federal regulatory training remotely and onsite support



The main purpose of OSHA is to assure safe and healthful working conditions for working men and women by setting and enforcing standards and by providing training.
The Occupational Safety and Health Administration Act of 1970 created the Occupational Safety and Health Administration (OSHA) , which sets and enforces protective workplace safety and health standards.
OSHA covers most private sector employers and employees in all 50 states, the District of Columbia, and other U.S. jurisdictions either directly through Federal OSHA or through an OSHA- approved state plan. State-run health and safety plans must be at least as effective as the Federal OSHA program.
When You Can Sue Your Employer. Under workers' compensation laws, most employees aren't allowed to sue their employer. With workers' comp insurance, you don't have to prove your employer did anything wrong to collect benefits.
OSHA standards fall into four categories: General Industry, Construction, Maritime, and Agriculture. OSHA issues standards for a wide variety of workplace hazards. Where there are no specific OSHA standards, employers must comply with The General Duty Clause, Section 5(a)(1
OSHA inspectors, called compliance safety and health officers, are experienced, well-trained industrial hygienists and safety professionals whose goal is to assure compliance with OSHA requirements and help employers and workers reduce on-the-job hazards and prevent injuries, illnesses, and deaths in the workplace.


The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance. Covered entities (anyone providing treatment, payment, and operations in healthcare) and business associates (anyone who has access to patient information and provides support in treatment, payment, or operations) must meet HIPAA Compliance.
The Health Insurance Portability and Accountability ACT (HIPAA) is designed to help protect American workers and their families with continued health insurance coverage and establish industry-wide guidelines to protect the confidential use of personal healthcare information.
According to HIPAA, if you are belong to the category of “covered entities” or “business associates,” and you handle “protected health information (PHI),” you and your business are required to be HIPAA-compliant. Let’s break this down.
“Covered entities” describes U.S. health plans, health care clearinghouses, and health care providers.
Health Plans :
Examples of health plans include: HMOs Company health plans Health maintenance companies Medicare Medicaid Employers and schools who handle PHI when they enroll employees and students in health plans
Health Care Clearinghouses :
Health care clearinghouses are organizations that collect information from a healthcare entity, process this data in an industry-standard format and deliver it to another entity. Examples of clearinghouses include:
Billing services :
Community health management information system Health Care Providers : “Health care providers” covers a broad range of services, including: Physicians Surgeons Dentists Podiatrists Laboratory technicians Optometrists Hospitals Clinics Nursing homes Pharmacies
Business Associates :
“Business associates” refers to any organization or individual who acts as a vendor or subcontractor with access to PHI. Examples of business associates include: Data transmission providers Data processing firms Data storage or document shredding companies Medical equipment companies Consultants hired for audits, coding reviews, etc. Electronic health information exchanges< Medical transcription services External auditors or accountants
Protected Health Information :
With such a wide range of entities and business associates covered by HIPAA, it’s critically important to know exactly what PHI entails. Any information included in a medical record that can identify an individual and was created and used while providing health care (such as diagnosis or treatment) falls under the category of protected health information.
Is it your responsibility to ensure that your clinic is HIPAA compliant? Is it the doctor’s responsibility? What if you’re the IT guy? Is HIPAA your duty? What if you are just a janitor at a healthcare organization? The answer to all those questions is: every single person who interacts with patient health information in any way must protect it. That means if you:
Talk to patients directly
Give out prescriptions
Take blood pressure
Manage the firewall for a healthcare environment
Manage a database that holds patient data
Encrypt patient data on behalf a provider
you are responsible for HIPAA and HIPAA violations. Employees may individually face charges if patient data is compromised, but that doesn’t mean providers are exempt from making sure the organization is HIPAA compliant.
The HIPAA Privacy Rule focuses on the rights of the individual and their ability to control their protected health information or PHI. It allows practices to use the information for treatment, payment and other required functions, but otherwise it must remain confidential. This is an assurance that the information will be safeguarded from unauthorized disclosure. The Privacy Rule covers the physical security and confidentiality of PHI in all formats including electronic, paper and oral.
The HIPAA Security Rule on the other hand only deals with the protection of ePHI or electronic PHI that is created, received, used, or maintained. Covered entities are required to implement adequate physical, technical and administrative safeguards to protect patient ePHI.
The HIPAA law to protect patient health information is quite well known by personnel in most physician offices. There still remain, however, some questions regarding HIPAA's rules and regulations. Providers who are not up to date with changes in the law risk potential violation that could not only damage a practice's reputation but cause criminal and civil fines.

