Q: What are the key provisions of the Federal Needlestick Safety and Prevention Act?
A: The Federal Needlestick Safety and Prevention Act:
Sets forth in greater detail requirements for employers to identify, evaluate, and implement safety-engineered medical devices.
Requires the maintenance of a sharps injury log
Mandates involvement of non-managerial employees in evaluating safety devices.
Q: Is the law in full effect?
A: In 2002, all medical practices and facilities should be using safety devices whose safety feature is integral to the device.
Q: How will OSHA enforce the Needlestick Safety and Protection Act?
A: As of April 1, 2002, the Joint Commission on the Accreditation of Healthcare Organizations (JCAHO) will require full compliance with the new Bloodborne Pathogen Standard, including the use of safety devices, in order to receive accreditation.
Q: Who must use safety devices?
A: The Act applies to all employers who have employees with reasonably anticipated occupational exposure to blood or other potentially infectious materials (OPIM), including:
Surgery Centers
Medical Clinics
Physician offices
Nursing homes
Home Care/ Home Infusion
Q: Have citations been issued, and which types of facilities have been fined?
A: Since the law was passed, OSHA officials have inspected all types of healthcare facilities, and have issued citations and fines to those not in compliance. This has included hospitals, physician practices, surgery centers and nursing homes.
Q: What fines will OSHA issue if a healthcare facility is cited for noncompliance?
Each citation can lead to a fine of up to $7,000. "Willful" violations can lead to fines as high as $70,000. Failure to use a safety product, such as blunt tipped suture needles where applicable, can lead to multiple citations, which could include:
Failure to document evaluation and use of the safety product in the Exposure Control Plan.
Failure to include involvement of exposed employees in the evaluation and selection of safety products.
Failure to implement safety products.
Q: What if no one on our staff has had a sharps injury?
A: OSHA intends to prevent occupational injuries, exposures and illnesses.
Q: What if a safety-engineered option is not available for a medical device?
A: Employers also must investigate availability of safety devices each year, and document that fact in their Exposure Control Plan. If a safer device is available, but back ordered or delayed, this must be documented. The device must be implemented as soon as it becomes available, and documented.
Q: We have tried safety-engineered devices, and we don't believe they are safer than what we use today. Do we still need to convert to safety products?
A: This judgment will likely be challenged since OSHA has already collected data from across the country demonstrating that safety-engineered devices do effectively reduce needlesticks. Deciding not to use safety devices needs to be based on clinical justifications that are clearly documented in the Exposure Control Plan. In the absence of such clinical evidence, employers are expected to adopt available safety devices.
Q: What if safety-engineered devices are "too costly"?
A: Before passing the Needlestick Act, OSHA conducted an industry-wide cost/benefit analysis and concluded that the use of safety medical devices was beneficial due to the reduction in expenses associated with testing and treating injured healthcare workers. For example, workup and prophylaxis of a high-risk exposure to HIV can cost as much as $3500. Moreover, $500,000 to $1,000,000 may be spent to treat a worker who contracts hepatitis C or HIV.
Q: May we use the safety product for only 'high-risk" situations?
A: No. The Law requires employees to use safety devices in all cases where safer medical devices are available.
Q: Does OSHA publish a list of available safer medical devices?
A: No. OSHA does not approve or endorse any product. It is your responsibility as an employer to determine which engineering controls are appropriate for specific hazards, based on what is appropriate to the specific medical procedures being conducted, what is feasible, and what is commercially available. For more information on blunt sutures, see Advanced Precautions for today's OR.
Q: Does the safety legislation still apply when the physician is both the employer and employee?
A: The BBP standard applies to all workplaces, regardless of size, as not only are the practicing physicians at risk of needlesticks, but also those employees working with them and downstream.
Q: Who must keep a sharps injury log? Does it have to be confidential?
A: If your practice has 10 or more employees, you must maintain a sharps injury log for recording injuries from contaminated sharps. The Sharps Log must detail the injury, the type and brand of device involved in the injury (if known), the department or work area where the exposure occurred, and an explanation of how the incident occurred. The log must protect the confidentiality of the injured employee.
