U.S. Med Spa Regulations and Compliance Guide

Med spa regulations are the state-specific legal frameworks and administrative rules that govern the operation of aesthetic medical clinics and the performance of cosmetic procedures. These regulations establish requirements for corporate ownership, physician supervision levels, and the professional scope of practice for all licensed practitioners within the facility.

State-Specific Regulatory Frameworks

Every state maintains unique statutes regarding the operation of medical spas.

Most states follow the Corporate Practice of Medicine (CPOM) doctrine.

This doctrine generally requires that medical practices be owned by physicians.

State Medical Boards and Nursing Boards oversee these specific clinical rules.

Compliance depends on adhering to the specific codes of your state.

Licensing and Medical Supervision Requirements

A designated Medical Director is required for most med spa operations.

The Medical Director must be a physician licensed in that state.

Supervision levels vary from “on-site” to “immediately available” by phone.

Mid-level practitioners like NPs and PAs have different autonomous authorities.

RNs and estheticians must operate under strict delegated medical orders.

Legal Scope of Aesthetic Practice

State laws define which treatments are considered medical procedures.

Injections, high-energy lasers, and deep chemical peels are medical acts.

A “Good Faith Exam” (GFE) is mandatory before any new treatment.

Only a physician, NP, or PA can typically perform this initial exam.

Estheticians are often restricted from performing any “ablative” skin treatments.

Inspection Readiness and Safety Standards

Clinics must be prepared for unannounced inspections by state boards.

Facilities must meet OSHA bloodborne pathogen and safety standards.

Strict protocols for hazardous waste and sharps disposal are required.

Emergency medical kits and response protocols must be kept on-site.

Equipment maintenance logs must be updated to show regular calibration.

Essential Compliance Documentation

Documentation is the primary evidence of regulatory compliance during audits.

Required Clinical Records

• Patient intake forms with comprehensive medical histories




• Signed informed consent documents for every specific procedure




• Standardized Procedures and Protocols (SOPs) signed by the Director

Administrative Compliance Files

• Current professional licenses for every staff member




• Evidence of HIPAA-compliant digital and physical file storage




• Proof of professional liability and malpractice insurance coverage