Skip to content

Tips for HIPAA and OSHA Training for Dental Offices

Creating and maintaining a successful dental practice takes work. Attracting and keeping patients, building an efficient staff, and staying aware of the latest trends takes effort. Keeping your dental office compliant with HIPAA and OSHA regulations is another thing to juggle.

HIPAA and OSHA training for dental offices is an essential part of compliance. Ideally, you’d like to have one solution to manage both. Below are five key elements to help you work through your compliance training program.

  1. Train all employees annually
  2. Give the right training to the right employees
  3. Be able to prove the HIPAA and OSHA training was done
  4. Understand the consequences of not staying OSHA compliant
  5. Know the most common HIPAA and OSHA citations and violations

Train All Employees Annually

Annual employee training is crucial in HIPAA and OSHA dental office compliance. OSHA requires new hires to receive the appropriate safety training within ten days of starting their job, while HIPAA requires training within a “reasonable period.” Annual training is important for several reasons. The law can change, requiring employees to be instructed on these changes. There could be a change in how your practice operates, such as adding a new piece of machinery that employees must be trained on. Employees might also need a reminder of best practices to ensure compliance and safety.

Give the Right Training to the Right Employees

OSHA mandates that every practice employee be trained, including full- and part-time. Whether you’re a dentist, dental assistant, part of the administrative staff, or custodian, there are no exceptions.

HIPAA training is mandatory for any employee who comes in contact with patient protected health information (PHI). Both HIPAA and OSHA have specific topics that must be covered during training.

These include:


  • Privacy and Security Overview
  • HIPAA Privacy
  • Business Associates
  • Identifying and Protecting PHI
  • Breach Prevention and Reporting
  • Consequences of a Breach
  • Security Standards
  • Cybersafety
  • Cybercrime Prevention


  • Hazard Communication
  • Bloodborne Pathogens
  • Preventing Slips, Trips, and Falls
  • Electrical Safety
  • Hazardous Materials
  • Industrial Hygiene
  • Emergency Action Plans
  • Exit Plans
  • Safety and Health Programs

Be Able to Prove HIPAA and OSHA Training Was Done

Both HIPAA and OSHA require that training be documented. While HIPAA doesn’t specify how training should be documented, OSHA does. OSHA training records should include the training date, training content, trainer names and qualifications, attendee names, and job titles.

Understand the Consequences of Not Staying Compliant

Training isn’t the only requirement to stay compliant with HIPAA and OSHA, but training must be a foundational piece of your overall compliance strategy.

OSHA citations can be issued if only one employee misses the required training. Fines can range from $0 – $70,000 per citation, depending upon the severity of the violation. Depending upon the part of the regulation that was violated, HIPAA fines can be as high as $1.5 million.

Know the Most Common HIPAA and OSHA Citations and Violations

Citations issued by OSHA can vary widely across industries. Below are five of the most common OSHA citations issued to dentistry offices.

  1. Failure to implement and maintain an exposure control plan
  2. Failure to train and maintain records of training
  3. Failure to supply and use appropriate Personal Protective Equipment (PPE)
  4. Failing to Provide Safety Data Sheets (SDSs)
  5. Failure to adequately implement a Hazard Communication Plan

Listed below are five of the most common HIPAA violations.

  1. Failure to perform a comprehensive risk analysis
  2. Failure to adequately manage security risks
  3. Failure to provide patients access to their health records promptly
  4. Failure to enter into business associate agreements with vendors
  5. Failure to adequately safeguard ePHI on portable devices

Contributed by Compliancy Group

Because there are so many moving parts involved in both HIPAA and OSHA compliance, it helps to have experienced advisors who will show you the right path to take. Your advisors should help you build a system that streamlines the process, reminds you when things need to be done, and keeps records that can stand up to any audit or inspection. Compliance can make your office better overall, instead of being a burden.

Whether you’re starting from scratch or looking to streamline HIPAA and OSHA, Compliancy Group’s software includes everything you need – from employee training to policies and procedures. Give your practice peace of mind. Automate, track, and manage all of your compliance requirements with software. New Member customers save 15% on services.