5 Washington Dental Compliance Misconceptions — And Their Risks to Your Office
Don’t unknowingly fall out of compliance or pay for services you may not need. Review the following five common Washington dental compliance myths and misconceptions. Don’t forget to share with everyone in your office responsible for managing compliance!
❌ Myth #1: “In Washington, compliance training must be live/in-person and cannot be online.”
✅ Fact: Though some compliance providers may claim that training must be completed live or in person to be compliant in Washington, this is incorrect. HIPAA, Infection Control, Bloodborne Pathogens, and WISHA do not require live/in-person training.
- Learn more here — including important clarification on BLS/CPR training.
❌ Myth #2: "I need annual on-site visits from a compliance vendor to be compliant."
✅ Fact: No Washington state regulation requires annual vendor visits. Requirements focus on documented training, written policies, and proper procedures — not who delivers them or where. “On-site compliance review” is a vendor service, not a regulatory requirement.
❌ Myth #3: "I have to have a physical, printed OSHA/WISHA binder in my office."
✅ Fact: You are not required to have a physical OSHA/WISHA binder in your office. What you must do, according to WAC 296-800-140, is establish, supervise and enforce an accident prevention program (APP) that is effective in practice.
This could be satisfied with printed materials, but only if those materials — and how you implement them in your office — meet specific requirements. And remember: If your APP — printed or not — has not been reviewed and updated annually or more recently if your office policies have changed, you are not in compliance.
- Learn more here about what it means to implement an APP that is “effective in practice.”
❌ Myth #4: "My office only needs to complete general HIPAA and OSHA/WISHA training each year to be compliant. I know we’re covered because we do this every year."
✅ Fact: In addition to general HIPAA and OSHA/WISHA training, you must also provide training on your office’s specific HIPAA Policies & Procedures and OSHA/WISHA Accident Prevention Program. If office policies or procedures change, you must update relevant plans and re-train your team to remain in compliance. You must also train new employees upon hire — waiting to provide required training puts you at risk of being out of compliance.
- Learn more here about training documentation — including how long you must maintain documentation of HIPAA, infection control and bloodborne pathogens training.
❌ Myth #5: "We don't need to track our vendors — they handle their own HIPAA compliance. If our vendor causes a HIPAA violation, we're not responsible."
✅ Fact: HIPAA (45 CFR § 164.308(b)(1)) requires you to know which vendors access PHI and to have Business Associate Agreements (BAAs) in place with each one, and 45 CFR § 164.530(f) makes clear that if you become aware of a pattern of noncompliance by a business associate and fail to act, you are out of compliance — not just your vendor.
- Learn more here about vendor documentation and see an example of recent enforcement action against Oregon Health & Science University.
ComplyBetter | Dental Compliance from WSDA
If you are looking for an affordable and modern dental compliance service, look no further than ComplyBetter. Created by WSDA, ComplyBetter gives Washington dental offices comprehensive online tools to stay compliant with HIPAA, OSHA/WISHA, infection control, bloodborne pathogens and more. Learn more and get started at complybetter.com, or contact the WSDA + ComplyBetter team directly.
