It’s Your Call – April 2023

safety data sheet

OSHA: If our office has the current Safety Data Sheets (SDS) for a product, do we have to keep the old one? No, the old SDS can be discarded if the original formulation is the same. When the formulation is different, the employer must keep both the old and current SDS for 30 years.   […]

HIPAA, PHI, and Law Enforcement in 2023

HIPAA, protected health information (PHI), and law enforcement 2023

When can you share protected health information (PHI) with law enforcement? There are certain circumstances when the law allows you to share PHI. You should always keep the “minimum necessary” rule in mind whenever you are giving out information. New HIPAA rules proposed by Health and Human Services (HHS). On April 11, 2023, the HHS […]

HIPAA and the letter excusing a return to the workplace

HIPAA return to workplace

With the pandemic drawing to a close in May, many employers are requiring their workers to return to the physical workplace. Patients that are afraid that their medical situation makes that return too risky at this time are requesting a letter from the doctor preventing that return.  If the doctor believes this to be valid, […]

It’s Your Call – February 2023

OSHA: Are paper copies of OSHA posters required or can offices display them electronically? Yes, paper copies are required. The 1903.2 Standard also states: “Such notice or notices shall be posted by the employer in each establishment in a conspicuous place or places where notices to employees are customarily posted. Each employer shall take steps […]

Happy HIPAA New Year!

It is a safe bet that the title of this article would come in last place for the “most popular topic” award. The start of a new year is always a good time to reflect and also look ahead and do our best to prepare. Last year, the U.S. Department of Health and Human Services […]

It’s Your Call – December 2022

exit sign

OSHA: How many exit routes are necessary in the workplace? Per OSHA, at least two exit routes must be available for prompt and safe evacuation during an emergency, and these two routes must be located as far away from each other as practical. Single exit routes are permitted when the number of employees, building size, […]

It’s Your Call – November 2022

image that says true or false

HIPAA: True or False: If a practice has a website, a current copy of its HIPAA Notice of Privacy Practices (NPP) must be available there. True. The HIPAA Privacy Rule requires covered entities to post the current version of its NPP at a prominent location on their website. The Office for Civil Rights (OCR) clarified […]

Website Privacy Policies and HIPAA’s Notice of Privacy Practices

If you have spent any time on the Internet, you have been asked what you would like a website to do with its cookies. A cookie is information saved by your web browser. Cookies are like flags that allow a website to recognize and remember your device if you return to that site in the […]

OCR Right Of Access Enforcements – A Message to Dental Practices

OCR logo

The HHS Office for Civil Rights (OCR) recently settled three more investigations in the Right of Access Initiative it started in 2019. All three of the new enforcements involved dental practices, bringing the total number of access initiative enforcements to 41. The enforcements also come with a message directly to all dental practices from the […]

TMC Security Scout on Phishing

security scout doctor compliance

Of all the known cyberattacks that cause a data breach, phishing is the most expensive to remedy. A successful phishing attack most commonly reveals usernames and passwords, which paves the way to the data breach resulting in an average cost of $4.9m for victim organizations worldwide. The costs remain the highest in the healthcare industry […]