Wellness MD — Doctor Led Infrastructure
All Articles
Compliance· June 14, 2026· 12 min read

Medical Spa Compliance Checklist: Avoiding the Most Common Mistakes

Compliance in medical aesthetics isn't a one-time requirement — it's an ongoing set of obligations. This checklist walks through the most common compliance gaps med spas encounter, organized by area.

Compliance in the medical aesthetics industry isn't a single requirement you satisfy once and move on from — it's an ongoing set of obligations that touch nearly every part of how a med spa operates, from how charts are documented to what's written on a sign in your lobby. Most compliance failures don't happen because owners deliberately cut corners. They happen because compliance gets treated as a one-time setup task rather than a continuous operational discipline. This checklist walks through the most common compliance gaps med spas encounter, organized by area, so you can identify where your practice might have exposure.

Medical Oversight Gaps

Mistake: Treating the medical director relationship as a formality.

The single most common — and highest-risk — compliance gap is having a medical director who is named on paperwork but not meaningfully involved in the practice. This arrangement, sometimes called a "ghost director," has drawn increasing attention from state medical boards, and the consequences can include fines, facility closure, and personal liability exposure for owners.

What to check: Does your medical director actually review charts, update protocols, and respond to clinical questions on a regular cadence? Is this documented? If your honest answer is "they signed some paperwork when we opened and we haven't heard from them since," this is the highest-priority item to address.

Mistake: Protocols that don't match your actual service menu.

Generic protocol templates are widely available, but they often don't reflect the specific services a given med spa offers — or worse, they reference services or dosing guidelines that have since changed.

What to check: Do you have written protocols for every service line, including newer additions like GLP-1 weight loss programs or peptide therapy? Were these protocols developed specifically for your practice, or adapted from a template without review?

Provider Scope-of-Practice Issues

Mistake: Staff performing procedures outside their licensed scope.

This is one of the most frequently cited issues in med spa enforcement actions, and it often happens informally — an esthetician asked to "just do a quick touch-up injection" because the licensed provider is busy, for example. Scope-of-practice violations can occur even with good intentions and without any patient harm, simply because the person performing the procedure wasn't legally authorized to do so.

What to check: Does every staff member's day-to-day responsibilities align precisely with what their license permits in your state? Are there any informal workarounds that have become normalized — covering for a colleague, "just this once" exceptions — that wouldn't hold up under scrutiny?

Mistake: Missing or outdated collaborating physician agreements.

If your med spa employs nurse practitioners or physician assistants, a documented collaborating physician agreement specific to their scope of practice is generally required, and the terms need to reflect your state's current supervision requirements.

What to check: Is there a signed, current agreement for each NP or PA on staff? Does it address the specific services they provide, including any higher-scrutiny categories like prescribing for weight loss or hormone therapy?

Documentation and Charting

Mistake: Inconsistent or incomplete patient documentation.

Patient charts serve multiple purposes — clinical continuity, legal protection, and compliance evidence. Charts that are inconsistent in format, missing informed consent documentation, or lacking notes on contraindications and follow-up create exposure on multiple fronts at once.

What to check: Do your charts consistently include informed consent forms, documented treatment details, any adverse reactions noted and addressed, and follow-up plans? Is there a standardized format across providers, or does documentation quality vary significantly by staff member?

Mistake: No regular chart audit process.

Even with good documentation practices, errors and inconsistencies accumulate over time without a review process to catch them.

What to check: Is there a defined cadence — monthly or quarterly is typical — for reviewing a sample of charts against your protocols and documentation standards? Who conducts this review, and is it documented that it occurred?

Signage and Disclosure Requirements

Mistake: Overlooking state-specific signage and disclosure rules.

Many states require med spas to display specific information — the medical director's name and credentials, the facility's licensing status, or disclaimers about the nature of services provided. These requirements are easy to overlook because they seem minor compared to clinical compliance issues, but they're also among the easiest items for an inspector to check, and missing signage can trigger a broader review.

What to check: Have you reviewed your state's current signage and disclosure requirements specifically — not assumptions based on what other states require, or what was required when you opened, since these rules have been updated in several states recently?

Marketing and Advertising Claims

Mistake: Marketing claims that exceed what's legally permissible for medical services.

Advertising rules for medical aesthetics services are often more restrictive than general wellness marketing, particularly around prescription medications. Claims about GLP-1 weight loss results, peptide therapy benefits, or guarantees about treatment outcomes can run afoul of both state medical board advertising rules and broader consumer protection regulations.

What to check: Have your marketing materials — website, social media, paid ads — been reviewed against your state's specific advertising rules for medical services? Are claims about prescription medications framed appropriately, avoiding language that implies guarantees or minimizes risks?

Licensing and Registration Currency

Mistake: Letting facility registrations or provider licenses lapse, or missing new registration requirements.

Several states have introduced or updated med spa-specific registration requirements in recent years, sometimes with new deadlines or licensing tiers that didn't exist when a practice originally opened.

What to check: Are all facility registrations and individual provider licenses current? Have you checked whether your state has introduced any new med spa-specific registration categories or requirements since you opened — particularly if it's been more than a year or two?

Multi-State Consistency

Mistake: Assuming compliance in one state translates to compliance in another.

For med spas operating in multiple states, or considering expansion, one of the most common — and costly — mistakes is assuming that protocols, agreements, and registrations that are compliant in one state will automatically be compliant in another. CPOM laws, NP scope of practice, signage requirements, and registration processes can all differ meaningfully.

What to check: For each state you operate in, has someone specifically verified that your ownership structure, medical director arrangement, collaborating physician agreements, and signage meet that state's current requirements — not just the requirements of your "home" state?

Building Compliance Into Operations, Not Just Onboarding

The pattern across nearly all of these common mistakes is the same: compliance gets established at launch and then doesn't keep pace with the business as it grows, as regulations change, or as new service lines are added. A protocol written for your original service menu doesn't automatically cover a GLP-1 program you added eighteen months later. A collaborating physician agreement that was compliant when you had one NP may not address supervision ratio requirements once you've added a second or third.

The most effective approach is to treat compliance as an ongoing operational function — with a regular review cadence, clear ownership of who's responsible for keeping protocols and agreements current, and a process for checking new requirements when regulations change or when you expand services or locations.

For med spas that don't have in-house compliance expertise, or that are managing this across multiple states, partnering with a medical director services organization that builds ongoing compliance review into the relationship — rather than treating it as a one-time setup — can close many of these gaps proactively, before they surface during an inspection or a complaint.

Talk to our team about building a compliant med spa operation →

Written by Wellness MD Group
Partner With Wellness MD

Let's Build Your Practice — Together.

From Medical Directors and Good Faith Exams to LegitScript, marketing, and end-to-end business consulting — Wellness MD Group is the partner behind hundreds of thriving wellness practices nationwide. Tell us where you are, and we'll show you what's next.

Keep Reading

All Articles
Compliance

Can a Nurse Practitioner Be a Medical Director in Texas?

The short answer is no — not in the way the term 'medical director' is typically used in the med spa and wellness clinic context in Texas. Here's what NP owners and clinic operators actually need to know.

Medical Director

Medical Director Services: What They Cost and What's Included

Pricing for medical director services can vary from a few hundred dollars a month to several thousand. This guide breaks down what's typically included, what drives pricing, and how to evaluate value.

Med Spa

How to Open a Med Spa: Licensing, Medical Oversight & Compliance Checklist

A med spa operates at the intersection of healthcare regulation and consumer business. This guide walks through licensing, medical oversight, and compliance requirements you'll need before opening your doors.