The medical spa (med spa) industry is rapidly growing, offering a mix of medical and cosmetic treatments such as Botox, laser hair removal, chemical peels, and dermal fillers. However, because medical spas offer medical procedures, they must comply with strict healthcare regulations in California.
Many entrepreneurs and medical professionals make costly legal mistakes when starting a med spa, which can result in fines, license revocation, and business closure. Understanding common legal pitfalls can help you avoid compliance issues and ensure your med spa operates within the law.
This guide outlines the top legal pitfalls to avoid when establishing a medical spa in California, helping you protect your business from regulatory violations and legal liabilities.
1. Violating Corporate Practice of Medicine (CPOM) Laws
One of the biggest legal mistakes when opening a med spa is failing to comply with California’s Corporate Practice of Medicine (CPOM) laws.
- Who Can Own a Med Spa?
- In California, only licensed physicians (MDs or DOs) can own a medical practice, including medical spas.
- Non-physicians cannot own or control a medical spa or hire medical professionals to provide treatments.
- A nurse, esthetician, or business investor cannot own a med spa outright.
- The Solution: Use a Professional Corporation (PC) and an MSO
- A licensed physician must own the Professional Corporation (PC) that provides medical services.
- A Management Services Organization (MSO), owned by non-physicians, can handle the administrative and business operations of the spa.
- The PC contracts with the MSO through a Management Services Agreement (MSA), ensuring legal separation between medical and non-medical functions.
Violating CPOM laws can result in severe penalties, including business closure and regulatory sanctions.
2. Failing to Hire Properly Licensed Medical Providers
Because medical spas offer medical treatments, only properly licensed professionals can perform procedures.
- Who Can Perform Medical Spa Procedures?
- Botox and Dermal Fillers – Only physicians, nurse practitioners (NPs), physician assistants (PAs), and registered nurses (RNs) can administer injectables.
- Laser Treatments – Must be performed by a licensed medical professional under physician supervision.
- Chemical Peels and Microneedling – Varies based on strength; mild treatments may be performed by licensed estheticians, while medical-grade treatments require a physician, NP, or PA.
- Who Cannot Perform Medical Treatments?
- Medical assistants (MAs) cannot inject Botox, perform laser treatments, or conduct medical-grade procedures.
- Estheticians cannot legally perform deep chemical peels or use medical devices requiring physician supervision.
Hiring unqualified staff can result in malpractice lawsuits and licensing board investigations.
3. Misleading or Non-Compliant Advertising
California has strict advertising laws for medical services, and medical spas must ensure their marketing complies with these regulations.
- Avoid False or Misleading Claims
- Do not guarantee results (e.g., “100% wrinkle-free skin in one session”).
- Do not use before-and-after photos without proper patient consent.
- Avoid implying treatments are risk-free or better than competitors without evidence.
- Use Correct Medical Titles
- Only licensed physicians can be called “Doctor” in marketing.
- If a nurse practitioner or PA provides services, their title must be correctly represented.
Violating advertising regulations can lead to fines, lawsuits, and disciplinary action by the Medical Board of California.
4. Lack of Proper Business Licensing and Permits
Every medical spa must obtain the proper licenses and permits before opening.
- California Business License – Required for all businesses operating within a city or county.
- Medical Board Registration – If offering medical procedures, the business must be registered with the Medical Board of California.
- Seller’s Permit – If selling skincare products or medical-grade cosmetics, a seller’s permit from the California Department of Tax and Fee Administration (CDTFA) is required.
Failure to obtain the necessary permits can lead to fines and forced business closure.
5. Not Having a Written Medical Supervision Agreement
California law requires medical spas to have a written supervision agreement between the medical director and mid-level providers.
- Nurse Practitioners (NPs) and Physician Assistants (PAs) must work under a collaborative agreement with a licensed physician.
- The agreement must outline supervision responsibilities, scope of practice, and physician oversight requirements.
- The physician must be available for consultations and periodic patient evaluations.
Failing to have proper supervision agreements can result in license revocation and legal liability for the practice.
6. Failing to Protect Patient Privacy (HIPAA Violations)
Since medical spas handle patient health information, they must comply with HIPAA (Health Insurance Portability and Accountability Act) regulations.
- Ensure Patient Records Are Secure
- Use encrypted electronic health record (EHR) systems.
- Restrict access to sensitive patient data.
- Obtain Patient Consent for Photos and Marketing
- Before using before-and-after photos for advertising, obtain signed HIPAA consent forms.
- Do not share patient information without explicit permission.
HIPAA violations can lead to heavy fines and legal action against the medical spa.
7. Not Having Proper Insurance Coverage
Operating a medical spa without the right insurance policies exposes the business to significant financial risk.
- Medical Malpractice Insurance – Covers liability claims related to treatments and protects providers from lawsuits.
- General Liability Insurance – Covers business risks, such as slip-and-fall accidents in the spa.
- Workers’ Compensation Insurance – Required if the medical spa has employees.
Not having adequate insurance coverage can result in personal liability for lawsuits and business losses.
8. Ignoring Employment Law Compliance
Medical spas must comply with California employment laws, including:
- Proper Employee Classification – Employees must be correctly classified as W-2 employees or independent contractors.
- Overtime and Wage Compliance – Ensure compliance with California wage and hour laws to avoid labor disputes.
- Anti-Discrimination and Harassment Policies – Protect against workplace discrimination claims.
Employment law violations can lead to employee lawsuits and penalties from the California Labor Board.
How We Can Help
At KMSD Law, we help medical spa owners navigate California’s complex legal requirements to ensure compliance and protect their business. Our legal team specializes in:
- Structuring Medical Spas to Comply with CPOM Laws.
- Drafting and Reviewing Management Services Agreements (MSAs).
- Ensuring Proper Licensing and Regulatory Compliance.
- Providing Employment Law Guidance to Avoid Disputes.
- Protecting Medical Spas from Advertising Violations and Liability Risks.
We offer free case consultations to help you set up and run a legally compliant medical spa in California.
Contact KMSD Law today to safeguard your business and ensure long-term success.