August 11, 2023 Navigating the world of workplace safety can sometimes feel like scheduling a dental appointment – necessary but often anxiety-inducing. But just as we prefer our dental check-ups to be cavity-free, our workplace environments should be risk-free. A recent court judgment highlighted that when it comes to voicing concerns, it’s not just about flossing daily but standing up for safety! In Peoria, Dr. Monzer K. Al-Dadah probably thought he was pulling a fast one (and we’re not talking about teeth) when he terminated a dental assistant for raising concerns about coronavirus infection risks. This wasn’t just any dental assistant, mind you, but one with more than two decades of service – perhaps old enough to remember the pre-electric toothbrush days! When Dr. Al-Dadah learned of an anonymous safety complaint to OSHA in March 2020, he tried to ‘drill’ down to identify the whistleblower. Unsuccessful in his detective efforts, he chose to let go of the dental assistant. The assistant filed a complaint with OSHA, showing the resilience of a tooth that refuses to get extracted. Fast forward a bit, and OSHA, acting like the dental hygienist who discovers you’ve been skipping your nightly brush, wasn’t too pleased. They determined a clear breach of whistleblower protections. This led to Dr. Al-Dadah being ordered to cough up $20,000 in back wages – that’s a lot of dental floss! Denise Keller, the OSHA Assistant Regional Administrator in Chicago, summed it up with a reminder that workers should feel as confident voicing concerns about safety as they do showing off those pearly whites after a cleaning, “Employees must be able to exercise their legal rights regarding workplace safety freely and without fear of retaliation.” All in all, just as we’re advised not to be lax with our oral hygiene, it’s clear we shouldn’t be lax about workplace safety either. For those curious about whistleblower protections, OSHA’s Whistleblower Protection Programs webpage is as enlightening as that little mirror your dentist uses. Here at Abyde, while we can’t help with plaque, we’re all in for promoting workplace safety and transparency with a dose of humor! Remember, when it comes to safety, always brush and floss (or voice concerns) daily!
OCR’s COVID-19 Telehealth Enforcement Discretion Transition Period Ends
August 10, 2023 OCR is Turning Up the Heat as their Telehealth Enforcement Discretion is Sizzling Out! Ah, the sweet heat of summer! That particular time when our ice creams seem to have a faster meltdown than our resolutions of getting that “beach body” (for the third year in a row). Speaking of melting, there’s a hot update simmering in the healthcare compliance oven: the OCR’s telehealth enforcement discretion transition period is officially sunsetting. But before you start sweating more than after a midday August jog, let’s fan ourselves with the facts. What’s Cooking? During the pandemic’s peak, the OCR graciously set our minds (and compliance teams) at ease with a relaxed telehealth enforcement period. Because of the implications of the Public Health Emergency, the government loosened the restrictions on telehealth applications to ensure that patients were still receiving the necessary care needed in a practical manner. Unfortunately, like most summer love stories, the enforcement discretion had to come to an end. How Can You Protect From Getting Burned? The sun might be blazing outside, but you don’t have to get scorched. Here’s a simple telehealth-protection formula:
OCR Announces Transition Period for Compliance with HIPAA Rules for Telehealth
April 12, 2023 As of May 12, 2023, a 90-calendar day transition period will be in effect to provide covered healthcare providers with time to come into compliance with the HIPAA Rules in relation to their provision of telehealth. The transition period will expire on August 9, 2023, at 11:59 p.m. During this period, the OCR will continue to exercise its enforcement discretion. It will not impose penalties on covered healthcare providers for noncompliance with the HIPAA Rules that occur in connection with the good faith provision of telehealth. The Notice of Expiration of Certain Notifications of Enforcement Discretion Issued in Response to the COVID-19 Nationwide Public Health Emergency is available at: https://public-inspection.federalregister.gov/2023-07824.pdf – PDF. This notice marks the end of the enforcement discretion period that was put in place by the OCR to support the healthcare sector and the public in responding to the COVID-19 public health emergency. OCR Director Melanie Fontes Rainer has emphasized that the OCR is committed to supporting the use of telehealth by ensuring that healthcare providers can make the necessary changes to their operations privately and securely in compliance with HIPAA Rules. In addition to announcing the transition period, it’s worth noting that the OCR had previously issued four Notifications of Enforcement Discretion in the Federal Register regarding how the HIPAA Rules would be applied to certain violations during the COVID-19 nationwide public health emergency. These notifications and their effective beginning and end dates are: It’s important to note that these notifications will also expire at 11:59 pm on May 11, 2023, due to the expiration of the COVID-19 public health emergency. The OCR will no longer exercise enforcement discretion for violations that occur after this date, which is why the transition period has been put in place to allow covered healthcare providers to make any necessary changes to their operations to ensure they comply with HIPAA Rules when providing telehealth services. Questions regarding HIPAA and OSHA Compliance, please email Abyde at info@abyde.com or call (800) 594-0883