Q: What information do I need to include in my written Exposure Control Plan? How often to I need to update it?
A: In addition to what is already required by the 1991 standard, the revised standard requires the documentation of annual consideration and implementation of appropriate engineering controls, and solicitation of non-managerial workers in evaluating devices. The plan must be reviewed and updated every year.
Q: How does the revision affect states that have their own federally-approved occupational safety and health programs?
A: States with state OSHA programs were required to adopt the revised standard by Oct. 18, 2001. States may choose to implement their own, more stringent standards independently of the Needlestick Act.
Q: Where can I get further information about what is expected of an employer?
A: Employers should read the OSHA Bloodborne Pathogens Standard and the Enforcement Procedures for the Occupational Exposure to Bloodborne Pathogens, which can be obtained at http://www.osha.gov or by phone at 1-800-321-OSHA. The National Institute for Occupational Safety and Health (NIOSH) and the Centers for Disease Control and Prevention (CDC) also have documents related to the prevention of occupational exposure to blood and OPIM.
top of page


The New OSHA Compliance Directive:

Relevance for Surgical Work sites
Physician and Surgeon Responsibility
Liability of Physicians and Surgeons to Citation
Abstract: The Compliance Directive issued by OSHA (DIRECTIVES NUMBER: CPL 2-2.44D), effective November 5, 1999, establishes policies and provides clarification to ensure uniform inspection procedures to enforce the Occupational Exposure to Bloodborne Pathogens Standard. This is a Federal Program Change which applies OSHA-wide; all states are expected to have standards, enforcement policies and procedures which are at least as effective.
Background: On December 6, 1991, OSHA issued its final regulation on occupational exposure to bloodborne pathogens, based on a review of information which showed health care workers face a significant health risk as a result of occupational exposure to blood and other potentially infectious materials which may contain bloodborne pathogens. (Current estimates vary between 590,000 and 800,000 injuries annually.) Bloodborne pathogens include but are not limited to those which cause hepatitis B, AIDS, hepatitis C, Creutzfield-Jacob disease, syphilis, malaria, viral hemorrhagic fever, leptospirosis, brucellosis, babesiosis, arborviral infections, relapsing fever, and HTLV-1. The agency further concluded these hazards can be minimized or eliminated by using a combination of engineering and work practice controls, personal protective clothing and equipment, training and medical surveillance, and signs and labels.
New Technology and Work Practices: In the new Compliance Directive, OSHA clarifies its position regarding the implementation of effective engineering controls to reduce needlesticks and other sharps injuries. Effective engineering controls include the use of safer medical devices to prevent percutaneous injuries before, during, or after use through safer design features. The employer must use engineering and work practice controls to eliminate or minimize occupational exposure. Examples cited include no-hands passing of sharps, blunt suture needles, needleless IV connectors, and self-sheathing or retracting needles or syringes. Significant improvements in technology are most evident in the growing market of safer medical devices. There is now a large body of research and data available to OSHA and the public concerning the effectiveness of these engineering controls. Where engineering controls will reduce employee exposure either by removing, eliminating or isolating the hazard, they must be used.
Training and Education: OSHA does not advocate the use of one particular safer device over another, but expects employers and users to use CDC studies of efficacy, pilot tests by the employer or data available in published studies to choose from available safer devices and implement them. Employers must train and educate employees who use safer devices and work practices to ensure acceptance and proper use. If a combination of engineering and work practice controls used by the employer does not eliminate or minimize exposure, the employer shall be cited for failing to use engineering and work practice controls.
Personal Protective Equipment: The type and amount of PPE must be chosen to protect against contact with blood or other potentially infectious materials based upon the type of exposure and quantity of these substances reasonably anticipated to be encountered during the performance of a task or procedure.
