top of page
Tooth Nerd Logo Black White_edited.jpg
Tooth Nerd Logo Black White_edited.jpg

<- Back

Pennsylvania

Your all-in-one guide for OSHA, HIPAA, Infection Control, Radiation Safety, HR, and State Board CE.

Operate with confidence. This Pennsylvania guide explains what’s required and how to keep it organized year after year.

♥️ CE and Compliance Courses for Dental Professionals

Our Services: Tailor-Made Services for Every Need

Give us a try! 

10% off

Use Coupon Code  toothnerd2025

Young woman at a brightly lit conference.jpg

Crafted by clinical risk experts with real-world dental experience — and backed by top-tier friends across the industry.

Patterson-microsite-logo-new.png
dsn-logo.webp
JA Logo.webp
AGD logo.png
maris-list-logo.webp

Federal Compliance Guidelines for Dental Practices

Last Reviewed 10/27/2025

Protecting your team, your patients, and your license starts with knowing the federal standards that every dental practice must meet.
 

Dental practices operate in one of the most regulated environments in healthcare. Federal agencies such as OSHA, HHS, CDC, and the FDA establish national rules that define safe, ethical, and compliant dental care. Whether you’re a single-location practice or a multi-state DSO, these federal frameworks create the foundation upon which all state-specific regulations are built.
 

The five pillars of federal compliance in dentistry are:

  1. OSHA – Workplace Safety and Hazard Communication

  2. HIPAA – Patient Privacy and Data Security

  3. Infection Control – Universal Precautions and CDC Standards

  4. Radiation Safety – ALARA Principles and Equipment Performance

  5. Emergency Preparedness – Response Planning and Team Readiness

 

1. OSHA Compliance in Dental Settings
 

Overview
 

The Occupational Safety and Health Administration (OSHA) sets national standards to protect dental employees from workplace hazards such as bloodborne pathogens, hazardous chemicals, ergonomic injuries, and sharps exposure. Every dental employer must maintain written safety programs, provide training, and document compliance activities.
 

Key Federal Requirements

  • Bloodborne Pathogens Standard (29 CFR 1910.1030):
    Requires an Exposure Control Plan, annual training, use of safer sharps, and free hepatitis B vaccinations.

  • Hazard Communication Standard (29 CFR 1910.1200):
    Mandates a Hazard Communication Plan, Safety Data Sheets (SDS), chemical labeling, and staff training.

  • Personal Protective Equipment (PPE) Standard:
    Employers must assess and provide appropriate PPE—gloves, masks, eyewear, gowns—and train on proper use.

  • Ergonomic and Injury Prevention:
    Practices must identify repetitive strain risks and maintain OSHA injury logs (Form 300).

 

Documentation & Training

  • Written plans (BBP, HazCom, IIPP or Safety Program)

  • Employee exposure incident logs and post-exposure protocols

  • Annual training with proof of attendance

 

Common Pitfalls


Failure to update annual training, missing SDS binders, and outdated exposure control plans are among the top citations in dental OSHA audits.
 

2. HIPAA & Federal Privacy Requirements
 

Overview


The Health Insurance Portability and Accountability Act (HIPAA) is enforced by the U.S. Department of Health and Human Services (HHS) through the Office for Civil Rights (OCR). It safeguards patient information (PHI) in all formats—paper, electronic, and verbal.
 

Key Federal Rules

  • Privacy Rule: Governs how PHI is used and disclosed.

  • Security Rule: Requires technical, physical, and administrative safeguards for ePHI.

  • Breach Notification Rule: Mandates reporting of any unauthorized PHI disclosure.

 

Practice Obligations

  • Maintain written HIPAA policies and procedures

  • Conduct an annual Security Risk Assessment

  • Appoint a Privacy Officer and Security Officer

  • Train all staff upon hire and annually

  • Sign and maintain Business Associate Agreements (BAAs) with vendors

 

Common Pitfalls
 

Improper disposal of records, unsecured computers, weak passwords, and lack of encryption are frequent violations. HHS fines can reach millions of dollars per breach event.
 

3. Infection Control Standards
 

Overview
 

Federal infection control expectations stem from the Centers for Disease Control and Prevention (CDC) and OSHA’s Bloodborne Pathogen Standard. Every dental practice must adhere to the CDC’s Guidelines for Infection Control in Dental Health-Care Settings (2003) and periodic updates.
 

