I. Introduction

In my experience consulting with various legal professionals about opening a medical spa, aesthetic center, plastic surgery clinic, or wellness center, I’ve come to realize that the process is like peeling back the layers of an onion. Each conversation uncovers a new aspect I hadn’t considered before. Starting a medical spa comes with considerable potential for profit and growth, but it’s no simple task. It requires a blend of careful legal consideration, strategic financial planning, innovative marketing, and much more. Therefore, I’ve compiled this in-depth guide that sheds light on many of these legal complexities, bridging the gap between legal jargon and practical knowledge.

II. Finance

1. Business Structure

Certainly, the structure you choose for your medical spa business plays a crucial role in determining the taxes you pay and the personal liability you face.

  1. Sole Proprietorship: If you operate your business as a sole proprietorship, it means you are the only owner and are personally liable for the business’s debts and obligations. From a tax perspective, profits or losses of the business are reported on your personal income tax return.
  2. Partnership: A partnership is a single business where two or more people share ownership. Each partner contributes to all aspects of the business, including money, property, labor or skill. In return, each partner shares in the profits and losses of the business. Like a sole proprietorship, personal liability is typically not protected in a partnership.
  3. Corporation (C Corp): A corporation is an independent legal entity owned by shareholders, which protects the owners from personal liability. However, it requires more regulations and tax requirements than a partnership or sole proprietorship. Profits are taxed at the corporate level, and any dividends distributed to shareholders are taxed at the individual level.
  4. S Corporation (S Corp): An S corporation is designed to avoid the double taxation drawback of regular C corps. S corps allow profits, and some losses, to be passed directly to owners’ personal income without ever being subject to corporate tax rates. There are certain restrictions on S corps, including that they must have fewer than 100 shareholders, and all shareholders must be U.S. citizens.
  5. Limited Liability Company (LLC): An LLC provides the liability protection of a corporation with the tax advantages and flexibility of a partnership. Owners, who are called members, are not personally responsible for the company’s debts. If the LLC has more than one owner, the profits and losses can be allocated among the members differently than their ownership percentages, which can be a benefit.

2. Incorporation Documents

When forming a corporation (C Corp or S Corp), specific documents must be prepared and filed:

  1. Articles of Incorporation: This is a document that’s filed with the state to establish the creation of a new corporation. It includes important information like the corporation’s name, street address, agent for service of process, and the number and type of shares of stock the corporation is authorized to issue.
  2. Bylaws: This document sets out the internal rules of the corporation, such as how directors are elected, when and how shareholder meetings are held, and the duties and powers of the corporation’s officers.
  3. Tax ID Number: Also known as the Employer Identification Number (EIN), this is required for corporations and must be obtained from the IRS. It’s used to identify the corporation for tax purposes.

3. Difference Between PLLC and LLC

A Professional Limited Liability Company (PLLC) is a type of LLC that’s designed for licensed professionals, like doctors, lawyers, architects, or accountants. Some states require that if you’re in a licensed profession and want to form an LLC, you must form a PLLC.

The primary difference between an LLC and a PLLC is that the PLLC has some restrictions on who may be a member of the PLLC and the limitation of professional liability. In a PLLC, each member is personally protected from the malpractice of other members, but not their own malpractice. An LLC provides limited liability for all members.

4. Tax Compliance

Beyond selecting a business structure for tax purposes, ensure you understand your responsibilities for sales tax, payroll tax, and income tax.

5. Debt and Financing

If you plan to take on debt or seek outside investment, familiarize yourself with the legal aspects of business loans, security interests, and investment agreements.

6. Franchise Laws

If you’re considering joining a franchise or eventually franchising your spa, you’ll need to familiarize yourself with federal and state franchise laws.

7. Legal Agreements

This can include business partnership agreements, vendor contracts, or lease agreements. Each should be reviewed by a lawyer.

III. State-Specific Laws

Many legal considerations will vary by state. This could include labor laws, business laws, healthcare regulations, and more. Understand your obligations under the specific laws in your state.

1. Supervision requirement

There’s considerable variability in the state-specific laws that govern medical spa operations, including who can inject Botox and under what level of supervision. I’ll give examples from a few states to illustrate, but note that this is not exhaustive. Always consult with a healthcare attorney familiar with the laws of your state when setting up a medical spa.