The Health Insurance Portability and Accountability Act, commonly referred to as HIPAA, was established in 1996 to set national standards for the confidentiality, security, and transmissibility of personal health information.

below some of the more common reasons for HIPAA violation citations:

1. Employees disclosing information – Employees gossiping about patients to friends or coworkers is also a HIPAA violation that can cost a practice a significant fine. Employees must be mindful of their environment, restrict conversations regarding patients to private places, and avoid sharing any patient information with friends and family.

2. Medical records mishandling – Another very common HIPAA violation is the mishandling of patient records. If a practice uses written patient charts or records, a physician or nurse may accidentally leave a chart in the patient's exam room available for another patient to see. Printed medical records must be kept locked away and safe out of the public's view.

3. Lost or Stolen Devices – Theft of PHI (protected health information) through lost or stolen laptops, desktops, smartphones, and other devices that contain patient information can result in HIPAA fines. Mobile devices are the most vulnerable to theft because of their size; therefore, the necessary safeguards should be put into place such as password protected authorization and encryption to access patient-specific information.

4. Texting patient information – Texting patient information such as vital signs or test results is often an easy way that providers can relay information quickly. While it may seem harmless, it is potentially placing patient data in the hands of cyber criminals who could easily access this information. There are new encryption programs that allow confidential information to be safely texted, but both parties must have it installed on their wireless device, which is typically not the case.

5. Social Media - Posting patient photos on social media is a HIPAA violation. While it may seem harmless if a name is not mentioned, someone may recognize the patient and know the doctor's specialty, which is a breach of the patient's privacy. Make sure all employees are aware that the use of social media to share patient information is considered a violation of HIPAA law.

6. Employees illegally accessing patient files - Employees accessing patient information when they are not authorized is another very common HIPAA violation. Whether it is out of curiosity, spite, or as a favor for a relative or friend, this is illegal and can cost a practice substantially. Also, individuals that use or sell PHI for personal gain can be subject to fines and even prison time.

7. Social breaches - An accidental breach of patient information in a social situation is quite common, especially in smaller and more rural areas. Most patients are not aware of HIPAA laws and may make an innocent inquiry to the healthcare provider or clinician at a social setting about their friend who is a patient. While these types of inquiries will happen, it is best to have an appropriate response planned well in advance to reduce the potential of accidentally releasing private patient information.

8. Authorization Requirements - A written consent is required for the use or disclosure of any individual's personal health information that is not used for treatment, payment, healthcare operations, or permitted by the Privacy Rule. If an employee is not sure, it is always best to get prior authorization before releasing any information.

9. Accessing patient information on home computers – Most clinicians use their home computers or laptops after hours from time to time to access patient information to record notes or follow-ups. This could potentially result in a HIPAA violation if the screen is accidentally left on and a family member uses the computer. Make sure your computer and laptop are password protected and keep all mobile devices out of sight to reduce the risk of patient information being accessed or stolen.

10. Lack of training - One of the most common reasons for a HIPAA violation is an employee who is not familiar with HIPAA regulations. Often only managers, administration, and medical staff receive training although, HIPAA requires all employees, volunteers, interns and anyone with access to patient information to be trained. Compliance training is one of the most proactive and easiest ways to avoid a violation.