Physicians' and Surgeons' Responsibility: Compliance is required when physician or surgeon is the employer of one or more employee(s) who may have contact with blood or body fluid. Physician or surgeon must control or prevent bloodborne pathogen hazards that expose their employees and/or hospital employees at the hospital in surgery or other invasive procedures. Physician/surgeon practices must have an Exposure Control Plan, identify employees at risk for exposure and provide bloodborne pathogen education at time of employment and annually. Identified employees must be offered hepatitis B vaccination free of charge. Post exposure evaluation and follow up must be provided if an exposure occurs, to include medical evaluation and post exposure prophylaxis if indicated. Required record keeping for education records is 3 years and exposure records is 30 years. While in the hospital, as in the office, physicians and surgeons must use safer devices when they will remove, eliminate or isolate the exposure hazard, use personal protective equipment and safe work practices, and follow the hospital Exposure Control Plan.
Surgeons as Employees or Employers: In the section of : CPL 2-2.44D defining Multi-Employer and Related Worksites (pages 5-7), OSHA states that physicians and healthcare professionals who have established an independent practice may be employers or employees. Physicians who are unincorporated sole proprietors or partners in a bona fide partnership are employers for purposes of the OSH act and may be cited if they if they employ at least one employee (such as a technician or secretary). Such physician-employers may be cited if they create or control bloodborne pathogens hazards that expose employees at hospitals or other sites where they have staff privileges. Physicians may be employed by a hospital or other healthcare facility or may be members of a professional corporation and conduct some of their activities at host employer sites where they have staff privileges. Where professional corporations are the employers of their physician-members, professional corporations may be cited for exposure of its physicians and other workers at a host employer site.


In order to comply with OSHA COMPLIANCE DIRECTIVES NUMBER CPL 2-2.44D, employers who provide surgical and obstetrical services and physicians who use those facilities will need to update their existing exposure control plan, choose and implement effective engineering and work practices from the broadening market of safety devices, and eliminate or minimize occupational exposures.
top of page 


Q. Why the need for a new Compliance Directive?
A. The Occupational Safety and Health Administration (OSHA) issued a revised directive intended to protect healthcare workers from bloodborne pathogens. The directive stressed the importance of annual reviews of employers' bloodborne pathogens programs and the use of safer medical devices and work practices to reduce needlesticks and other injuries from sharp products. The new OSHA directive will help minimize serious health risks faced by workers exposed to blood and other potentially infectious materials (OPIM). Among the risks are human immunodeficiency virus (HIV), hepatitis B and hepatitis C. Hepatitis C virus (HCV) is the most common chronic bloodborne infection in the United States.
Q. What's new about it?
A. OSHA has always required employers to use engineering and work practice controls. The employer now must use engineering and work practice controls that eliminate or minimize occupational exposure. It updates an earlier directive issued in 1992 and reflects the availability of improved devices, better treatment following exposure and OSHA policy interpretation.
Q. What is its function and purpose?
A. The directive guides OSHA's compliance officers in enforcing the standard that covers occupational exposure to bloodborne pathogens and ensures consistent inspection procedures are followed. Effective November 5, 1999, employers, including hospitals and physicians, may be cited for failure to comply with the new directive.
Q. What are the key points of the new OSHA Compliance Directive?
A. The following is a summary of some of the key revisions.
The directive emphasizes the use of effective engineering controls, including safer medical devices such as blunt suture needles, work practices including no-hands passing of sharps in the operating room, administrative controls and personal protective equipment.
Employers must ensure that their annually reviewed Exposure Control Plan reflects consideration and use of commercially available safer medical devices. The plan must document consideration and implementation of appropriate commercially available and effective engineering controls designed to eliminate or minimize exposure, subject to citation.
Employers should rely on relevant evidence in addition to FDA approval to ensure effectiveness of devices designed to prevent exposure to bloodborne pathogens.
Employee acceptance and employee training are required for the engineering control to be effective.
Q. What if my state has its own OSHA regulations?
A. The Compliance Directive applies OSHA-wide. States are to have standards, enforcement policies and procedures at least as complete as federal OSHA.