California: Physicians may inject Botox, or they may direct registered nurses or physician assistants to perform the injection under their supervision. No unlicensed persons, such as medical assistants, may inject Botox.

Texas: Physicians, NP, PA and RN may inject Botox. By law, estheticians and cosmetologists can only perform injections, including Botox, under the authority of a physician.

Florida: Under Florida law, a medical spa that is not the doctor’s primary office, a Nurse Practitioner (ARNP or NP) or Physician Assistant (PA) can ONLY be supervised by a board certified dermatologist or plastic surgeon.

These examples demonstrate the variability from state to state. It’s essential to become familiar with the specific regulations in your own state to ensure that your medical spa operates within the law. Keep in mind, state laws frequently change.

2. Foreign Qualification

Foreign qualification is the process of registering your business to do business in a state other than the one where you originally incorporated. If you plan to extend your medical spa business to e-commerce or to serve clients in other states, you may need to foreign qualify your business.

The process involves a few key steps:

Determine the need: Depending on the nature of your business activities in the other state(s), you may or may not need to foreign qualify. Activities that typically trigger this requirement include having a physical presence in the state, having employees in the state, or accepting large orders from the state.

File the necessary paperwork: This typically includes a Certificate of Authority or similar document, which you can obtain from the Secretary of State’s office in the state you want to register.

Maintain compliance: Once registered, you will have ongoing responsibilities such as filing annual reports and paying any relevant taxes in the state.

IV. Licenses and Permits

Ensure you have all the necessary local, state, and federal licenses and permits. This may include a local business license in your city, resale permit, Employer Identification Number (EIN), and any healthcare-specific licenses.

1. Zoning Laws

Confirm that your location complies with local zoning laws for a healthcare facility. When choosing a location, consider accessibility, visibility, local competition, and the demographic of the surrounding area. Ensure the premises meet health department standards and are suitable for the delivery of medical services. Depending on your city, you may need a certificate of occupancy or even a building permit.

2. Environmental Laws

Depending on the types of treatments you offer, you may need to consider how you handle and dispose of medical waste or other environmentally hazardous materials. Medical spas generate biomedical waste, the disposal of which is regulated by federal and state laws. Proper handling, storage, and disposal are crucial.

3. Accessibility Laws

Ensure your facility complies with laws related to accessibility for individuals with disabilities, such as the Americans with Disabilities Act (ADA).

V. Corporate Practice of Medicine (CPOM):

The Corporate Practice of Medicine (CPOM) doctrine is a legal principle applicable in some states that stipulates that a corporation cannot practice medicine or employ a physician to provide medical services. It is based on the idea that medical decisions should be made by licensed professionals who are driven by patient needs, not by business entities driven by profit.

CPOM Implications:

In the context of a medical spa, the CPOM doctrine, if enforced by the state, would prohibit non-physician ownership. That is, non-physicians would not be allowed to have an ownership stake or controlling interest in the medical spa, or make medical decisions. 

This doctrine can be enforced to varying degrees. In some states, like California, Texas, and New York, the doctrine is strictly enforced. These states generally require a physician to own and control a certain percentage of the business. In other states, the doctrine is loosely enforced or not enforced at all.

CPOM Workarounds:

In states where the CPOM is strictly enforced, various “workarounds” have been developed to allow non-physicians to be involved in the ownership and operation of a medical spa. These include:

1. Management Services Organization (MSO):

A Management Services Organization (MSO) is a legal structure used in healthcare settings that separates the medical services, which must be provided by a licensed professional, from the administrative and managerial services of the organization, which do not require a medical license.

In an MSO model, a separate entity is created to manage the business or administrative aspects of a medical practice. This might include handling billing, marketing, HR, leasing or purchasing equipment, maintaining facilities, and more. Meanwhile, the medical aspects of the practice, such as patient care decisions, remain under the control of licensed physicians.

For instance, a dermatologist might form an MSO with a business partner who has no medical license. The business partner can’t own a share of the medical practice, per the CPOM doctrine, but they can own and operate the MSO. The MSO charges the medical practice for its services via a management fee.

Although the MSO model provides a way to involve non-physician owners in a medical practice, it’s important to structure it correctly to avoid violating CPOM laws. The MSO cannot exert control over medical decisions and the payment structure must not be seen as a way to divide medical revenues with non-physicians.

