Handouts and Forms
Handouts and Registration Forms:
Please note: All forms are sample forms only and are a great starting place for you to make forms specific to the needs and circumstances of your own office. If you’re unsure about something, please check with your own lawyer for advice.
Here is a checklist I put together that I think you’ll find helpful to make sure your OSHA program is in good shape: Laney’s OSHA checklist
Here is a checklist from OSAP that is an excellent resource: OSAP checklist
Here are the CDC’s 2016 Summary of Infection Prevention Practices, which include a checklist (Please note: these are not new guidelines…they give information and clarification on some areas of dental office infection control, but do not replace the 2003 Guidelines): CDC 2016 Summary
OSHA Employee Forms
There are various requirements for how long employee records must be kept. For example, employee medical records and Hep B declination forms are supposed to be kept for the term of employment plus 30 years, training records have to be kept for 3 years, etc. For the sake of ease, just keep all OSHA related records indefinitely.
- Employee medical records should be kept separate from the OSHA materials (in order to protect employees’ privacy). Medical records must be kept on every employee who has potential occupational exposure. These medical records can either be maintained on-site by the employer, or off-site at the physician’s office who provides care to that employee. Click here for a sample employee medical record: click here
- If you have an employee who refuses to take a hepatitis B vaccine, have them sign the Hepatitis B declination form and file it in their employee medical record. Click here for Hepatitis B declination form
- If an employee refuses to be tested after a stick injury, this Informed Refusal form is additional documentation that you offered to evaluate the employee after an exposure incident and the employee refused. This form is not required by law: Click here for informed refusal form
OSHA Forms for Sharps evaluations, info, and Stick Injuries
- In the event of a stick, here are the steps to follow (put it on your office fridge so it’s always handy): steps after a stick and stick article
- Here is also a copy of an “Exposure Report”, which must be filled out and presented to the medical doctor performing the post-exposure evaluation. Click Exposure Report
- Here’s information about what to do in the event of exposure to an HIV+ and/or a Hep B+ patient click here for the HIV Post-Exposure Prophylaxis Recommendations and Hepatitis B Post-Exposure Prophylaxis
- According to OSHA’s Needlestick Prevention Act, we are supposed to evaluate any new technology (annually) that could possibly make us safer while performing our duties (ex: safety syringes, disposable scalpels, blunt suture needles, etc.) Everyone with potential exposure should participate in the evaluations; after going over the information, if you don’t feel that it makes you safer, you don’t have to use it. However, you do need to document your decision, and the reasons for your decision, and place it in your OSHA notebook.
Required Plans for Dental Offices:
- This model Hazard Communication Plan is taken directly from OSHA, includes the new Hazard Communication information, and it’s edited to apply only to dentistry. Fill it out and place it with your OSHA materials. There’s a PDF version if you want to print and fill it out: (click for PDF version). Or here’s a version in WORD if you’d like to alter it for your office and print it out: (click for MS WORD version). Also, print out this summary of labels/SDS forms/pictograms and place it with the Hazard Communication Plan: click here
- Model Exposure Control Plan for Dentistry ONLY: The Model Exposure Control Plan is intended to serve as an employer guide to the OSHA Bloodborne Pathogens standard. The standard requires a current exposure control plan. This model is taken from OSHA, but edited to apply only to dentistry. click here to view / print
- This is a Model Exposure Control Plan for any Patient Care Facility, not just dentistry: click here to view / print
- Most dental offices are at low risk for TB transmission. To determine your risk for TB exposure, we are supposed to do a TB Risk Assessment annually. Here are some blank forms, plus an entire program I filled out for you. Choose whichever one you want and place it in your notebook.
- Model TB Infection Control Plan and TB fact sheets. Since we generally are low-risk environments according to the CDC, we are not usually required to have a written TB infection control plan. However, some states ask for this as part of the infection control plan, so here’s a sample one for you to use as necessary, along with fact sheets on TB): click here to print
- Here is a filled out TB risk assessment, plus a written TB plan. Fill in your community’s correct TB numbers, make any other changes as needed, put it in your notebook, and update once a year: TB risk assess and program
- Some states require a needle safety plan to explain how a practice handles sharps. You can use this plan as a sample to design a program specific to your office: click here to print
- Here is a sample risk assessment to use for your office. The risk assessment should be used periodically, or whenever changes are made in your office, to evaluate your procedures related to patients’ private health information: HIPAA risk assessment . This is based upon HIPAA’s security risk assessment tool which can be accessed at the following page: Click here for the link.
