top of page
Tooth Nerd Logo Black White_edited.jpg
Tooth Nerd Logo Black White_edited.jpg

<- Back

Massachusetts

Your all-in-one guide for OSHA, HIPAA, Infection Control, Radiation Safety, HR, and State Board CE.

Operate with confidence. This Massachusetts guide explains what’s required and how to keep it organized year after year.

♥️ CE and Compliance Courses for Dental Professionals

Our Services: Tailor-Made Services for Every Need

Give us a try! 

10% off

Use Coupon Code  toothnerd2025

Young woman at a brightly lit conference.jpg

Crafted by clinical risk experts with real-world dental experience — and backed by top-tier friends across the industry.

Patterson-microsite-logo-new.png
dsn-logo.webp
JA Logo.webp
AGD logo.png
maris-list-logo.webp

Federal Compliance Guidelines for Dental Practices

Last Reviewed 10/27/2025

Protecting your team, your patients, and your license starts with knowing the federal standards that every dental practice must meet.
 

Dental practices operate in one of the most regulated environments in healthcare. Federal agencies such as OSHA, HHS, CDC, and the FDA establish national rules that define safe, ethical, and compliant dental care. Whether you’re a single-location practice or a multi-state DSO, these federal frameworks create the foundation upon which all state-specific regulations are built.
 

The five pillars of federal compliance in dentistry are:

  1. OSHA – Workplace Safety and Hazard Communication

  2. HIPAA – Patient Privacy and Data Security

  3. Infection Control – Universal Precautions and CDC Standards

  4. Radiation Safety – ALARA Principles and Equipment Performance

  5. Emergency Preparedness – Response Planning and Team Readiness

 

1. OSHA Compliance in Dental Settings
 

Overview
 

The Occupational Safety and Health Administration (OSHA) sets national standards to protect dental employees from workplace hazards such as bloodborne pathogens, hazardous chemicals, ergonomic injuries, and sharps exposure. Every dental employer must maintain written safety programs, provide training, and document compliance activities.
 

Key Federal Requirements

  • Bloodborne Pathogens Standard (29 CFR 1910.1030):
    Requires an Exposure Control Plan, annual training, use of safer sharps, and free hepatitis B vaccinations.

  • Hazard Communication Standard (29 CFR 1910.1200):
    Mandates a Hazard Communication Plan, Safety Data Sheets (SDS), chemical labeling, and staff training.

  • Personal Protective Equipment (PPE) Standard:
    Employers must assess and provide appropriate PPE—gloves, masks, eyewear, gowns—and train on proper use.

  • Ergonomic and Injury Prevention:
    Practices must identify repetitive strain risks and maintain OSHA injury logs (Form 300).

 

Documentation & Training

  • Written plans (BBP, HazCom, IIPP or Safety Program)

  • Employee exposure incident logs and post-exposure protocols

  • Annual training with proof of attendance

 

Common Pitfalls


Failure to update annual training, missing SDS binders, and outdated exposure control plans are among the top citations in dental OSHA audits.
 

2. HIPAA & Federal Privacy Requirements
 

Overview


The Health Insurance Portability and Accountability Act (HIPAA) is enforced by the U.S. Department of Health and Human Services (HHS) through the Office for Civil Rights (OCR). It safeguards patient information (PHI) in all formats—paper, electronic, and verbal.
 

Key Federal Rules

  • Privacy Rule: Governs how PHI is used and disclosed.

  • Security Rule: Requires technical, physical, and administrative safeguards for ePHI.

  • Breach Notification Rule: Mandates reporting of any unauthorized PHI disclosure.

 

Practice Obligations

  • Maintain written HIPAA policies and procedures

  • Conduct an annual Security Risk Assessment

  • Appoint a Privacy Officer and Security Officer

  • Train all staff upon hire and annually

  • Sign and maintain Business Associate Agreements (BAAs) with vendors

 

Common Pitfalls
 

Improper disposal of records, unsecured computers, weak passwords, and lack of encryption are frequent violations. HHS fines can reach millions of dollars per breach event.
 