2. Friendly Physician Arrangements:

A “friendly physician” arrangement is another approach to involving non-physician investors in a medical practice. In this model, a physician serves as the nominal owner of the practice and enters into an agreement with the non-physician investors.

Non-physician investors might control the business aspects of the practice, such as marketing and finance, while the physician retains control of the medical decisions. In essence, the physician “rents” their medical license to the practice.

The legal risks associated with friendly physician arrangements are significant. If the physician is merely a figurehead and non-physicians effectively control the medical practice, it can be seen as a violation of CPOM laws. Additionally, the physician in this arrangement might be putting their medical license at risk.

In both MSO and friendly physician arrangements, it’s crucial to ensure that the line between medical and business decisions is clearly drawn and maintained. Non-physicians should not exert influence over medical decisions, and compensation agreements should be carefully constructed to avoid the appearance of splitting medical fees with non-physicians.

The CPOM doctrine is a complex and often misunderstood area of healthcare law, and navigating it requires specialized legal expertise. However, with the right guidance, it is certainly possible to establish and run a successful and compliant medical spa business.

VI. Compliance with Healthcare Laws:

1. HIPAA and Patient Privacy:

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects sensitive patient health information from being disclosed without the patient’s consent or knowledge. Covered entities under HIPAA include healthcare providers, health plans, and healthcare clearinghouses.

HIPAA provides patients with significant rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections. Moreover, it establishes limits on the use and release of health records and gives patients the right to find out how their health information may be used.

For a medical spa, this means you must ensure all patient information is stored securely and can only be accessed by authorized individuals. This includes not only medical records but also billing information and any other identifiable information collected from patients. Furthermore, any third parties you work with must also comply with HIPAA regulations, and you may need to have Business Associate Agreements in place to ensure they do so.

When communicating with patients via email or other digital methods, it’s essential to ensure these communications are secure and HIPAA-compliant in digital communication.

2. Stark Law:

The Stark Law, also known as the Physician Self-Referral Law, prohibits physicians from referring patients to receive “designated health services” payable by Medicare or Medicaid from entities with which the physician or an immediate family member has a financial relationship, unless an exception applies.

Financial relationships can include ownership or investment interests in the entity, or compensation arrangements between the physician (or an immediate family member) and the entity. The law is intended to prevent conflicts of interest in patient referrals.

If a medical spa offers services payable by Medicare or Medicaid and physicians have a financial relationship with the spa, it would need to ensure it falls within an exception to the Stark Law.

3. Anti-Kickback Statute:

The Anti-Kickback Statute makes it a criminal offense to knowingly and willfully offer, pay, solicit, or receive any remuneration to induce or reward referrals of items or services reimbursable by Federal health care programs. This includes any form of kickback, bribe, or rebate.

In practical terms, this means that a medical spa cannot offer anything of value (cash, gifts, services, etc.) in return for a referral of a patient who is a beneficiary of a federal healthcare program. It also cannot accept anything of value in return for making such a referral.

There are some “safe harbors” that protect certain payment and business practices that could otherwise technically violate the statute. Understanding and complying with the Anti-Kickback Statute can be complex, so it’s recommended to consult with a healthcare attorney to ensure compliance.

Remember, these are just summaries and there are many details and exceptions to these laws. Non-compliance can result in significant fines, penalties, and even criminal prosecution..

VII. Advertising Laws:

Certainly. Marketing and advertising are crucial to the success of any business, including a medical spa. However, healthcare providers are subject to additional regulations compared to other industries. Here’s a rundown of some key legal considerations in advertising a medical spa:

1. Truth in Advertising:

At the federal level, the Federal Trade Commission (FTC) requires that all advertising be truthful, not deceptive, and backed by evidence when necessary. This applies to all forms of media, including print, online, mail, TV, and radio. For medical spas, this means being careful with claims about the effectiveness of treatments. Any statement made about results, benefits, or safety must be supported by solid scientific evidence.

2. State Regulations:

In addition to FTC regulations, each state may have its own regulations about healthcare advertising. Some states may have specific rules about advertising medical or cosmetic procedures. For instance, California law prohibits health care practitioners from making false or misleading statements about their services.

3. Medical Ethics:

Various professional bodies, such as the American Medical Association, have guidelines regarding advertising. They generally stipulate that medical advertising must not be misleading or deceptive and should be in the best interest of the public.