Core Elements

  • Standard Precautions: Treat every patient as potentially infectious.

  • Engineering Controls: Use sharps containers, dental unit waterline management, and sterilization monitoring.

  • Work Practice Controls: Proper hand hygiene, use of PPE, instrument cleaning, sterilization, and safe injection practices.

  • Environmental Cleaning: Disinfect clinical contact surfaces between patients.

 

Documentation & Monitoring

  • Written infection control plan and sterilization logs

  • Weekly spore testing records

  • Waterline monitoring and maintenance

  • Annual infection control training

 

Common Pitfalls- Failure to perform weekly spore testing, improper sterilization packaging, and overlooking dental waterline maintenance.
 

4. Radiation Safety in Dentistry
 

Overview
 

Federal radiation safety oversight is shared by the U.S. Food and Drug Administration (FDA) and the Nuclear Regulatory Commission (NRC). While most operational rules are enforced at the state level, federal standards define how equipment is manufactured, operated, and maintained.
 

Core Federal Standards

  • FDA Performance Standards (21 CFR 1020.30-31): Regulate dental X-ray machine design and radiation output.

  • ALARA Principle (“As Low As Reasonably Achievable”): Minimizes exposure for patients and staff.

  • Operator Protection: Use of lead barriers, dosimeters where required, and safe positioning (6 feet and 90-135° from beam).

  • Equipment Quality Assurance: Regular calibration, maintenance, and testing per manufacturer and state requirements.

 

Documentation & Training

  • Equipment maintenance and inspection logs

  • Radiography technique chart and exposure protocols

  • Annual radiation safety training for all operators

 

Common Pitfalls- Expired equipment registrations, missing QA logs, and inadequate shielding or operator distance awareness.
 

5. Emergency Preparedness & Medical Readiness


Overview
While no single federal law dictates dental emergency preparedness, multiple agencies—OSHA, CDC, ADA, and DHS—establish expectations for medical and workplace emergencies. Every practice must maintain an Emergency Action Plan and ensure staff readiness for both medical and environmental crises.
 

Core Requirements

  • OSHA Emergency Action Plan (29 CFR 1910.38): Procedures for evacuation, reporting fires, and contacting emergency services.

  • Medical Emergencies in Dentistry: Maintain an emergency kit, AED, oxygen tank, and train staff in Basic Life Support (BLS).

  • CDC Guidance: Infection and biohazard response, including pandemic preparedness.

  • Homeland Security (DHS): Encourages all healthcare facilities to have continuity and disaster response plans.

 

Documentation & Training

  • Written Emergency Action Plan and posted evacuation routes

  • Annual mock drills and CPR certification

  • Maintenance logs for emergency medications and AED checks

 

Common Pitfalls- Expired emergency drugs, untrained front desk personnel, and lack of posted emergency numbers.
 

Why Federal Compliance Matters


Federal compliance isn’t just about avoiding penalties—it’s about building a culture of safety, trust, and accountability. A practice that masters federal requirements can more easily meet state-specific laws, pass inspections, and maintain operational integrity across multiple locations.
 

Next Steps for Dental Teams

  • Audit your OSHA, HIPAA, Infection Control, and Radiation Safety programs annually.

  • Document all training and review your written plans.

  • Conduct mock emergencies and incident response drills.

  • Use a centralized compliance platform—like Done Desk or Tooth Nerd Quick Start Programs—to manage documentation, renewals, and training.

 

Protect your practice. Empower your people. Stay compliant.
Explore the Quick Start Compliance Program for ready-to-use OSHA, HIPAA, Infection Control, and Radiation Safety plans built specifically for dental practices.

State Guidelines

Pennsylvania-Specific Information


Regulating Bodies


  • Pennsylvania State Board of Dentistry (PSBD) — regulates licensure, continuing education, anesthesia/sedation permits, infection-control standards, and disciplinary enforcement under the Dental Law (Act 216 of 1933) and 49 Pa. Code Chapter 33.

  • Pennsylvania Department of Environmental Protection (PA DEP) — Bureau of Radiation Protection — manages registration, inspection, and radiation safety compliance for dental X-ray equipment.

