Skip to content

What You Need to Know About Medical Spa Risks and Regulations

The med spa industry is fast growing, attracting consumers, investors, and entrepreneurs alike. However, as regulations remain in constant flux and legislators place the industry under increasing scrutiny, it is essential to understand how to operate your business compliantly. Read more on how LegitScript’s Healthcare Merchant Certification program helps qualified companies demonstrate their compliance — and whether your business is eligible for certification.

What’s the Deal with Med Spas?

If you’ve noticed an increasing number of advertisements from companies offering cosmetic medical services in recent years, you are not alone. Medical spas are one of the fastest-growing sectors within the healthcare industry.

A 2023 report indicated the industry has more than tripled in size since 2012 with a reported worth of $17.5 billion at the end of 2022. And it’s only expected to continue to grow.

Medical spas, also referred to as med spas, function as a hybrid between a day spa and a medical clinic. They offer a variety of medical cosmetic and aesthetic services such as botox injections, dermaplaning, and IV infusion therapies.

Unlike traditional day spas, medical spas are typically staffed by licensed medical providers. Many med spas have also begun to offer telemedicine services and conduct online visits with patients, expanding their market reach as well as their client base.

What Are the Risks of Med Spas?

Medical spas may have ballooned in popularity during the pandemic, but are largely regulated at the state level. This has led to significant confusion for medical spas wanting to operate in multiple jurisdictions as regulations can vary widely state-to-state.

While investors, entrepreneurs, and consumers alike may be drawn to this lucrative and quickly growing industry, there are several issues to consider prior to opening or doing business with a medical spa.

Most important, businesses must be cognizant of the regulatory pitfalls in three key areas:

  1. Products and services
  2. Staffing
  3. Licensing

Trendy Services May Be More Dangerous Than You Think

To remain competitive in a fast-growing market, med spas often follow and implement trendier services, such as those touted on social media by influencers and celebrities. While popular, this can open the business up to several risks, as oftentimes these services or products have not been reviewed for safety and/or efficacy by relevant regulators. This potentially creates a safety risk for patients and opens the business up to liability.

Recently, medical spas have been the subject of numerous news stories after an investigation by the CDC highlighted the safety and oversight risks associated with the industry, including cases in which patients were infected with HIV following cosmetic injections known as “vampire facials.”

The Washington Post reported some procedures are administered by unlicensed staff members. Additionally, some medical professionals are working outside their scope of practice, and failing to ensure the safety of products resulting in serious infections, burns, and in some cases — the death of the patient.

In particular, IV infusion therapies, which are popular med spa services, have increasingly come under fire. IV infusion therapies have exploded in popularity over recent years, and are touted by celebrities such as Chrissy Teigen, Gwyneth Paltrow, and the Kardashians.

Also referred to as intravenous micronutrient therapy, IV infusion therapies involve administering high doses of vitamins and minerals directly into a patient’s bloodstream. While offering infusions of common vitamins may seem innocuous given their prevalence in the medical spa industry, they often come with additional compliance requirements that business owners may not be aware of.

Where Are the Regulators?

In 2021, the FDA published concerns over the rising popularity of “compounding [drug] products by medical offices and clinics under insanitary conditions.” They cautioned consumers against intravenous (IV) hydration clinics, medical spas, and mobile IV infusion services for “numerous deficiencies” including medical professionals in street clothes and without gloves or failing to change gloves after they come in contact with non-sterile items.

This guidance, issued in response to situations where it was discovered that non-medical staff such as cosmetologists or estheticians were performing medical procedures, highlights concerns about the level of license held by the practitioner prescribing and administering the therapies. Practitioners who provide services like IV infusions must be a licensed medical practitioner. Tennessee now requires medical spa-specific licenses with other states advancing legislation to follow suit, as medical services are largely regulated at the state level.

Ensuring Compliance, Safety, and Transparency

Whether you are a prospective med spa patient, a payment service provider processing transactions for med spas, or an advertising platform accepting ads for med spas — it’s essential to be aware of both the risks associated with the industry and the best practices that ensure compliance.

Look at the services that are being offered and who is responsible for administering the treatments. Check the business against any state licensing or operating requirements. Examine how the services are advertised and how transparent the business is about the safety and efficacy of their offerings and avoid treatments that are marketed as “cure-alls” or “solutions” to serious diseases.

Qualified Med Spas Can Demonstrate Compliance with LegitScript

Are you a medical spa offering telemedicine services? LegitScript’s Healthcare Certification provides a recognized stamp of approval for businesses that provide telemedicine services. Google, Facebook, Microsoft, TikTok, Netflix, Visa, and Mastercard all recognize LegitScript certification to show the world their providers operate legally. Certification is a powerful way to gain patient trust and ensure that your business is operating in compliance with applicable laws and regulations. Apply now for certification.

Note: At this time, Healthcare Certification is not open to brick-and-mortar clinics and medical spas that do not offer telemedicine services. Read more about who qualifies in our fact sheet.

Recent Blog Articles

Key Takeaways: The Challenges of Detecting IP Infringement Online

According to the National Intellectual Property Rights Coordination Center, cases initiated against intellectual property theft are up 21%, with the sharpest growth occurring in the online space. In a recent webinar hosted by LegitScript, Peter Szyszko, CEO of White Bullet, delved into the pressing...
AI and ROI in trust and safety.

Navigating Marketplace Risk: AI and the ROI of Trust and Safety

Every year, professionals from around the world come together at the Marketplace Risk Management Conference to discuss issues of risk on online platforms and other technology. Explore the most critical takeaways from 150+ industry-leading speakers spanning 70+ sessions. Then contact us to see how Le...
Pride Month Addiction Treatment Certification application fee waiver.

This Is How LegitScript Is Celebrating Pride Month

LegitScript is celebrating Pride Month by waiving application fees for a limited number of new applicants who provide specialty care for the LGBTQ+ community - along with addiction treatment services. Let's unfurl Pride Month's origins, and discuss why the LGBTQ+ community needs support for addictio...
Levels of risk.

What You Need to Know About the Different Levels of Merchant Risk

Many risk mitigation approaches focus on high-risk merchants, but what about medium-risk merchants? Being aware of the various levels of risk and which category your merchant falls into is a critical step in quantifying risk. Let's delve into what low-, medium-, and high-risk merchants are and the v...