3. Infection Control Standards
 

Overview
 

Federal infection control expectations stem from the Centers for Disease Control and Prevention (CDC) and OSHA’s Bloodborne Pathogen Standard. Every dental practice must adhere to the CDC’s Guidelines for Infection Control in Dental Health-Care Settings (2003) and periodic updates.
 

Core Elements

  • Standard Precautions: Treat every patient as potentially infectious.

  • Engineering Controls: Use sharps containers, dental unit waterline management, and sterilization monitoring.

  • Work Practice Controls: Proper hand hygiene, use of PPE, instrument cleaning, sterilization, and safe injection practices.

  • Environmental Cleaning: Disinfect clinical contact surfaces between patients.

 

Documentation & Monitoring

  • Written infection control plan and sterilization logs

  • Weekly spore testing records

  • Waterline monitoring and maintenance

  • Annual infection control training

 

Common Pitfalls- Failure to perform weekly spore testing, improper sterilization packaging, and overlooking dental waterline maintenance.
 

4. Radiation Safety in Dentistry
 

Overview
 

Federal radiation safety oversight is shared by the U.S. Food and Drug Administration (FDA) and the Nuclear Regulatory Commission (NRC). While most operational rules are enforced at the state level, federal standards define how equipment is manufactured, operated, and maintained.
 

Core Federal Standards

  • FDA Performance Standards (21 CFR 1020.30-31): Regulate dental X-ray machine design and radiation output.

  • ALARA Principle (“As Low As Reasonably Achievable”): Minimizes exposure for patients and staff.

  • Operator Protection: Use of lead barriers, dosimeters where required, and safe positioning (6 feet and 90-135° from beam).

  • Equipment Quality Assurance: Regular calibration, maintenance, and testing per manufacturer and state requirements.

 

Documentation & Training

  • Equipment maintenance and inspection logs

  • Radiography technique chart and exposure protocols

  • Annual radiation safety training for all operators

 

Common Pitfalls- Expired equipment registrations, missing QA logs, and inadequate shielding or operator distance awareness.
 

5. Emergency Preparedness & Medical Readiness


Overview
While no single federal law dictates dental emergency preparedness, multiple agencies—OSHA, CDC, ADA, and DHS—establish expectations for medical and workplace emergencies. Every practice must maintain an Emergency Action Plan and ensure staff readiness for both medical and environmental crises.
 

Core Requirements

  • OSHA Emergency Action Plan (29 CFR 1910.38): Procedures for evacuation, reporting fires, and contacting emergency services.

  • Medical Emergencies in Dentistry: Maintain an emergency kit, AED, oxygen tank, and train staff in Basic Life Support (BLS).

  • CDC Guidance: Infection and biohazard response, including pandemic preparedness.

  • Homeland Security (DHS): Encourages all healthcare facilities to have continuity and disaster response plans.

 

Documentation & Training

  • Written Emergency Action Plan and posted evacuation routes

  • Annual mock drills and CPR certification

  • Maintenance logs for emergency medications and AED checks

 

Common Pitfalls- Expired emergency drugs, untrained front desk personnel, and lack of posted emergency numbers.
 

Why Federal Compliance Matters


Federal compliance isn’t just about avoiding penalties—it’s about building a culture of safety, trust, and accountability. A practice that masters federal requirements can more easily meet state-specific laws, pass inspections, and maintain operational integrity across multiple locations.
 

Next Steps for Dental Teams

  • Audit your OSHA, HIPAA, Infection Control, and Radiation Safety programs annually.

  • Document all training and review your written plans.

  • Conduct mock emergencies and incident response drills.

  • Use a centralized compliance platform—like Done Desk or Tooth Nerd Quick Start Programs—to manage documentation, renewals, and training.

 

Protect your practice. Empower your people. Stay compliant.
Explore the Quick Start Compliance Program for ready-to-use OSHA, HIPAA, Infection Control, and Radiation Safety plans built specifically for dental practices.

State Guidelines

Massachusetts-Specific Information


Regulating Bodies


  • Massachusetts Board of Registration in Dentistry (BORID) — oversees dental licensure, scope of practice, continuing education, sedation permits, and professional conduct under M.G.L. Chapter 112, Sections 43–53.

