Who should be your OSHA and HIPAA compliance officer?

Let’s be honest here; most OSHA and HIPAA healthcare Compliance Officers are chosen because they are the ones on the staff with the most time, and that’s usually the newest people.  While this idea seems logical it can cause a lot of problems in the long run.  There are drawbacks in choosing a compliance officer.

  1. They aren’t familiar with your set-up or your policies and procedures.
  2. They lack training, knowledge, and experience. It takes years for compliance officers to really absorb the laws and understand their duties.
  3. They do not have the authority to change or enforce rules.
  4. They are usually the highest turnover-risk population and may have not yet developed the loyalty to your business that would motivate them to keep an eye on the risks to your employees, your patients, and your practice’s bottom line.

The kind of person who makes the best compliance officer is a steady employee who has some authority and the respect of the owners and the other employees.  A good compliance officer thinks well in a crisis, can multi-task, and delegate when needed.

Who makes the best OSHA Safety Officer?

An OSHA Safety Officer is best chosen from your clinical staff.  If you have a clinical supervisor, he or she would be your best option.  This position already has respect and authority.  They are familiar with the operations of your practice.  If you don’t have a clinical supervisor, choose a senior employee on the clinical side with the respect of your staff.  A nurse or hygienist can make a superior OSHA Officer.

Who makes the best HIPAA Privacy Officer?

If you have an Office Manager or Administrator, they would be the right person for this job.  If you don’t have these positions then choose someone who has skills in absorbing complex ideas, a good overview of your front desk, billing system and records management. Experience with Business Associate Contracts is a must. It also should be someone who has tact and can interact well with your computer IT professionals.

Who makes the best HIPAA Security Officer?

If you have an on-site IT professional(s) you should assign them as the HIPAA Security Officer. This officer will have to work closely with your Privacy Officer. If you use a Business Associate for your computer needs, then your Privacy Officer will have to take on both roles.

And finally, consider assigning a back-up for each officer. They should go through the training at the same time as the primary. (TMC does not charge extra to train two officers at the same time.)