Medical spas and aesthetic clinics offer a variety of services. Although some differences exist (e.g., aesthetic clinics generally provide more advanced treatments), this article will refer to both as medical spas.
The number of medical spas is growing. A 2024 report from the American Med Spa Association noted an increase in locations from 8,899 in 2022 to 10,488 in 2023. Most medical spas (81%) operate in a single location. The same report found that 67% of single-owner practices are owned by nonphysicians. Nurse practitioners (NPs) are nearly even with physicians and surgeons as the group with the highest percentage of medical spa ownership.
Although medical spas can provide valuable services to their clients, failure to follow relevant laws and regulations can lead to penalties, license suspension, and even cease-and-desist orders. Fortunately, best practices can help business owners avoid these problems while still reaping financial benefits.
Ownership structure
Avoiding liability starts with meeting ownership requirements, which vary by state. For example, Holt notes that California and New Jersey require physician ownership; Illinois, Kentucky, and Maryland permit physician or NP ownership, and anyone can own in Hawaii, Michigan, and Florida.
Reyes notes that in some states, non-physician-owned medical spas have to operate under a physician’s supervision. In states with full practice authority for NPs, physician supervision may not be required; however, it is essential to verify individual state laws.
Owners should also check for any required state and local licenses. However, no accreditation from an organization such as the Accreditation Association for Ambulatory Health Care may be beneficial from a marketing perspective.
Here are other areas to consider to avoid liability.
Personnel
Owners must understand the scope of practice for each employee as it is defined under state law. Resources for this include https://americanmedspa.org/legal-updates and https://healthindustrytrends.com/understanding-med-spa-regulations-state-by-state-guide/. Owners also must know what procedures are permitted to be offered under state law and who can provide them.
If delegation is permitted, be sure staff are trained for their activities and that appropriate supervision is provided. Remember that only licensed professionals should perform medical treatments.
It is also essential to accurately represent professional titles of staff to patients. According to the American Society of Dermatology Surgery Association, a study found that many patients didn’t know that non-physicians were performing their procedure. Have staff wear badges that clearly display their credentials.
Finally, be sure to hire only those who have the required expertise and qualifications. For example, an aesthetician needs to be licensed.
General operations
Standard operating procedures (SOPs) should be in place for key areas, such as informed consent (obtained before each procedure) and infection prevention (for example, sterilizing equipment according to standards). SOPs should include emergency response plans and outline the frequency of checking emergency equipment for availability and functionality.
SOPs should also address client privacy to ensure adherence to requirements in the Health Insurance Portability and Accountability Act (HIPAA), as well as adherence to regulations that fall under the Occupational Safety and Health Administration (OSHA). Relevant OSHA requirements include those related to bloodborne pathogens, hazard identification, and laser safety. It is also important to dispose of medical waste properly.
Protocols for treatments offered by the medical spa should be in place and include who can administer the treatment. Employees should follow best practices and document their actions.
Staff should receive training related to SOPs, including how to respond to an emergency, and training should be documented in the employee’s record.
Additional laws and regulations
Laws and regulations related to referrals and commissions exist. Thiersch notes that fee-splitting (paying employees or others a commission for referrals) is illegal in many states. The federal Stark Law states that physicians cannot make referrals to entities where they have a financial relationship. Stark applies to Medicare patients, but some states have similar laws that include Medicaid patients.
The federal Anti-Kickback Statute prohibits individuals from soliciting, receiving, offering, or paying any remuneration for referrals for services covered by a federal healthcare program, such as Medicare and Medicaid. (This includes referrals from patients.) Some states have their own laws or regulations prohibiting payments for referrals.
In addition, Fisher notes that these types of payments may be considered unethical, so medical and nursing boards may have restrictions.
Because of the many restrictions, it is best to avoid solicitation of and compensation for referrals or at least consult a healthcare attorney for advice. An alternative might be to offer employees performance bonuses based on business goals.
Owners also need to adhere to state and federal medical advertising standards. Advertising should be truthful and avoid claims that guarantee results. A resource is the advertising guidance from the Federal Trade Commission (FTC) at https://www.ftc.gov/news-events/topics/truth-advertising/health-claims.
Owners should use testimonials and social media promotions with caution, as they can easily violate the truth in advertising (for example, by not reflecting typical outcomes and using misleading before-and-after photos).
