It’s a New Year: Make Sure Compliance Plans are Up-to-Date

Annually reviewing compliance plans is a best practice for ensuring safe, secure and sustainable operations that fully meet regulatory requirements. There is no better time to engage in an annual review than at the start of a new year. Here are four key areas healthcare organizations should examine as part of the effort.

OSHA safety plans. The Occupational Safety and Health Administration (OSHA) requires healthcare organizations to create and maintain a range of worker safety documents that cover topics like minimizing bloodborne pathogen exposure, preventing injury and illness, hazard communication concerning chemicals, and emergency preparedness. Organizations should make sure these plans exist and are up-to-date. A solid review is especially important if there have been operational changes in the past year, such as the introduction of a new treatment, therapy or chemicals. Each plan should detail how the organization meets OSHA requirements and provides proper staff training and education. Plans should be site specific, list who oversees the compliance program and some plans require documentation that the plan has been reviewed and amended where necessary. When crafting and updating safety plans, it can be helpful to use third-party resources, such as a safety plan builder, to ensure documents are thorough and relevant.

Bloodborne pathogens training. OSHA regulations require healthcare organizations to provide training to staff deemed at risk for exposure to bloodborne pathogens. Training should occur as part of orientation and at least annually as a refresher. Supplemental training is required when a staff person assumes a new or modified role that increases exposure risk. Online training modules can be valuable as they are easy to use, always accessible, remain consistently current and can automatically document completed training.

HIPAA policies. Assessing a privacy and security program concerning Protected Health Information (PHI) can be wise to ensure it meets Health Insurance Portability and Accountability Act (HIPAA) requirements. During this review, be sure policies address both paper and electronic communications. For example, does your practice use email, texts or a patient portal to communicate with patients? Policies should detail privacy and security protections associated with these kinds of communications and describe what is—and is not—allowed. Policies should also give a nod to social media—emphasizing that sharing patient information on social media platforms is forbidden.

Expert resources are available

As you review the various aspects of your compliance program, you may see the need to expand training and education to ensure staff are up to speed on what’s new and required for their roles. Let Stericycle’s compliance training expertise go to work for you, click here to access our array of training resources.