“CLIA” is the acronym for the Clinical Laboratory Improvement Amendments of 1988. This law requires any facility performing examinations of human specimens (e.g., tissue, blood, urine, etc.) for diagnosis, prevention, or treatment purposes to be certified by the Secretary of the Department of Health and Human Services.
For many Americans, the accuracy of clinical laboratory test results can be a life or death matter. If glucose tests are not performed correctly, a patient could receive an incorrect insulin dose and sustain potentially dangerous consequences. If your cholesterol is high and the laboratory results are reported as normal, you may not receive the care necessary to prevent a heart attack.
According to CLIA law, waived tests are those tests that are determined by CDC or FDA to be so simple that there is little risk of error. Some testing methods for glucose and cholesterol are waived along with pregnancy tests, fecal occult blood tests, some urine tests, etc. Currently, 40 tests have been approved for certificate of waiver (COW) status at CLIA website http://www.fda.gov/cdrh/clia
COW laboratories must enroll in the CLIA program, pay applicable certificate fees biennially, and follow manufacturers’ test instructions
Of the 174,504 laboratories enrolled in CLIA, approximately 93,129 (55%) of these hold a COW.


The rule requires that employers limit workers' exposure to respirable crystalline silica dust, which can become airborne during tasks such as cutting, grinding, drilling, or crushing materials containing crystalline silica such as brick, concrete, stone or mortar. Workers can also be exposed to respirable crystalline silica during operations that involve the use of industrial sand and abrasive blasting with sand. Typical methods to reduce or eliminate dust in the air include wetting down the operation or using local exhaust ventilation. In addition to requirements to limit workers' exposure, the rule requires employers to take other steps to protect workers, such as providing training to workers exposed to respirable crystalline silica and offering medical exams to highly exposed workers.
Employers covered by the construction standard have complied with most requirements of the standard by September 23, 2017 (delayed from June 23, 2017). Employers covered by the general industry and maritime standard must have complied with most requirements of the standard by June 23, 2018.
The rule updates the general industry standards related to hazards from slips, trips and falls, and falls from heights. Among other features, it provides greater flexibility in choosing a fall-protection system, brings general industry scaffold requirements in line with those for construction, adds protections for fixed ladders taller than 24 feet, requires regular inspection of walking-working surfaces, and requires training for employees who use personal fall protection equipment.
The rule took effect in January 2017, but has several delayed compliance dates for certain requirements on fixed ladders and building anchorages used with rope descent systems. As of May 17, 2017, employers are required to provide training on fall hazards for certain employees. For upcoming compliance deadlines on fixed ladder fall protection, inspections of equipment and anchorages, and more, see the timeline.
The rule requires certain employers to electronically submit injury and illness data that they are already required to record on their onsite OSHA Injury and Illness forms. Analysis of this data will enable OSHA to use its enforcement and compliance assistance resources more efficiently.


The medical waste rules do not prohibit anyone from disposing of used syringes by putting them in the regular trash bin or dumpster provided that the sharps are kept in a thick, hard-walled plastic container with a cap or lid. Home, office or institutional generators should always contact their local solid waste authority (may be city or county) to make sure that there are no local ordinances against this practice.(.1202)
The Department does not keep a list of transporters. Those seeking a transporter for their medical waste should see our list of Commercial Medical Waste Treatment Providers and contact one of their offices. They may be able to put you in contact with a transporter in your area.
TMedical waste is defined as “waste generated in the diagnosis, treatment, or immunization of humans or animals”. Since the waste generated at trauma scenes does not fit the definition of medical waste, such waste is exempt from the medical waste rules. Be aware that even though the waste is considered non-medical for the purposes of disposal, the presence of human tissue or body fluids still renders the waste biohazardous and “Universal Precautions” would still apply.
Typically, the only regulated medical waste from funeral homes would be blood and body fluids. Since most funeral homes are connected to a sanitary sewer, this is an appropriate disposal for this waste type. Homes not connected to a sanitary sewer would need to have a holding tank and have the tank pumped periodically with the waste being taken to a public wastewater treatment plant
The medical waste rules do not prohibit a woman from taking possession of her placenta after a birth. Women should consult with their physicians to retain their placentas.
The OSHA standards do not address disposal methods. OSHA Instruction CPL 2-2.44D states "that while OSHA specifies certain features of the regulated waste containers, including appropriate tagging, the ultimate disposal method (landfilling, incineration, and so forth) for medical waste falls under the purview of the state and local regulations”.
The red bag designation with the biohazard symbol is an industry standard used to identify medical waste in the health care workplace. It is not intended to be a designation of how or what types of medical waste are to be treated before final disposal. The biohazard symbol designates waste that is infectious but not necessarily regulated.