  • Federal OSHA — Pennsylvania does not operate a state OSHA plan; all dental employers are under federal OSHA jurisdiction.

  • Pennsylvania Department of Labor & Industry (L&I) — offers workplace safety consultation programs and risk-reduction initiatives.


Licensing & Continuing Education


  • Dentists: Renew biennially (March 31 of odd-numbered years); must complete 30 hours of continuing education per renewal cycle.
    Required CE includes:
    2 hours in Child Abuse Recognition and Reporting (per Act 31).
    2 hours in Opioid Prescribing and Pain Management (for DEA-registered prescribers).
    Infection control and CPR/BLS certification are strongly recommended.
    Anesthesia/Sedation permit holders must complete 4 hours of CE in anesthesia and emergency preparedness.

  • Dental Hygienists: Renew biennially; must complete 20 hours of CE, including infection control and CPR.

  • CE must be obtained from Board-approved providers, ADA CERP, or AGD PACE programs.

  • Licensees must retain CE documentation for at least five years for audit.

  • Reference: 49 Pa. Code §33.401–33.404 – Continuing Education Requirements.


Workplace Safety (Federal OSHA)


  • Pennsylvania dental practices fall under federal OSHA jurisdiction.

  • Employers must maintain written Exposure Control and Hazard Communication Plans, provide annual Bloodborne Pathogens and HazCom training, and ensure PPE use and documentation.

  • Maintain records of employee safety training, post-exposure evaluations, and injury logs.

  • OSHA enforcement is handled through the Philadelphia, Harrisburg, and Pittsburgh Area Offices.

  • The PA Department of L&I offers voluntary workplace safety consultation through its PennSafe Program.


Radiation Safety


  • All dental X-ray equipment must be registered with the PA DEP Bureau of Radiation Protection.

  • Maintain Quality Assurance (QA) and Quality Control (QC) documentation, operator competency verification, and radiation surveys.

  • Radiation safety regulations are codified under 25 Pa. Code Chapter 221 (X-rays, Diagnostic).

  • Only trained and authorized personnel may operate radiographic equipment.

  • DEP inspectors conduct periodic compliance inspections to ensure shielding, exposure control, and machine maintenance standards are met.


Infection Control & Patient Safety


  • Pennsylvania requires dental offices to follow CDC infection control guidelines and OSHA Bloodborne Pathogens standards.

  • Maintain written sterilization and disinfection protocols, PPE requirements, and exposure procedures.

  • Perform weekly biological (spore) testing of sterilizers and retain results.

  • All clinical employees must complete infection-control training at hire and annually thereafter.

  • The Board may audit CE and infection-control compliance during license renewal or disciplinary reviews.


Emergency Preparedness


  • Dental facilities must maintain emergency drugs, oxygen, and equipment appropriate to the services provided.

  • A provider with current BLS certification must be present whenever patients are treated.

  • Sedation and anesthesia permit holders must maintain ACLS or PALS certification, conduct annual mock emergency drills, and maintain written emergency protocols and inspection logs.

  • Compliance is reviewed during sedation permit renewal and complaint investigations.


Official Resources


Get Started

Now that you know everything it's time to get started by training your people and operationalizing excellence with Done Desk! 

Dental Team Training Requirements in Pennsylvania


Overview


Licensure, scope, and CE are administered by the PA State Board of Dentistry. Dental X-ray registration, operator safety, and QA/QC fall under the PA DEP – Bureau of Radiation Protection.

Private practices follow federal OSHA. All dental offices must comply with HIPAA and CDC infection-control guidance. Pennsylvania requires CE for dentists and hygienists, and specific credentialing for assistants who take radiographs or perform expanded functions.


Dentist Training Requirements

Required


  • OSHA Bloodborne Pathogens & Hazard Communication (Annual): Maintain written Exposure Control & HazCom plans; PPE, sharps safety, and post-exposure protocols; document annual training.

  • Infection Control (Annual): Implement CDC-aligned SOPs (sterilization monitoring, DUWL care, hand hygiene, PPE, exposure management).

  • Radiation Safety & X-ray Registration: Register dental X-ray units with PA DEP; maintain QA/QC testing, technique charts, operator instructions, signage, and ALARA practices (25 Pa. Code 221).

  • CPR/BLS (Current): Required for active practice and sedation permit holders.

