How to Become OSHA Compliant

Posted by Steve Alder

The summarized way to become OSHA compliant is to establish which OSHA standards apply to your business, conduct a risk assessment to identify threats to safety and health, and abate identified threats as necessary.

What is OSHA Compliance?

OSHA compliance is complying with all applicable workplace standards promulgated by the federal Occupational Safety and Health Administration or an OSHA-approved state plan to promote safe and healthy workplaces. Most businesses are required to comply with “General Industry” standards, but there are separate standards for the agriculture, maritime, and construction industries.

The OSHA standards for General Industry cover everything from safe working surfaces and workplace ventilation to exposure limits for hazardous substances and chemicals. There are also standards governing hazard communication, injury and illness recordkeeping, and workforce training. The failure to comply with any applicable safety, health, or administrative standard is a violation of OSHA.

What Happens if You Violate OSHA?

What happens if you violate OSHA depends on the nature of the violation and its outcome. OSHA has a four-tier penalty structure which, at the lowest level, allows inspectors to cite a business for an OSHA violation and give the business time to abate it. If the reason for the violation is not abated in the stated time – or the violation is more serious in nature – OSHA can impose financial penalties.

How to Become OSHA Compliant - HIPAAJournal.com

If a business willfully neglects to mitigate threats to safety and health to an acceptable level – and a member of the workforce suffers a fatal injury as a result – OSHA can refer the case to the Department of Justice to pursue a criminal conviction. If found guilty, negligent employers and safety managers can be fined up to $1 million and sentenced to up to twenty years in jail.

How to Become OSHA Compliant in More Detail

In the introduction, the way to become OSHA compliant was summarized in three stages. While this is an accurate explanation of how to become OSHA compliant, some businesses may require more details. OSHA recommends a seven step process for businesses in the “General Industry” category to become OSHA compliant which consists of:

Identify Standards that Apply to Most Businesses

These include standards relating to safe working surfaces, workplace ventilation, fire safety, exit routes, and hazard communication. Businesses should read these standards, conduct a risk assessment to ensure the standards are being complied with, and implement measures to correct violations and mitigate threats to workforce safety and health.

Identify Standards that Apply to Your Business

For business in the healthcare industry, standards to consider could include the bloodborne pathogens standard, the ionizing radiation standard, and the exposure to formaldehyde standard. It will also be necessary for businesses in the healthcare industry to familiarize themselves with OSHA’s permissible exposure limits for hazardous substances.

Survey the Workplace for Additional Hazards

All organizations have to comply with OSHA’s General Duty clause which requires employers to provide a work environment free from recognized hazards not otherwise covered by an OSHA standard. In the healthcare industry, this clause would cover activities such as safe patient handling, protection from infectious diseases, and preventing workplace violence.

Develop a Workplace Safety and Health Plan

Becoming OSHA compliant is one thing. Remaining OSHA compliant is another. Therefore businesses need to develop a workplace safety and health plan which schedules frequent inspections, includes a process for members of the workforce to report hazards to safety managers , and delegates the responsibilities for documenting and abating reported hazards.

Train Members of the Workforce

Some OSHA standards require members of the workforce to undergo OSHA training before being exposed to a hazard for the first time, while others require initial training AND annual refresher training – for example, the bloodborne pathogens standard. All workforce training should be documented and retained in the event of a subsequent OSHA inspection.

Recordkeeping, Reporting, and Posting

In addition to the documentation of hazard reports and workforce training, businesses are required to keep records of all workplace injuries and illnesses, submit injury and illness data to OSHA annually, report fatalities and severe injuries, and post copies of citations when issued. Note: some State-approved OSHA Plans have more stringent reporting requirements.

Ask for Compliance Assistance when Necessary

The final step in the process to become OSHA compliant is to ask for help if you need it. There are multiple resources on the Help pages of OSHA’s website and third party resources that can help businesses become OSHA compliant. Alternatively, you can call your local OSHA Office to see if your business qualifies for a free onsite consultation.

Related Content

What is OSHA Certification?

Why is OSHA Necessary?

What does OSHA Regulate?

OSHA and HIPAA Compliance

How Can You File a Report with OSHA

The post How to Become OSHA Compliant appeared first on HIPAA Journal.

What is Healthcare Compliance Tracking Software?

Posted by Steve Alder

Healthcare compliance tracking software is a tool that helps healthcare organizations keep compliance programs on schedule by automating the management of activities such as risk assessments, policy and procedure reviews, workforce training, and incident management. When used effectively, healthcare compliance tracking software can help organizations avoid legal risks, better protect the privacy and security of health information, and improve the quality of patient care.

Healthcare organizations have a lot of regulations and standards to comply with. Not only are most healthcare organizations required to comply with HIPAA, OSHA, and FDA regulations, but they might also have to meet CMS’ conditions for participation in Medicare, the voluntary standards for Joint Commission accreditation, and industry-specific or role-specific state licensing requirements.

In addition, if a healthcare organization operates in a state that has passed a data privacy law that does not exempt HIPAA covered entities and business associates, there may be occasions in which a provision of a state data privacy law preempts a provision of HIPAA – notwithstanding that some states exempt Protected Health Information, but not other types of identifiable information.

As a consequence of multiple regulations and standards, it is often difficult to keep on top of compliance activities. Even the best planned health compliance programs can be thrown off-schedule by an unforeseen event  – for example, the recent guidance that using tracking technologies on user-authenticated healthcare web pages could be a HIPAA violation.

How Healthcare Compliance Tracking Software can Keep Programs on Schedule

Healthcare compliance tracking software works by tracking program initiatives and activities to alert compliance teams when risk assessments are due for review, when policies and procedures need revising, and when workforce training needs to be provided or repeated – or, in the case of a security awareness training program, when the program needs to be updated to reflect emerging threats.

The same capabilities can be configured to manage Business Associate Agreements and the retention of compliance documentation, and to produce reports for upper management to show the value of investing in healthcare compliance tracking software. In some cases, the value of the investment can be that it is possible to demonstrate a good faith effort to comply with regulations and standards.

Thereafter – depending on the compatibility of the software with an existing IT infrastructure – healthcare compliance tracking software can be used to manage incident responses (i.e., compliance with the HIPAA Breach Notification Rule) or ensure corrective action plans remain on schedule to avoid an extension of the plan or a civil financial penalty for failing to comply with the plan.

The Benefits of Tracking Compliance Activities with Automation

The primary benefit of tracking compliance activities with automation is that healthcare compliance tracking software reduces the likelihood of human error due to an oversight or misinterpretation of a compliance activity. This reduces the likelihood of non-compliance and the consequences of non-compliance such as remedial action, legal risks, and financial costs (both direct and indirect costs).

In addition, by mitigating the risk that compliance activities will fall behind schedule, healthcare compliance tracking software helps better protect the privacy and security of health information. The benefit of this is that, when patients believe their health information will remain confidential, they are more likely to share details of their health conditions with healthcare providers.

With more information available to them, healthcare providers can make better informed decisions about diagnoses and treatment plans, which improves the quality of patient care and leads to better patient outcomes. Better patient outcomes not only reduce healthcare costs, but can improve staff morale and retention – saving healthcare organizations staff recruitment and training costs.

The above is just a snapshot of the capabilities and benefits of healthcare compliance tracking software. If you would like to know more about tracking compliance activities with automation, or developing a compliance program that accounts for the variety of regulations and standards, it is advisable to speak with a healthcare compliance expert.

The post What is Healthcare Compliance Tracking Software? appeared first on HIPAA Journal.