Opening Conference Before beginning the actual inspection, the inspector will hold a brief opening conference, in which he will explain why he is there and what he intends to do. If the impetus for the inspection was a complaint, the inspector will give the employer a copy of the complaint after receiving permission to proceed with the inspection. If a programmed inspection is to be conducted, the inspector should ask the employer to provide its SIC Code or to describe the nature of the employer's business. An employer should always confirm that the SIC code the inspector is authorized to inspect (under the state's Planning Guide) matches the employer's actual SIC code.

"Walkaround" At the conclusion of the opening conference, the inspector will proceed to the "walkaround" phase of the inspection. In a programmed inspection, the inspector will want to see all aspects of the employer's operations on the plant floor. In addition, the inspector will be interested in observing the loading and unloading of raw materials, as these activities frequently involve a high risk of exposure. The inspector will take photographs or video tape to document either the presence of what the inspector believes to be a violation or the absence of a violation or condition referenced in a formal employee complaint. The inspector likely will take measurements and may conduct air monitoring.

Employee Interviews
As the inspector proceeds through the workplace, he will conduct employee interviews, usually "over-the-shoulder," unless workplace conditions require otherwise. The inspector will ask about the employee's job duties, level of training, and knowledge and recognition of hazards he faces. Inspectors are trained to interview approximately 10% of the employees, including at least one from each area of the operation. Management may not attend these interviews unless the employee requests management's presence.

Records Review
After getting a feel for the employer's operations, the inspector will want to examine various records, such as OSHA 200 logs for at least the past three years, OSHA 101 forms, and written programs. The inspector is generally entitled to examine any document or program that OSHA regulations require, as long as the documents are within the scope of the inspection. Nevertheless, the inspector is not entitled to examine documents that other regulatory agencies require, such as EPA's SARA logs.

Closing Conference
After conducting the walkaround, employee interviews, and records review, the inspector may conduct a closing conference to inform the employer of violations he noted and for which he expects to propose citations. If the inspector feels that air monitoring is necessary, he will arrange to conduct full shift sampling before the closing conference.

The best way to prepare for an OSHA inspection is to conduct a self-analysis of the employer's safety practices, safety manual, and safety training programs. To do a self-analysis, an employer must have some knowledge of federal and state safety and health requirements. This knowledge can be obtained by hiring a safety manager familiar with OSHA requirements, or by training existing personnel. Training is available through private safety consultants as well as through OSHA.

Employers also should take the following steps to prepare for an OSHA inspection:
Post the required OSHA poster in a conspicuous place where all employees are most likely to see it. Record all work-related illnesses and all qualifying injuries on the OSHA 300 log and have corresponding OSHA 301 forms (or their equivalent) handy. Implement a discipline policy that provides for documenting employee violations of company safety rules (e.g., failure to wear ear plugs in areas where the employer requires hearing protection) in employee files.

Designate and train one or more members of management to deal with OSHA inspections.
Instruct the receptionist to notify the appropriate officials as soon as an OSHA inspector arrives.
There are four types of compliance inspections each conducted for a different reason:
The Complaint Inspection -- occurs after an employee files a formal complaint with OSHA. This is the most common type of inspection.

The Fatality/Accidents Inspection -- occurs after OSHA receives notice from the employer of a workplace fatality or an accident resulting in the hospitalization of three or more employees. OSHA also takes notice of media reports, and will frequently investigate accidents that do not result in any fatalities or hospitalizations. The Programmed Inspection -- an inspection conducted of randomly chosen workplaces determined to be engaged in particularly hazardous types of work according to their Standard Industry Classification (SIC) Codes.

