It’s Your Call August 2017


Are your new employees providing evidence of baseline TB skin tests upon hire? Should you be testing annually?

The CDC recommends a baseline TB skin test upon hire for healthcare workers and non-healthcare workers who have face to face contact or potential exposures to TB infected patients. There are 2 options for testing: a blood assay, or a two-step TB skin test (not PPD).  Requirements for annual or serial screening are determined by individual state regulations or risk assessment outcomes.

OSHA will enforce the CDC’s recommendation for a baseline TB skin test under the general duty clause. For more information:

To dive a little deeper, the term used for a TB skin test is now TST as defined by the CDC. We probably have all referred to the test as a PPD. PPD actually stands for purified protein derivative (PPD)  which the substance that is injected beneath the skin and drives either a positive or negative reaction.

Explanation of Two Step Skin Test

What is a Boosted Reaction?

In some persons who are infected with M. tuberculosis, the ability to react to tuberculin may wane over time. When given a TST years after infection, these persons may have a false-negative reaction. However, the TST may stimulate the immune system, causing a positive, or boosted reaction to subsequent tests. Giving a second TST after an initial negative TST reaction is called two-step testing.

Why is Two-Step Testing Conducted?

Two-step testing is useful for the initial skin testing of adults who are going to be retested periodically, such as health care workers or nursing home residents. This two-step approach can reduce the likelihood that a boosted reaction to a subsequent TST will be misinterpreted as a recent infection.


Is my office required to do audits?

Yes. The Audit Controls standard § 164.312 (b) requires a covered entity to: “Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.”

The security rule does not state how often audits should be done nor does it identify what data must be gathered. A covered entity must consider its hardware and software technical infrastructure and other factors to determine what is appropriate for the office. Consult an independent IT security firm for assistance.