“We’ve had OSHA training. So, yes, we’re HIPAA compliant,” staff members at small dental practices have said to me. The first time I heard it, I was surprised. After that, not so much. The misconception seems all too common.
No doubt these staffers — including some office managers — are as sincere as they are hard-working. But they’re also — how shall I put this? — wrong. OSHA compliance and HIPAA compliance are two very different things.
To be fair, I can sympathize with all that’s involved in working at a busy practice, caring for patients, AND keeping up with government regulations. But compliance with one set of laws — no matter how conscientiously they’re implemented — does NOT ensure compliance with another.
In this blog I’ll explain in a general way the difference between OSHA and HIPAA. And also point out the positive impact regulations have had on our healthcare system overall.
HIPAA & OSHA. So many acronyms. So little time.
To say that training in OSHA is the same as being HIPAA compliant is like a college student claiming, “I’ve studied symbolism in The Great Gatsby and Moby Dick, so of course I know how to solve quadratic equations!”
The Health Insurance Portability and Accountability Act (HIPAA) is a law designed to provide privacy and security standards to protect patients’ medical records and other health information. HIPAA regulations represent a uniform, federal floor of privacy protections for healthcare consumers across the country.
The mission of the Occupational Safety and Health Administration (OSHA) is to “assure safe and healthful working conditions for working men and women by setting and enforcing standards and by providing training, outreach, education and assistance.”
HIPAA deals mainly with safeguarding Protected Health Information in all its forms. In essence, it’s a patient-centered law. OSHA, on the other hand, is all about working conditions. In dental offices, for instance, it regulates, among other things, the ways in which hazardous materials should be handled. The focus of OSHA is worker safety, not the protection of patient information.
Why is healthcare regulation so complex?
In Pharmacy and Therapeutics: A Peer-Reviewed Journal for Managed Care and Hospital Formulary Management, Dr. Robert I. Field addresses the “why” of the myriad regulations in the field of healthcare.
In the article he acknowledges the extent of the complexity, dips into the reasons for it, and recognizes the shortcomings of the system that produced it. But in the end the good doctor concludes, “Despite the complicated and inefficient nature of its oversight, American health care has flourished over the past hundred years. Rather than hindering its progress, the complex system of regulation, for all of its flaws, may actually have served to support and nurture the overall enterprise.”
I like what Dr. Field says. And the perspective he offers is a good one to keep in mind, especially for healthcare professionals grappling with all kinds of regulations. And these days, who in the field isn’t?
To read the complete Pharmacy and Therapeutics article, click here.