Insurance
Sufficient insurance coverage is crucial in the event that the business faces legal action. The following types are recommended:
Professional liability: Provides protection in case of malpractice or claims related to scope of practice. Practitioners should also have coverage either through the medical spa or individually.
General liability: Protects against various events, such as a client slipping and falling.
Property: Covers the medical spa’s physical space, equipment, and supplies in case of events such as theft or a fire.
Workers’ compensation: For when workers get ill or injured on the job.
Ensuring success
Medical spas are increasingly common and can be rewarding for owners both professionally and financially. However, owners of medical spas and nurses working in them must follow best practices, laws, and regulations to avoid penalties and litigation (sidebar). Doing so will help maximize the success of the business.
Cynthia Saver, MS, RN, is a medical writer in Columbia, Md.
This article does not constitute legal advice.
Sidebar
Best practices
Here are the best practices for nurses who work in medical spas.
- Wear a badge with your credentials and verbally identify yourself as a nurse to patients.
- Keep within your scope of practice. Follow state law as to what services you provide.
- Conduct a patient assessment before the procedure; ask about allergies, medical history, and medications.
- Ensure the informed consent process has been followed and the patient has signed the consent form.
- Confirm the treatment with the patient before it starts.
- Know how to manage potential adverse events such as anaphylaxis, syncope, and laser burns. Check emergency equipment regularly.
- Follow guidelines related to infection prevention and safety (e.g., sharps disposal, keeping the environment free of clutter).
- Review post-procedure instructions with the patient. Provide written or digital instructions in the patient’s preferred language.
- Maintain the privacy of patient confidential information.
- Stay up-to-date on the latest developments in the field.
- Document thoroughly, including patient assessments, patient education, and the lot numbers of products used.
- Follow guidelines for accessing and storing medical records. For example, adhere to the policy for changing passwords to protect against cyber breaches. In addition, know the requirements for how long records need to be kept after the last contact with the patient.
- Do not take any remuneration for referring patients.
Nurses may want to consider obtaining certification in this area. According to Gaines, applicable ones include certified aesthetic nurse specialist, certified plastic surgery nurse, dermatology nurse certified, and dermatology certified nurse practitioner.
References
American Med Spa Association. 2024 medical spa state of the industry executive report recap. 2024. https://americanmedspa.org/blog/2024-medical-spa-state-of-the-industry-executive-report-recap
American Society for Dermatologic Surgery. Safety concerns in med spas with little or no physician involvement. 2023. https://www.asds.net/skin-experts/news-room/press-releases/safety-concerns-in-med-spas-with-little-to-no-physician-involvement
Cohen Law Group. Medical spas and aesthetic clinics: key legal insights for safe and compliant operations. 2024. https://cohenhealthcarelaw.com/medical-spas-and-aesthetic-clinics-key-legal-insights-for-safe-and-compliant-operations/
Fisher RJ. Can I reward my medical spa patients for referring a friend? American Med Spa Association. 2019. https://americanmedspa.org/blog/can-i-reward-my-medical-spa-patients-for-referring-a-friend
Gaines K. The ultimate list of aesthetic nurse certifications. Nurse.org. 2025. https://nurse.org/education/aesthetic-cosmetic-nurse-certifications/
Harper K. OSHA: what you don’t know can hurt you. American Med Spa Association. 2018. https://americanmedspa.org/blog/osha-what-you-dont-know-can-hurt-you
Holt D. A state-by-state guide for medspa regulations. Holt Law. 2025. https://djholtlaw.com/a-state-by-state-guide-for-medspa-regulations/
Moeller M. Update: nurse practitioners have full practice authority in these states. American Med Spa Association. 2023. https://americanmedspa.org/blog/update-nurse-practitioners-have-full-practice-authority-in-these-states
Occupational Safety and Health Administration. https://www.osha.gov/
Reyero J. Spotting the red flags in today’s health care regulatory environment. American Med Spa Association. 2020. https://americanmedspa.org/blog/spotting-the-red-flags-in-todays-health-care-regulatory-environment
Reyes P. Medspa compliance: master the requirements for 2025. 2024. https://www.medicalsparx.com/medspa-compliance/
Thiersch AR. Fee-splitting: pitfalls of med spa compensation. American Med Spa Association. 2018. https://americanmedspa.org/blog/fee-splitting-pitfalls-of-med-spa-compensation
U.S. Department of Health and Human Services. Summary of the HIPAA Privacy Rule. n.d. https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html#intro