  • Massachusetts Department of Public Health (DPH) — Radiation Control Program — manages registration, inspection, and radiation safety compliance for dental X-ray equipment.

  • Massachusetts Department of Labor Standards (DLS) — State OSHA Plan — operates an OSHA-approved state plan that applies only to public-sector employers. Private dental practices fall under federal OSHA jurisdiction.

  • Executive Office of Labor and Workforce Development (EOLWD) — oversees workplace standards, training, and state-level compliance programs.


Licensing & Continuing Education


  • Dentists: Renew biennially; must complete 40 hours of continuing education each renewal cycle.
    Required CE includes:
    2 hours in Infection Control and Prevention.
    BLS/CPR certification     from an ADA, AMA, or Red Cross-approved provider.
    2 hours in Ethics or Jurisprudence.
    3 hours in Pain Management or Opioid Prescribing     if licensed to prescribe controlled substances.
    CE must be obtained from ADA CERP, AGD PACE, or BORID-approved providers.

  • Dental Hygienists: Renew biennially; required to complete 20 CE hours per cycle, including infection control and CPR.

  • Maintain CE records for at least four years for audit.

  • Reference: 234 CMR 8.00 – Continuing Education Requirements.


Workplace Safety (Federal OSHA / DLS State Plan)


  • Private dental offices in Massachusetts are under federal OSHA jurisdiction.

  • State and municipal dental clinics fall under the DLS State OSHA Plan for public-sector workers.

  • All dental employers must maintain written Exposure Control and Hazard Communication Plans, conduct annual Bloodborne Pathogens and HazCom training, and ensure PPE compliance.

  • Federal OSHA standards (29 CFR 1910.1030 and 1910.1200) apply to all private dental employers.

  • DLS enforces equivalent standards for public-sector entities.


Radiation Safety


  • All dental X-ray units must be registered with the Massachusetts DPH Radiation Control Program.

  • Maintain Quality Assurance (QA) and Quality Control (QC) records, radiation surveys, and operator competency documentation.

  • Dental radiographic equipment is regulated under 105 CMR 120.000 – The Control of Radiation.

  • Only trained and authorized operators may expose dental radiographs.

  • DPH conducts periodic inspections to ensure compliance with shielding, signage, and safety standards.

  • Operators must complete a Board-approved Dental Radiography Certification course prior to use of X-ray equipment.


Infection Control & Patient Safety


  • Massachusetts requires all licensees to follow CDC infection control guidelines and OSHA Bloodborne Pathogens standards.

  • Offices must maintain written sterilization and disinfection protocols.

  • Weekly biological (spore) testing of sterilizers is required, and results must be documented and retained for inspection.

  • Infection-control CE is mandatory for all license renewals.

  • The Board may audit infection-control compliance or CE records during renewal or inspection.

  • Reference: 234 CMR 6.00 – Minimum Standards of Practice.


Emergency Preparedness


  • Dental practices must have emergency equipment, oxygen, and drugs appropriate to the services provided.

  • At least one staff member with current BLS certification must be present during all patient care.

  • Sedation and anesthesia permit holders must maintain ACLS/PALS certification, a written emergency plan, and conduct annual emergency drills.

  • Offices must keep documentation of equipment checks, emergency training, and drills for review by the Board.


Official Resources


  • Massachusetts Board of Registration in Dentistry

  • 234 CMR 6.00 – Minimum Standards of Practice

  • 234 CMR 8.00 – Continuing Education Requirements

  • DPH Radiation Control Program

  • 105 CMR 120.000 – Control of Radiation

  • DLS – Massachusetts OSHA Program

  • Federal OSHA Dentistry Resources

  • CDC Infection Control Guidelines

Get Started

Now that you know everything it's time to get started by training your people and operationalizing excellence with Done Desk! 

Dental Team Training Requirements in Massachusetts


Overview


The Board of Registration in Dentistry (BORID), part of the Massachusetts Department of Public Health (DPH), regulates the licensing, continuing education, and scope of practice for all dental professionals in the Commonwealth.

