Login
Call Us Today 877 941 3338
Login
logo-1-pjrxiqoaoenmox4asbw1nbww35nn11nqng8merctui

HIPAA and OSHA Compliance:
Case Studies and Lessons

Ensuring compliance with HIPAA and OSHA regulations is essential to protect patient information, ensure employee safety, and avoid costly fines. Below are case studies illustrating the consequences of non-compliance and the critical need for proper training and policies.

Avoid similar violations with the right compliance package!

Example HIPAA Violations

Avoidable with the CORE package

HIPAA Violation 
Yakima Valley Memorial Hospital
Yakima, Oregon
Fine: $240,000

The lack of proper training on patient privacy protocols contributed to these unauthorized accesses. As part of the settlement, the hospital agreed to update its policies and provide comprehensive HIPAA training to its employees to prevent future incidents.

Avoidable with the COMPLETE package

HIPAA Violation 
Steven A. Porter, M.D.
Ogden, Utah
Fine: $100,000+

The OCR’s investigation determined that the practice had never conducted a risk analysis and lacked adequate security measures to protect patient information. This case underscores the necessity of training healthcare providers on implementing and maintaining HIPAA-required security protocols.

Avoidable with the CORE package

HIPAA Violation  
Northcutt Dental-Fairhope
Fairhope, Alabama
Fine: $62,500

The OCR found that the practice had not designated a privacy official nor implemented appropriate policies and procedures as required by HIPAA, highlighting the critical need for staff training on patient privacy regulations.

Example OSHA Violations

Avoidable with the COMPLETE package

OSHA Violation  
Elena Kurz, DMD 
Dacula, Georgia
Fine: $37,507
Main Violation: Failure to have an exposure control plan 

The employer failed to establish a written Exposure Control Plan as required by 29 CFR 1910.1030(c)(1)(i) to minimize employee exposure to bloodborne pathogens. Employees performing dental procedures, cosmetic treatments, and equipment sterilization were at risk due to the lack of a properly implemented plan. Although the employer purchased a generic plan, they did not customize it with site-specific information or fully implement its required elements, resulting in non-compliance.

Avoidable with the COMPLETE package

OSHA Violation  
North American Dental Group 
Colchester, Connecticut
Fine: $43,644
Main Violation: Failure to update exposure control plan annually

The employer failed to review and update their Exposure Control Plan annually as required by CFR 1910.1030(c)(1)(iv), with the last update occurring four years prior to the incident.This failure exposed employees to potential hazards related to bloodborne pathogens and other infectious materials. OSHA cited the facility for non-compliance, emphasizing the importance of maintaining up-to-date safety protocols to protect workers.

Avoidable with the CORE package

OSHA Violation  
Shiningstars Pediatric Dentistry
Washington, DC
Fine: $26,788
Main Violation: Failure to provide Hepatitis B vaccine forms

The employer failed to provide the Hepatitis B vaccine and post-exposure evaluation as required by 29 CFR 1910.1030(f)(1)(i) for employees with occupational exposure to bloodborne pathogens. Workers performing tooth extractions and handling needles were at risk, yet the employer did not ensure vaccination availability. This violation left employees unprotected against potential infections, putting their health at serious risk.

Avoidable with the CORE package

OSHA Violation  
Hanuman Oral Surgery 
Newburg, New York
Fine: $26,000
Main Violation: Failure to provide biomedical waste handling training

The employer failed to provide proper biomedical waste handling training, violating 29 CFR 1910.1030(d)(4)(ii)(C) by not ensuring that contaminated waste receptacles were regularly inspected and decontaminated. Employees assisting with oral surgical procedures and cleaning instruments were exposed to potential infection risks due to improper handling of blood-contaminated trash containers. The lack of training and oversight put workers at risk of exposure to hazardous materials.

Avoidable with the COMPLETE package

OSHA Violation  
PLB Dental  
Pasadena, Texas
Fine: $46,902
Main Violation: Failure to provide HAZCOM training + HAZCOM written plan 

The employer failed to ensure that all employees exposed to formaldehyde participated in a training program as required by 29 CFR 1910.1048(n)(1). At the facility, employees were not trained on the hazards of formaldehyde, and the written HAZCOM plan had not been updated to include new chemicals, leaving employees uninformed about potential risks.

Avoidable with the CORE package

OSHA Violation  
Health East Ambulatory Surgical Center  
Pasadena, Texas
Fine: $68,000
Main Violation: Lack of Bloodborne Pathogen Training

OSHA cited Health East Ambulatory Surgical Center for 10 serious violations concerning BBP hazards, resulting in proposed penalties of $68,000. The violations included failing to counsel an employee who was stuck with a contaminated needle, not conducting timely blood tests, and not providing appropriate post-exposure medication. These lapses indicated inadequate training and protocols for handling BBP exposure incidents.

Key Takeaways

Training is
Critical

Employees must receive regular and comprehensive training on both HIPAA and OSHA requirements

Regular Policy Updates

Ensure all policies, including exposure control plans and HASZCOM plans, are reviewed and updated annually.

Appoint Key Personnel

Designate privacy officials and safety officers to oversee compliance efforts.

Risk
Analysis

Conduct regular risk analysis to identify and address potential vulnerabilites.

Records and Documentation

Maintain thorough documentation of all training, policies, and compliance measures.

The COMPLETE package provides the highest level of protection against compliance violations.

Core

  • 10 Licenses
  • HIPAA Individualized Employee Online Training
  • OSHA Individualized Employee Online Training
  • Certificate of Completion
  • Employee Progress Tracking
  • HazCom Individualized Employee Training
  • Biomedical Waste Plan Builder
  • Exposure Control Plan
  • Written HazCom Plan
  • Employee Onboarding Specialist
  • Dedicated Compliance Manager
  • Mock OSHA Inspection
  • Annual Compliance Tracking Calendar
Sign Up Now

Complete

  • Unlimited Licenses
  • HIPAA Individualized Employee Online Training
  • OSHA Individualized Employee Online Training
  • HazCom Individualized Employee Training
  • Certificate of Completion
  • Employee Progress Tracking
  • Biomedical Waste Plan Builder
  • Exposure Control Plan
  • Written HazCom Plan
  • Employee Onboarding Specialist
  • Dedicated Compliance Manager
  • Mock OSHA Inspection
  • Annual Compliance Tracking Calendar
Sign Up Now

Our combined HIPAA & OSHA compliance program will guide you through the Bloodborne Pathogen Standard, proper labeling and storage, safety procedures, HIPAA Privacy and Security rules, and strategies for controlling protected health information. Each lesson is accompanied by a knowledge assessment.

 

GET A FREE TRIAL
Medical compliance logo
Information contained here are the property of Medical Compliance Certification; and, they may not be reproduced, reused, or appropriated in any way without the express written consent of the owner. Medical Compliance Certification is an independent corporation and is not affiliated with or part of OSHA or HHS.

Disclaimer:- This website is operated by a private third-party provider offering service for a fee. This is a commercial solicitation and advertisement. We are not affiliated with any government authority.