Q. How are safety devices selected?
A. Each healthcare setting is urged to have its own tailored program that is developed with input and review from workers. In addition, devices should be used and evaluated as part of a comprehensive program of safe work practices, in which workers are trained in certain safety practices.
Q. How effective have exposure prevention programs been?
A. Some institutions have achieved success in reducing injuries by as much as 88 per cent.
Q. How common are sharps injuries?
A. The CDC estimated that there are 600,000 to 800,000 occupational needlestick injuries each year, which could lead to serious or potentially fatal infections such as hepatitis C or HIV, particularly in surgery. The precise number could be higher because needlesticks often go unreported, especially in the OR.
Q. What if safety controls cannot be used?
A. Employers must take advantage of new technological devices and replace risky work practices to eliminate risk of exposure to blood and other infectious materials in the workplace. In instances where it is impossible to use safety controls, OSHA compliance officers will expect employers to have documented why.
Q. How much can OSHA fine, and are multiple violations possible?
A. Employers who do not update their exposure control plans annually and do not use safety devices are in double violation of the standard. Fines range from $7000 to $70,000, with the largest fines assessed against employers who knew about a hazard, knew employees were exposed and purposely chose not to do anything about it (willful violations). Penalties are made on a case-by-case basis.
Q. Which types of employers, other than hospitals, may be liable to citation?
A. The Multi-Employer Work sites section of the new Compliance Directive focuses on physicians in independent practice, employment agencies, personnel services, home health services, and independent contractors. Physicians on staff at hospitals who are not hospital employees may not be cited for exposing themselves to the hazards of bloodborne diseases, however, under the multi-employer guidelines, such physicians or their professional corporations (employers) may be cited if they cause exposure of associates or employees at hospitals, surgicenters or other sites where the surgeons have privileges.
Q. Who is responsible for education?
A. The onus is on the employers to educate personnel to use safety devices correctly and to monitor to ensure compliance with safe use practices. The use of effective training and education is required for employees whenever safer devices are implemented. Interactive training sessions are stressed rather than just the use of films or videos that do not provide the opportunity for discussion with a qualified trainer.
Q. How many inspections does OSHA conduct per year in response to possible violation of the Bloodborne Pathogen Standard (BPS), and how many citations are issued?
A. In fiscal year1999, 34,245 inspections were conducted in all categories; of those, 806 were in the health care setting, and 539 were for violations of the BPS (1910.1030). Total citations for violations of the BPS was 1,026.
Q. How many citations are challenged annually by employers, and what percentage of challenges are successful?
A. Of 806 inspections for BPS violations, 69 were contested. As of April, 2000, no data was available on the outcome of the contested violations.
Q. What is the cost of exposures?
A. Hospitals have reported paying up to $3500 for follow-up, monitoring and testing of an employee with a high risk exposure, and up to $1 million for employees who become infected with HIV on the job. High-risk exposure could lead to hepatitis C, with an 85% chance of developing chronic liver disease with a 75% chance of requiring a liver transplant. (See also Cost of Sharps Injuries).
top of page 
References and resources for information access:
1. To receive a hard copy of the 263 page Compliance Directive, call the OSHA Office of Health Compliance Assistance (202) 693-2190. To download the document, visit the OSHA web site at www.osha.gov.
The directive replaces and updates appendices. It includes the following: examples of committees in health care facilities; sample engineering control evaluation forms; an Internet resource list; a "fill-in-the-blanks" sample exposure control plan; and CDC guidelines pertaining to HIV exposure, control and prevention of hepatitis C, and hepatitis B vaccinations.
2. Advances in Exposure Prevention Vol 5, No 1-2000:1-10. Visit the web site of the International Health Care Worker Safety Research and Resource Center at the University of Virginia: www.med.virginia.edu/~epinet.
3. Visit the Premier Safety Web site at www.premierinc.com/safety
4. Visit www.NAPPSI.org for an extensive list of all classes of safety devices.
top of page