Dental practices must comply with federal OSHA, HIPAA, CDC infection control guidelines, and Massachusetts radiation safety laws administered by the Radiation Control Program (RCP) under 105 CMR 120.000.

Massachusetts enforces one of the most structured CE systems in the country, with state-specific courses in infection control, ethics, and pain management.


Dentist Training Requirements

Required Training:


  • OSHA Bloodborne Pathogens & Hazard Communication (Annual): Required under 29 CFR 1910.1030 and 1910.1200; must maintain written exposure and hazard communication plans.

  • Infection Control (Annual): Must follow CDC Guidelines for Dental Settings and BORID Policy 05-01 on infection prevention and sterilization standards.

  • Radiation Safety & Equipment Registration: Required under 105 CMR 120.000; all X-ray equipment must be registered, inspected, and maintained with QA/QC documentation.

  • CPR/BLS Certification: Must remain current for license renewal.

  • Continuing Education (CE): Dentists must complete 40 hours of CE every two years, including:
    2 hours – Ethics and Jurisprudence
    2 hours – Infection Control
    3 hours – Opioid Prescribing and Pain Management (if DEA-registered)
    1 hour – Tobacco and Nicotine Cessation CE

  • HIPAA Privacy & Security: Required under 45 CFR 164 for all covered entities managing PHI.


Recommended Training:


  • Risk Management and Documentation.

  • Medical Emergency Preparedness.

  • Team Leadership and Communication.

  • Cybersecurity and Records Protection.


Dental Hygienist Training Requirements

Required Training:


  • OSHA BBP & HazCom (Annual).

  • Infection Control (Annual): Follow CDC and BORID infection-prevention policies.

  • Radiography Certification: Hygienists must complete BORID-approved radiography training and comply with DPH Radiation Control Program requirements.

  • CPR/BLS Certification (Current).

  • CE Requirements: Must complete 20 hours of CE every two years, including:
    Infection Control
    Ethics and Jurisprudence
    Pain Management (if DEA-registered)


Recommended Training:


  • HIPAA Privacy and Security.

  • Ergonomics and Musculoskeletal Health.

  • Patient Education and Communication.

  • Local Anesthesia and Nitrous Oxide CE (if permitted).


Dental Assistant Training Requirements

Required Training:


  • OSHA BBP & HazCom (Annual).

  • Infection Control & Sterilization (Annual).

  • Radiography Certification: Required for assistants who take X-rays; must complete BORID-approved Dental Radiography Course under 244 CMR 5.00 and maintain active certification.

  • CPR/BLS Certification (Current).

  • HIPAA Privacy & Security (Initial + Annual Refresher).


Recommended Training:


  • Expanded Duties Certification: For sealants, polishing, or other procedures under BORID-approved EDDA training.

  • Emergency Preparedness & Fire Safety.

  • Chairside Efficiency & Sterilization QA.

  • Customer Service and Team Communication.


Front Desk & Administrative Staff Training Requirements

Required Training:


  • HIPAA Privacy & Security: Required for anyone with access to PHI.

  • OSHA Awareness Training: Recommended for non-clinical staff in shared workspaces.


Recommended Training:


  • Customer Service and Patient Experience.

  • Insurance and Billing Compliance.

  • Cybersecurity Awareness.

  • Workplace Harassment Prevention.

  • Scheduling & Practice Management Systems.


Operational Best Practices (All Roles)


  • Maintain written OSHA plans: Exposure Control, Hazard Communication, and Emergency Procedures.

  • Conduct weekly biological (spore) testing of sterilizers and maintain documentation.

  • Keep DPH X-ray registration and QA/QC records up to date.

  • Conduct annual emergency drills and review CPR/BLS compliance.

  • Retain all training and CE documentation for at least three renewal cycles for BORID audit readiness.


State References



Stay compliant in Massachusetts with confidence.
Tooth Nerd provides OSHA, HIPAA, Infection Control, and CE training built for Massachusetts dental professionals — online, trackable, and always up to date with Done Desk.

Get Started

Now that you know everything it's time to get started by training your people and operationalizing excellence with Done Desk! 

Home

Contact

support @ Toothnerd.com

Tel. (512) 222-3812

bottom of page