For more information and resources, please visit, ftc.gov/opa/2009/10/redflags.shtm, www.ftc.gov/redflagsrule, and www.aaoms.org/redflags.

Question: Does OSHA regulate sterilization monitoring logs, medical records or training logs?

Answer: OSHA does not regulate the length of time sterilization monitoring logs must be maintained. Rather, each state has laws governing the length of time the logs must be kept. The law may be a Public Health Code and/or a State Board of Dental Examiners/State Licensing Board mandate. You should check with both your state Public Health Agency and the State Board for specifics.

While OSHA does not mandate sterilization logs, they do regulate the length of time that medical records and training logs (i.e. training, Hep. B vaccination records and injury logs) must be maintained. OSHA's Bloodborne Pathogens Standard 29 CFR 1910.1030 states the following: the employer shall establish and maintain an accurate record for each employee with occupational exposure, in accordance with 29 CFR 1910.1020; the employer shall maintain the records required by paragraph (h) for at least the duration of employment plus 30 years in accordance with 29 CFR 1910.1020. Training records shall be maintained for 3 years from the date on which the training occurred.

This answer was adapted from correspondence with the Organization for Safety and Asepsis Procedures (OSAP). Further information OSHA's Bloodborne Pathogens Standard can be found at www.osha.org. Additional resources on infection control including links to state agencies can be found at www.osap.org.

Question: What can we do if a patient wishes to open a "covered account" and refuses to provide a photo ID or social security number for identification purposes? Also, can we photograph a patient?

Answer: Under the new Red Flag program, if an OMS practice meets the definition of "creditor" and maintains "covered accounts"(defined as any consumer account that permits multiple payments or transactions, or any other account that may pose a reasonably foreseeable risk of identity theft to consumers or businesses), the practice is required to establish reasonable processes and procedures to combat identity theft in connection with these patient accounts. This category may include many health care providers given the common post-services payment they receive for health care services.) If a new patient asks the practice to extend credit, the patient should be willing to provide some form of identification. No business should be expected to extend credit without proper identification, such as a driver's license, and credit references. If the patient has no form of photo ID and the practice is still willing to treat and extend credit, the practice can ask for some other form of identification, like a Social Security card and a recent photograph. If the patient refuses and cannot pay without credit, the practice should follow the same procedures it does with other potential patients who seek treatment but don't have the means to pay for it. With existing accounts, it is assumed the practice already knows and can identify the patient so your identity theft program would include reasonable procedures to protect confidential information, monitor transactions and verify the validity of requests for information like account or ID numbers or change-of-address that can lead to identity theft.

If the practice takes a photograph of a patient, the patient should consent and the practice should treat the photo with the same level of privacy protection as the patient's medical records to deter the theft of the patient's identity from the files of the practice and/or the company that does its billing. Patient photography falls under the purview of HIPAA privacy and state laws. While the Joint Commission and HIPAA do require consent or authorization to use photographs outside the scope of treatment, payment or operations (TPO), if you are using photographs as part of the patient's medical record, it is a good idea to include this in your notice of privacy practices and/or procedural consent forms. Also, HIPAA supports the patient's authority to grant permission, provided no state laws to the contrary exist.

Additional guidance can be found through the following online resources:

1. Fighting Fraud with the Red Flag Rule: A How-To Guide for Business

2. Federal Financial Institutions Examination Council's guidance on online authentication

3. The Red Flag Rule: What Health Care Providers Need to Know About Complying with New Requirements for Fighting Identity Theft

4. The Red Flag Rule Application to the Healthcare Industry

Question: Do you have any suggestions or recommendations for starting a blog?

Answer: Blogs let you communicate directly with your existing patients and potential new patients. However, beware: a posting can, and most likely will, eventually be misinterpreted by a reader. So, your first decision is whether to use a pseudonym or to write a bit more restrictively using your real name, which adds credibility.

You must first decide if you want to blog about:

Medical issues - As an expert in your field, you may be more inclined to use your blog to promote yourself and therefore use your real identity. With a marketing objective, you may choose to post your blog on your practice Web site and/or offer RSS (Really Simple Syndication) feeds so readers can subscribe to your blog.

Personal interests - Gardening, the Yankees, global warming, movie reviews. If you're more interested in sharing recipes, vacation photos, and family updates with friends and family, a private blog may be better.

Either way, post a disclaimer to give you a safety net. For example, here's the author's disclaimer on this response: "I am not licensed, certified, or otherwise legally entitled to practice law. Therefore, where questions of a specific legal nature are involved, appropriate counsel must be sought."

You'll find disclaimers on various medical doctors' blogs, such as a medical advice disclaimer; a financial, legal, and other advice disclaimer; or an information disclaimer. Sophisticated bloggers even include a "terms of use agreement" and/or posting guidelines, which explicitly state responsibilities and expectations. You may also see disclaimers about links to advertisers, age restrictions, indemnifications, and intellectual property right statements. Other legal liability issues include: Defamation, Intellectual property (copyright/trademark), Trade secrets, Right of publicity, Publication of private facts, and Intrusion into seclusion. The Constitution and federal laws, such as copyright law, apply nationwide. However, many laws that affect bloggers - including defamation, reporter shield laws, and privacy laws (within constitutional boundaries) - vary from state to state, so learn your own state's regulations. Keep liability in mind as any person making a publication available to the public would. Note: You'll also enjoy the same freedom of speech and press protections.