The Imminent Danger Inspection -- occurs when OSHA receives a report that a condition of imminent danger exists at a workplace. This is the least common type of inspection.

When an OSHA inspector attempts to enter an employer's facility to conduct an inspection, the employer should ask the inspector what caused the visit. After determining the type of the inspection, the employer can better decide whether to grant the inspector access to the worksite.


Workplace Violence is any act or threat of intimidation, threats, physical attack, domestic violence or property damage and includes acts of violence committed by State employees, clients, customers, relatives, acquaintances or strangers against State employees in the workplace
Hostile Environment Harassment is unwelcome conduct by an individual against another individual based upon a protected status that is so severe, persistent, or pervasive that it alters the conditions of education (e.g., admission, academic standing, grades, assignment), employment (e.g., hiring, advancement, assignment), participation in a University program or activity (e.g., campus housing) or receipt of legitimately-requested services (e.g., disability accommodations) and creates an environment that a reasonable person in similar circumstances and with similar identities would find hostile, intimidating, offensive or abusive. An isolated incident, unless sufficiently serious, will usually not amount to Hostile Environment Harassment.

If a co-worker or manager does one or more of the following you may be experiencing workplace violence/ harassment… Intimidation
Threats / Multiple Threats (via email, phone contact, in person)
Physical Attacks
Domestic Attacks
Property Damage
Tries to control you- tells you what to do

Reducing Workplace Violence Starts with Understanding the 4 Types In order to mitigate the risk of violence in your workplace, it’s critical for you to understand the four main types of workplace violence that could compromise employee safety.

Criminal intent. The perpetrator has no legitimate relationship to the business or its employees and is usually committing a crime in conjunction with the violence. These crimes can include robbery, shoplifting, trespassing and terrorism.

Client. The perpetrator has a legitimate relationship with the business and becomes violent while being served by the business.

Worker-on-worker. The perpetrator is an employee or past employee who attacks or threatens another employee(s) or past employee(s) in the workplace.

Personal relationship. The perpetrator usually does not have a relationship with the business but has a personal relationship with the intended victim.


Clinical laboratories and facilities performing clinical laboratory testing must apply for and receive both a state registration or license and a federal CLIA certificate. For exceptions and exemptions to this requirement, please refer to the Regulations and Statutes Enforced by LFS webpage.

Instructions on how to apply for a clinical laboratory registration or license and federal CLIA certificate for waived, provider performed microscopy procedures, moderate or high complexity testing are found on the Laboratory Field Services (LFS) Clinical Laboratory Facilities webpage.

The regulatory requirements for staff are clearly defined in 42 CFR 493, and are described based on testing complexity (high and moderate). Text complexity classifications may be located on the FDA website at http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfCLIA/clia.cfm. Staff must be qualified at the level of the highest complexity assay your laboratory performs. There are also several things to consider with regard to test complexity and staff qualifications. It is important to check the test complexity database when implementing new technology or when changing assays for a given analyte (or analytes). Some analytes have assays with different levels of complexity. Automated hemoglobin and glucose are two examples of this; both have waived assays and moderate-complexity assays. Should you be testing using an analyte-specific waived assay and change to a moderate-complexity assay for the same analyte, or if your laboratory only performs waived testing and implements testing with moderate-complexity assays, you must ensure that all levels of staff for moderate-complexity testing (including directors) are qualified. The same applies for change to or implementation of high-complexity assays.

Another recent area of concern is the submission of PT specimens to other laboratories for testing. 41 CFR 483.801 (4) states: “The laboratory must not send PT samples or portions of samples to another laboratory for any analysis which it is certified to perform in its own laboratory. Any laboratory that CMS determines intentionally referred its proficiency testing samples to another laboratory for analysis will have its certification revoked for at least one year.” Intuitively, this makes sense. However, if your laboratory performs testing but sends samples to another laboratory for additional or confirmatory testing, sending PT samples to that other laboratory is considered intentional PT referral and may result in the same certification revocation. Therefore, on your PT documentation you should indicate “Not applicable” for the additional or confirmatory testing.