4. HIPAA and Patient Privacy:

HIPAA not only protects patient data in the medical setting but also in marketing. For example, using patient testimonials in advertising can be a HIPAA violation if the patient’s identity is not adequately de-identified or if written authorization is not obtained from the patient.

5. Platform-Specific Rules:

Many advertising platforms, including Google and Facebook, have their own rules for advertising healthcare services. Here are some specifics:

Google Ads: Google has a strict policy about healthcare and medicines. Some products and services can only be advertised after getting certified by Google. For example, for prescription drug terms, advertisers need to be certified by Google and their ads can only show in certain countries.

Facebook Ads: Facebook does not allow ads that promote the sale or use of prescription drugs or suggest that the reader has a health condition.

In conclusion, advertising for a medical spa needs to be accurate, ethical, and in compliance with all relevant regulations. 

VIII. Employment Laws:

Employment laws are a broad set of rules that govern the relationship between employers and employees. They cover a range of issues, including wages, working hours, safety and health standards, and anti-discrimination practices. 

1. Wage and Hour Laws

These laws ensure that employees receive fair wages and limit the number of hours that an employer can require an employee to work. For instance, under the Fair Labor Standards Act (FLSA), employees who work over 40 hours per week are usually entitled to overtime pay.

2. Non-Disclosure Agreements (NDAs) and Confidentiality Agreements

These agreements are designed to protect sensitive business information. NDAs can be used when discussing your business plan with potential partners, investors, or employees. Confidentiality agreements serve a similar purpose and can be included in an employee’s contract to prevent them from sharing proprietary information about your spa during and after their employment.

3. Independent Contractors

Independent contractors are not employees, and different rules apply to them. Misclassifying an employee as an independent contractor can lead to penalties, such as back pay for wages and benefits. You need to ensure that any independent contractor relationships are clearly defined and comply with the IRS guidelines and state laws.

4. Anti-Discrimination Laws

As an employer, you must comply with federal, state, and local anti-discrimination laws. This means that you cannot discriminate against employees or job applicants on the basis of race, color, religion, sex, national origin, disability, or age. Your hiring, promotion, and termination policies should all reflect this.

5. Discrimination and Harassment Regulations

Federal laws, such as Title VII of the Civil Rights Act, the Americans with Disabilities Act (ADA), and the Age Discrimination in Employment Act (ADEA), prohibit discrimination in hiring, promotion, job assignment, termination, and compensation. Harassment, such as sexual harassment, is also prohibited under these laws.

6. Labor Posters

Both federal and state laws require businesses to display certain posters in the workplace. These inform employees of their rights under labor laws. The required posters can vary depending on the nature and size of your business, and the state in which you operate.

7. Professional Qualifications

All medical providers should have valid and appropriate qualifications, including state licenses, board certification, and any other necessary credentials.

Hiring qualified and experienced medical providers is key to the success of your medical spa. This process should be rigorous, focusing on qualifications, experience, and fit with your business philosophy. Providers should be appropriately licensed and certified according to your state laws.

8. Continuing education 

Many professional licenses have a continuing education requirement. Beyond the initial qualifications, ongoing training should be provided to all staff to keep them updated on new technologies, treatments, and best practices. It’s a good idea to create a training plan and allocate resources for continual professional development.

Being a medical spa owner comes with many responsibilities, including understanding and complying with employment laws. It’s always recommended to work with a knowledgeable employment law attorney to ensure that you are fully compliant and to prevent any potential issues.

IX. Insurance:

1. Malpractice Insurance (Professional Liability Insurance):

This type of insurance covers healthcare professionals against liability associated with wrongful practices resulting in bodily injury, medical expenses, and property damage, as well as the cost of defending lawsuits related to such claims. In a medical spa setting, this can cover situations like a patient having an adverse reaction to a treatment or procedure. Malpractice insurance is critical due to the higher risk associated with medical procedures, even those of a more cosmetic nature like Botox injections.

2. General Liability Insurance:

General liability insurance, also known as commercial liability insurance, protects your spa from another person or business’s claims of bodily injury, associated medical costs, and damage to property. This can cover everything from a client slipping and falling on your premises to a damaged personal property claim if an employee accidentally ruins a client’s clothing.