You could also blog anonymously. The Supreme Court has repeatedly upheld the First Amendment right to speak anonymously:

"Author is generally free to decide whether or not to disclose his or her true identity. The decision in favor of anonymity may be motivated by fear of economic or official retaliation, by concern about social ostracism, or merely by a desire to preserve as much of one's privacy as possible. Whatever the motivation may be, the interest in having anonymous works enter the marketplace of ideas unquestionably outweighs any public interest in requiring disclosure as a condition of entry. Accordingly, an author's decision to remain anonymous, like other decisions concerning omissions or additions to the content of a publication, is an aspect of the freedom of speech protected by the First Amendment."

This question and answer was adapted and copied with permission from Physicians Practice. Copyright 2009, Physicians Practice, CMPMedica. All rights reserved.

The vaccination efforts are designed to help reduce the impact and spread of novel influenza C and H1N1. Personal protective equipment (PPE) including respiratory protection, gloves, gowns, and eye protection and other strategies such as innovative triage processes, handwashing, disinfection, gloves, vaccination and antiviral drug use are needed to protect frontline workers against nH1N1 Influenza A.

OMSs and their staff should monitor the H1N1 Flu website and state and local health department websites for the latest information. OMSs are encouraged to develop or enhance their practice's contingency response and/or pandemic response plans. The following links will assist you and your staff to prepare for the nH1N1 Influenza A virus and flu season.

Web sites

Flu.gov
CDC H1N1 Flu Clinical and Public Health Guidance
CDC H1N1 Flu Guidelines
CDC Oral Health Infection Control
OSAP.org
AMA-assn.org
ADA.org
WHO.int
AMA-assn.org

Articles/Reports

High-risks group targeted by ACIP to receive H1N1 vaccine first
HHS to electronically collect hospital bed data for H1N1 flu season
CDC To Tap Social Media Tools To Spread H1N1 Flu Virus Information
Respiratory Protection for Healthcare Workers in the Workplace Against Novel H1N1 Influenza A. Report Brief
Swine Flu Could Infect Half of U.S.
MMWR Update: Influenza Activity - United States, April-August 2009

Other Resources

Planning Checklists
Prevention of Swine Influenza A (H1N1) in the Dental Healthcare Setting
OSAP Scripts and other Information for Dental Professionals
CDC Hand Hygiene
CDC Cover Your Cough

Professional Courtesy Webinar-September 16, 2009

This 90-minute webinar was originally held on September 16 and covers the rules for Professional Courtesy and how to implement a LEGAL policy for your practice. Since 2004, Professional Courtesy has been subject to legal regulation under the Federal Stark Rules. Failure to satisfy these rules could subject your practice to denial of claims and stiff penalties. If you missed the webinar, you may still purchase the Audio CD Online.

Professional Courtesy Policy Template (CD-ROM)

Under Stark regulations issued in 2004 and 2007, medical practices may only provide professional courtesy in accordance with a bullet point list of rules. To comply, the courtesy policy also must be in writing and approved by the Practice's governing body. This template furnishes a complete set of Stark compliant policies for the various types of practice entities (corporations, LLCs, sole proprietorships, etc.), together with appropriate adopting resolutions.

Available now in the AAOMS eStore, or call 800-366-6725 to order. Refer to Item Code: PCPT.CD.

• Put the system in writing. All professional cleaning programs should be in writing, especially those for the health care industry to formalize the program and allow for better instruction and supervision.
• Have a "plan of attack." Cleaning is best performed in an orderly fashion. Clean from the top down, from left to right. Floors should always be cleaned last so that contaminants are not spread to other areas of the office.
• Establish a checklist. Checklists should be placed throughout the office. These lists are commonly found behind public restroom doors. With a checklist, every cleaning duty necessary for that particular room is listed, and cleaning professionals check off tasks as they are completed. This clarifies duties and promotes responsibility.
• Wear gloves. In addition to frequently washing hands, wearing clean disposable gloves is critical to infection control. Gloves should be changed after cleaning each room and removed so that hands and fingers never touch soiled glove areas.
• Clean "hot spots." Many areas of an OMS office that are most likely to harbor and spread infection and that should be cleaned and disinfected daily are hot-spot areas such as door handles, light switches, railings, faucet handles, partitions, and dispenser knobs.
• Use microfiber cloths. Studies have shown that microfiber is more effective at reducing bacteria buildup than conventional cleaning cloths and mop heads. They also require less water and cleaning chemicals, which makes them environmentally responsible, too.
• Use color-coded microfiber. Cleaning professionals know exactly which cloth to use for each fixture or cleaning procedure when they use color-coded microfiber cleaning cloths to help stop the spread of infection or contaminants, ie, red microfiber cloths may be used only for cleaning toilets while white may be for counters and sinks.
• Clean and store. All cleaning equipment should be properly cleaned, rinsed, and allowed to air-dry at the end of each workday.
• Select "green" cleaning products. Wherever possible, use certified environmentally preferable cleaning products, tools, and equipment. These products are designed to effectively stop the spread of infection, and have a reduced impact on the health of the user, building users, and the environment.
• Education and application. The best way to prevent the spread of infection is through enhanced education and application. This involves an understanding of how infection and disease are transmitted from one person to another and taking steps to prevent this from happening. Office managers should work closely with their reputable janitorial distributors to select products and develop effective cleaning programs.