  • Continuing Education (Biennial): Dentists must complete 30 hours/2 years from Board-approved providers; include ethics/jurisprudence, infection control, medical emergencies; opioid/pain-management CE if DEA-registered.

  • HIPAA Privacy & Security: Workforce training, role-based access, breach response, documentation.


Recommended


  • Risk management & defensible documentation.

  • Medical emergency preparedness (ACLS/PALS for deeper sedation).

  • Leadership, harassment-prevention, and team communication.

  • Cybersecurity for ePHI and ransomware defense.


Dental Hygienist Training Requirements

Required


  • OSHA BBP & HazCom (Annual).

  • Infection Control (Annual) per CDC and Board expectations.

  • Radiography: Hygienists may expose radiographs under dentist supervision; comply with DEP operator-safety rules and facility QA/QC.

  • CPR/BLS (Current).

  • Continuing Education (Biennial): 20 hours/2 years from approved providers; include infection control, ethics/jurisprudence, and patient-safety topics.


Recommended


  • Periodontal instrumentation calibration; local anesthesia/nitrous CE if credentialed.

  • Ergonomics & musculoskeletal injury prevention.

  • HIPAA communications and secure teledentistry.

  • Medical emergency recognition and oxygen basics.


Dental Assistant Training Requirements

Required


  • OSHA BBP & HazCom (Annual).

  • Infection Control & Sterilization (Initial + Annual).

  • Radiography: To take X-rays, assistants must hold a Pennsylvania Dental Radiology Health and Safety (RH&S) certificate (Board-accepted education/competency) and follow DEP operator rules, ALARA, QA logs, technique charts, and required signage.

  • Expanded Functions: To place/restorative materials or perform other advanced tasks, assistants must be Expanded Function Dental Assistants (EFDA) licensed by the SBOD (formal education + exam + license).

  • CPR/BLS (Current).

  • HIPAA Privacy & Security (Initial + periodic refresh).


Recommended


  • Chairside efficiency & four-handed dentistry; instrument processing QA.

  • Emergency drills (fire, chemical spill, medical).

  • Customer service and service recovery.


Front Desk & Administrative Staff Training Requirements

Required


  • HIPAA Privacy & Security: Minimum-necessary access, authorizations/disclosures, release-of-records, breach response; role-based access controls.

  • OSHA Awareness: General safety orientation for non-clinical staff in healthcare settings (especially if they assist near treatment areas).


Recommended


  • Scheduling optimization, confirmation/recall, and broken-appointment workflows.

  • Insurance/billing compliance and financial communications.

  • Cybersecurity basics (phishing, passwords, device security).

  • De-escalation, service recovery, and patient experience.

  • Records retention timelines (state/federal).


Operational Best Practices (All Roles)


  • Keep written plans current: Exposure Control, Hazard Communication (SDS access), Infection Control/Instrument Reprocessing, Post-Exposure, Emergency Action Plan.

  • Sterilizer monitoring: Perform and log weekly biological (spore) tests; document maintenance and load tracking.

  • Radiation QA/QC: Collimation, shielding, performance tests, operator instructions; keep DEP registration and inspection paperwork current.

  • Emergency drills: Document syncope/anaphylaxis/airway scenarios; check oxygen/AED/emergency kit monthly.

  • Maintain a compliance binder with OSHA/HIPAA training, CE, RH&S and EFDA credentials, and QA documents.


State References


  • PA State Board of Dentistry (SBOD) — licensure, CE, scope & EFDA rules

  • PA DEP – Bureau of Radiation Protection (25 Pa. Code 221) — dental X-ray registration & operator rules

  • OSHA Dentistry — BBP (29 CFR 1910.1030), HazCom (1910.1200)

  • CDC Infection Control in Dental Settings

  • HIPAA — Privacy & Security Rules (45 CFR 164)



Make Pennsylvania compliance a checklist, not a chase.
Train your team with Tooth Nerd’s OSHA, HIPAA, Infection Control, Radiation Safety, and role-specific CE — mapped to SBOD and DEP requirements, with automated tracking and certificate management with Done Desk.

Get Started

Now that you know everything it's time to get started by training your people and operationalizing excellence with Done Desk! 

Home

Contact

support @ Toothnerd.com

Tel. (512) 222-3812

bottom of page