compliance consultant, reach out immediately for guidance on navigating the inspection smoothly. Be Positive and Professional: Inspectors are there to assess compliance, not catch you off guard. Be polite, cooperative, and transparent while providing requested information. Document the Inspection Process: Keep a detailed record of the inspector’s name, date/time of the inspection, and any findings for accuracy and follow-up. While refusing an OSHA inspection is within your rights, it’s not the best strategy. Instead, stay proactive and ensure your compliance program is strong. If you don’t currently have a compliance consultant on your team, we highly recommend working with an expert to ensure you have the right support whenever you need it. Take Control of Your Compliance Today! Not sure if your practice is inspection-ready? Now’s the perfect time to stop guessing and start knowing! For just $197, you can schedule a virtual OSHA COMPLIANCE EVALUATION with a trusted compliance expert. Simply click HERE to provide some basic information, and one of our friendly associates will reach out to schedule your evaluation. During the session, we will: ✅ Identify compliance gap ✅ Get personalized recommendations ✅ Eliminate uncertainty—know for sure if your practice is OSHA-compliant Plus, learn how our exclusive OSHA Guarantee can give you even more peace of mind! Book your virtual evaluation today and take the first step toward total confidence in your compliance program!