HHS’s Recent HIPAA Guidance on Telehealth and Public Health Emergency Expiration
July 11, 2022 Think you finally got the hang of telehealth? Don’t get too comfy just yet! The OCR recently released guidelines on how covered health care providers and health plans should utilize their remote communication technology to deliver audio-only telehealth services while also complying with HIPAA requirements. Why is Telehealth important? Let’s start at the beginning. Telehealth contributes to increasing a practice’s value and security by expanding access to health care across the nation and providing certain users who have difficulty using audio and video telehealth technologies. When systems are not properly secured, they pose risks to patient safety, health, and data. Cyberattacks and ransomware are extremely common in Telehealth and may quickly create issues that disclose medical information and other sensitive information. As a practice, it is critical and worthwhile to maintain excellent Telehealth especially now a days with the increased funding and resources the OCR has available. OCR Director, Lisa J. Pino, states, “Audio telehealth is an important tool to reach patients in rural communities, individuals with disabilities, and others seeking the convenience of remote options. This guidance explains how the HIPAA Rules permit health care providers and plans to offer audio telehealth while protecting the privacy and security of individuals’ health information.” With the OCR’s Telehealth Notification system possibly being taken down as early as July 15th, 2022, we recommend that practices stay alert and take every precaution by using your friendly, easy to use HIPAA-compliant software (hint Abyde) to assure full compliance today. The first step in remaining alert is to follow the guidance issued by the OCR in response to the recent news that the Telehealth Notification system may be shut down. The guidance below specifies the conditions under which telehealth may be utilized. The HHS is authorizing HIPAA-covered businesses to conduct telehealth and audio-only services using remote communication technology. However, these services must be provided in a private environment to the best of the entity’s abilities, and the individual’s identification must be verified. Even though HIPAA does not apply to audio-only telehealth services delivered through electronic communication methods, when offering telehealth services through mobile devices or applications, practices may face HIPAA compliance issues. Therefore, practices should identify all potential risks and vulnerabilities to PHI confidentiality as part of the risk analysis process prior to the completion of the PHE. Abyde will do anything possible to make sure you’re on top of your compliance game because the OCR may show up at any time! Allow us to guide you through these future changes – from our incredibly simple software to our readily available education, we will be your buddy in ensuring that you are prepared for any obstacles that show up at your door.
North Texas Dental Practice, Fined $15K for OSHA Whistleblower Violations
March 3, 2023 Blow the whistle… No, not like the 2006 Too Short song but OSHA’s Whistleblower Protection Program. Whistleblower protection laws are in place to prevent retaliation against employees who report safety violations, discrimination, or other illegal activities in the workplace. Under the Occupational Safety and Health Administration (OSHA) Whistleblower Protection Program, employees who report such violations are protected from retaliation by their employers. This protection includes not only termination but also other forms of retaliation such as demotion, reduction in pay, or denial of overtime or promotions. Why would a practice retaliate for a complaint received instead of mitigating the risk and working toward a culture of compliance? That is a $15,706 question and unfortunately, Roger and David Bohannan of Roger H. Bohannan DDS Inc. have to answer. While on furlough in early 2020, a dental hygienist and dental assistant at the practice asked what coronavirus safety measures would be in place once patients and employees returned. When the practice did reopen, those two employees were not reinstated simply because they expressed their concerns and cited guidance from the Centers for Disease Control (CDC) and OSHA. Further investigation found that Bohannan Dentristry discriminated against employees for exercising their rights under section 11(c) of the OSH Act which prohibits retaliation by employers against workers who “blow the whistle” by exposing health and safety hazards. In a statement made by an OSHA Regional Administrator in Dallas, Eric S. Harbin, “Like all workers, these two people had every right to speak up without the fear of losing their jobs. We want workers to know that OSHA is here to protect their rights, and we won’t hesitate to exercise our authority when they are violated.” OSHA administers more than 20 whistleblower statutes, with varying time limits for filing. The time frame for filing a complaint begins when the adverse action occurs and is communicated to the employee. There are varying reporting deadlines from 30-180 days specific to each statute. It is important for employees to know that they have rights under the law to report safety violations and other illegal activities without fear of retaliation. Employers have a responsibility to provide a safe and healthy workplace, and OSHA’s Whistleblower Protection Program helps to ensure that employees can speak up when they see something that is not right.