Performing a mock inspection of your laboratory is a good place to begin to determine if you are compliant with the CLIA regulations. But deficiencies found here (or during a real CLIA inspection) should not only be reviewed and addressed as individual line items; they should also be assessed as a group to determine if your laboratory has a systemic problem. An assumption that Quality programs (or Quality elements) are extras or luxuries is incorrect; they ensure the robustness of the overall performance of your laboratory. Therefore, being successful requires that your establishment embrace a quality culture, from the testing staff up through senior management.

About Our Organization & Services FAQS FAQS

Point of Care Consults has engineered a process that delivers a new way of searching for, learning about, comparing, and applying for your Regulatory Compliance. The entire process has been intentionally engineered to eliminate the conflicts of interest that still riddles and pollutes the traditional saftey model.

Point of Care Consults team has extensive regulatory compliance experience. Our organization serves as a Registered to be able to connect you to the best and most appropriate Requirements

All of the services that Point of care consults has engineered and designed for you are offered complete regulatory services - no matter what your situation is, point of care consults will never take additional costs from you. This is because point of care consults has innovated on the traditional model to provide these services. When you connect with point of care consults, are approved and secure through point of care consults client services.

Superior results for your family, and savings back in your pocket. Independence and technological efficiency to find you the optimal price in the marketplace allows claritylifeins to deliver you superior results. Best Price, Access to All of the Highest Rated Insurance Providers, and Unprecedented Ease of Use and Convenience from Start to Finish. Independence. Efficiency, and claritylifeins. These are what claritylifeins Services was built on, which allows us to systematically deliver the three most crucial aspects of the proper life insurance experience: Price. Suitability. Convenience.

Point of Care Consults Services is currently licensed in Pennsylvania, New Jersey, and Delaware, but is currently in the process of obtaining license in every state.

Fully. Point of Care Consults does not share your personal information with any other organization and uses the most advanced encryption and security software and processes to make sure your utilization of our program, and all of your information, is kept completely confidential.


Any physician's office can pass a CLIA inspection if it is prepared and knows what to expect. Offices that pass an inspection feel a great sense of pride knowing the laboratory meets the same standards of quality as a hospital or clinical laboratory.


Quality control may be defined as a planned system of activities whose purpose is to provide a quality product (FAO Food and Nutrition Paper No. 14/1 Rev 1). QC, often known as quality inspection, consists of carrying out checks at various points in the manufacturing system e.g. net weight, acidity, colour. It was the first formal control mechanism introduced at the start of the last century. Inspection can only segregate good from bad – it cannot by itself improve the quality of a processed product.

Quality assurance may be defined as a planned system of activities whose purpose is to provide assurance that the quality control programme is actually effective.

In contrast to QC, QA looks at the whole process – from purchase of materials, through the manufacturing process, to the point at which the consumer uses the food.

TQM is a set of proactive methods, all of which continuously contribute to improving a food processing enterprise, or indeed any enterprise, and the safety of its products.

Regulatory Compliance FAQs FAQS

Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business processes. Violations of regulatory compliance regulations often result in legal punishment including federal fines.

As the number of rules has increased since the turn of the century, regulatory compliance management has become more prominent in a variety of organizations. The development has even led to the creation of corporate, chief and regulatory compliance officer and compliance manager positions. A primary job function of these roles is to hire employees whose sole focus is to make sure the organization conforms to stringent, complex legal mandates and applicable laws.

Companies that do not follow mandatory regulatory compliance practices face numerous possible repercussions, such as being forced to participate in remediation programs that include on-site compliance audits and inspections by the appropriate regulatory agency. Noncompliant organizations usually face monetary fines and penalties. Brand reputation can also be damaged by companies that experience repeated -- or particularly glaring -- compliance breaches.