OSHA: Audits: Be Proactive or Pay the cost
OSHA audit fines increased as of August 1, 2016. Has your office made the necessary changes to be compliant or did you fail to abate?
If an OSHA inspector pays you a visit, unsafe and unhealthy working conditions that are observed will be shared with you. Thereafter, the Area Director will send a list of citations and proposed penalties by certified mail. The employer must post a copy of the citation at or near the place the violation occurred for 3 days or until the violation is abated, whichever is longer.
The different types of violations and penalties are:
Type of Violation | New Maximum Penalty |
Serious
Other-Than Serious Posting Requirements |
$12,471 per violation |
Failure to Abate | $12,471 per day beyond abatement date |
Willful or Repeated | $124,709 per violation |
Whether you have had a mock audit or an actual OSHA inspection, being proactive is key.
https://www.osha.gov/Publications/fedrites.html
HIPAA: Business Associates Re-Cap
Office of Civil Rights (OCR) has asked for specific information about business associates during this current, Phase 2 audit. Remember, a Business Associate is a person or entity performing certain functions or activities that involve the use or disclosure of protected health information on behalf of, or in services to, a covered entity. Does your facility have a complete list of your business associates and have you updated your agreements with them?
OCR is projecting that Business Associate audits will begin in the fall. Therefore, Covered Entities should have a complete list of their BAs. Some of the elements that OCR has requested includes a primary and secondary point of contact, the contact’s address, phone number, fax, & email, and the BA’s website URL.
A few of the common BAs include: IT companies, shred companies, call reminder companies, collection agencies, transcription services, attorneys/accountants (if receiving phi), claim processors, file hosts such as Dropbox, and electronic prescribing.
Other names that are overlooked include software platforms like Logme In Rescue and email application like Microsoft Outlook. Carefully consider who your Business Associates are and make sure you have agreements in place.