3. Property Insurance:

Property insurance protects the physical assets of your business, like your building, equipment, inventory, furniture, and fixtures. It can help repair or replace your property if it’s stolen, damaged, or destroyed in a situation like a fire or natural disaster. Some policies will also cover loss of income or increased expenses if your business cannot operate due to a covered loss.

4. Workers’ Compensation Insurance:

If you have employees, you’ll also likely need workers’ compensation insurance. This coverage protects you and your employees if they get sick or injured while working. It can help cover their medical expenses and a portion of their lost wages.

5. Cyber Liability Insurance:

With a large portion of patient data stored electronically, medical spas are not immune to the threat of data breaches. Cyber liability insurance can cover financial losses that result from data breaches and other cyber events. It may also cover costs associated with managing the incident, like notifying impacted individuals or providing credit monitoring services.

6. Product Liability Insurance:

If your medical spa sells skincare products or other items, product liability insurance is a good idea. It covers damages caused by products sold or manufactured by your company. If a customer experiences a harmful reaction to a product you sold, this policy could cover the associated costs.

7. Business Interruption Insurance:

This type of insurance can cover loss of income resulting from a disaster-related downtime that affects the operation of the business. If a fire or natural disaster causes your spa to close for repairs, business interruption insurance could help replace your lost income.

8. Commercial Auto Insurance:

If you use a vehicle for business purposes, commercial auto insurance is necessary. This policy helps cover the costs of an auto accident if you or an employee is at fault.

Each medical spa will have unique insurance needs depending on its location, services, size, and other factors. Therefore, it is vital to work with an insurance professional familiar with the medical spa industry to make sure you have the right coverage.

X. OSHA Compliance:

1. OSHA Compliance:

OSHA stands for Occupational Safety and Health Administration, and its main goal is to ensure safe and healthy working conditions for workers by setting and enforcing standards and by providing training, outreach, education, and assistance. In a medical spa, compliance with OSHA standards can involve several aspects:

Bloodborne Pathogens Standard: This standard is designed to protect employees from exposure to blood and other potentially infectious materials. Employees must be provided with appropriate personal protective equipment, such as gloves and face shields, and must be trained in handling potentially infectious materials.

Hazard Communication Standard: Under this standard, employers must inform and train employees about hazardous chemicals in the workplace. This includes products used in treatments or cleaning supplies.

General Duty Clause: This clause of the OSHA Act requires employers to provide a workplace free from recognized hazards likely to cause death or serious physical harm.

2. Managing Health and Safety Risks:

In addition to complying with OSHA standards, medical spas must manage health and safety risks associated with treatments and patient interactions. This can involve:

Infection Control: Medical spas must have stringent infection control protocols to protect both staff and patients. This includes sterilization of tools, regular hand hygiene, and use of personal protective equipment.

Equipment Safety: All equipment used in treatments must be regularly inspected and maintained to ensure it is safe to use. Staff should be trained in the correct use of all equipment.

Emergency Procedures: Medical spas should have emergency procedures in place, and all staff should be trained in these procedures. This includes knowing what to do in the event of a fire, severe allergic reaction, or other medical emergencies.

Running a medical spa involves juggling many moving parts, not least of which is ensuring the health and safety of both employees and patients. Therefore, maintaining strict protocols and staying up-to-date with regulations is key.

For detailed discussion about legal advices from many lawyers to start a medical spa, please contact us at email@CosmeticMedicalConsulting.com or call us at (212) 470-9868.

There you will find resources about Legal Aspects of a Medspa, Written Protocols, Patient Care Related, Product Related, Internet Related, Branding and Trademark, Continuing Legal Education, Medspa Sales Training and Operational Manual. You will also discover The Ultimate Package to Elevate Your Medical Spa Practice for FREE, included in your training course:

  • Exclusive Group Purchasing Benefits
  • Complimentary Business Starter Kit
  • Medspa Practice Software
  • Social Media Launch Kit
  • Facebook Ad Strategy & Ready-made Template
  • Google Ad Strategy & Customizable Template
  • Much more!

Enroll now in our comprehensive Online Medspa Training program for only $499 and receive additional extras worth $5639 completely free of charge! This is not just a simple offer; it presents an exceptional chance for significant personal and professional development. Take advantage of this remarkable value before it’s too late.