- In order to show that we are regularly maintaining our HIPAA program, it’s a good idea to do a monthly risk assessment to ensure that patients’ information is protected as possible. Every month, have a meeting, see if any changes were made, and discuss any changes that need to be discussed. Date the form, and place it in the HIPAA notebook so you can show that you are constantly attending to the program: (click here for HIPAA monthly risk assessment)
- Here’s a sample Notice of Privacy Practices you can configure to use in your office. It has the changes required under the HIPAA Omnibus laws and is available in Word so you can make changes for your office. (click here for Notice of Privacy Practices)
- Here is a sample of a dental Authorization and Medical information release form, which gives you a place to ask patients when and where to leave a message, who to talk to, etc.: HIPAA medical release and authorization.
- If you make non-routine disclosures allowed by law, you don’t have to get patient authorization, you just have to document the disclosure on an Accounting of Disclosure log (examples: reporting a patient with suspected TB to the health department or complying with a subpoena for a patient’s record). Click here for Accounting of Disclosures
- If a breach occurs, and it involves less than 500 people in a single geographic area, a log must be kept and electronically submitted at the end of the year. Here is a Breach Notification log to record the breaches during the year: (click here for Breach Notification Log)
- Here is a business associate agreement that is easy to read and is a great starting place: HIPAA Business Associate Agreement sample (it’s in Word so you can customize it for your office). Take this and check with your liability carrier or lawyer to ensure that this agreement protects your office from liability in the event they cause a breach involving your patients’ information. You want to ensure that they are responsible, financially and otherwise, for notifying patients, HHS, and the local media in the event of a breach, and you want to make sure they have liability insurance so they can cover any losses they cause):
- If you already have agreements in place, here are sample amendments for existing business associate agreements from the ADA and other sources. Hopefully, your office (along with your attorney) can use this language to supplement your existing agreement that can protect you and your interests in your relationships with your business associates. “Business Associate Agreement Amendment” and HIPAA bus assoc agmt
- Here’s a good example you can use for a fax cover sheet that contains private health information: (click for HIPAA Form fax cover sheet)
- Here is an authorization form you can alter for use for any patient whose dental work is paid for by another person (so you can disclose information but still comply with HIPAA requirements).We run into situations all the time where HIPAA prevents us from disclosing information but, for practical reasons, we need to disclose information so we can get paid (examples: moms who bring in college-age kids for dental work and they’re still paying the bill, divorced parents who don’t want the other to get information but they want us to bill them for payment, 40 year olds who are getting their dental work paid for by their parents, etc.) Make it a policy in your office that anyone who has a financial interest in another person gets information and then have them sign this Authorization. If a patient doesn’t like this policy he can pay the bill himself or he can choose to go somewhere else. (Please note that you can’t refuse treatment specifically because a patient refuses to sign an authorization, but you can dismiss a patient for violating office policies, so long as you follow state and federal laws and make sure you don’t “abandon” your patient.) Anyway, it takes us out of the middle and will (hopefully!) help protect us from HIPAA violations.
- We all have work and school excuses we hand to patients; they then choose whether to hand that to their employer. However, if a patient wants you to verify what work was done over the phone, personally, or in writing, this authorization will give you permission from the patient to release the information: click here for Medical Excuse for Patients
- If you use patients’ photos, videos, or xrays in your office for before/after pictures, on your website, on social media, etc., you need a patient authorization in order to use the information. If people are in the background of a picture, or their name is visible on a computer screen, those people will also have to sign an Authorization. Even people who write a testimonial for your website have to sign one! Many offices now have patients sign this as part of their initial paperwork.
- The HIPAA Breach Assessment allows you to analyze a potential breach to determine if a breach has actually occurred: Click here for the HIPAA breach assessment
Miscellaneous Forms and Fact Sheets:
Sample Dismissal Letters:
- Here are some sample letters you can use as guidelines for your own dismissal letters. Please note that copying costs of records depend on state and HIPAA law, so be aware that the costs may vary, but all law agrees that the cost should be pretty much limited to the actual costs of duplication and mailing. Also be aware that you cannot withhold records just because a patient has a balance. Finally, the usual legal stuff… these letters are not comprehensive, they are not representative of every situation, they are not meant to constitute legal advise, blah, blah. Anytime you’re not sure about how to handle a situation, always consult your attorney. Sample Dismissal Letters click here to view / print these samples
- You never have to pay for required posters for your workplace!