Owning or starting a healthcare practice is considerably different from being a practicing physician in one. Though you’re aware of the needs regarding securing and maintaining your own licensure, you’ll also need to understand regulations regarding owning and running a business — and ensure that anyone within your employ meets requirements, too.

Here’s a quick overview of three main types of regulations: those focused on the practice of medicine, the business of medicine, and the quality of patient care.

1. The practice of medicine

Many regulations are designed to ensure the qualifications and quality of the people providing healthcare. As a result, healthcare providers must get licensed to practice their profession. Each license has educational and testing requirements through each state’s professional regulation department. Dentists, opticians, veterinarians, physicians, medical assistants, and physician assistants (among others) have varying educational and testing requirements. Further, nearly all healthcare professionals must maintain their licenses by completing qualified continuing medical education classes every few years.

It’s important that practice owners understand not only their own licensure requirements but also any professional requirements for staff. Practice owners can support the continuing education of their employees by providing information on upcoming events or courses, as well as by providing reimbursement for requisite trainings. Keep in mind that different states have different laws, which will be important if you plan to open practices in multiple locales.


To find .gov websites with complete information on your state’s state licensing requirements, start with national associations’ sites, such as the American Veterinary Association, the American Dental Association, and the American Optometric Association. Also consider finding a local practice-owning mentor in your specialty, who can help you stay up to date.

2. The business of medicine

Many regulations are designed to ensure that healthcare provider businesses are run without interference from unqualified outsiders. As a result, it’s often the case that only licensed healthcare professionals can own healthcare provider businesses. However, the healthcare industry has created a work-around strategy with management services organizations, which can be owned and managed by non-providers and still provide administrative and billing support.

To protect the integrity of the healthcare industry, there is also a huge body of rules prohibiting payments for referrals for healthcare services. You will have to comply with anti-kickback statutes from federal and state governments, as well as the Ethics in Patient Referrals Act (also known as the Stark Law). Essentially, these state that physicians cannot receive a reimbursement fee from Medicare or Medicaid for referring patients for other services without providing extensive documentation. In addition, some states prohibit referring patients to another facility where the physician (or a family member) has a financial interest — unless they provide a disclosure about the relationship and also present the option to select another facility.


Did you know that billing Medicare patients below the government-established level of service is a type of Medicare fraud? An attorney specializing in healthcare law can help you navigate complex regulations — and avoid dangerous territory like this — while ensuring any contracts you enter into are in compliance as well.

3. The quality of patient care

Healthcare providers can only perform services on a patient if that patient has granted his or her informed consent. “Informed consent” means that a patient must have full information about the treatment and the risks before his or her consent is valid, except in the case of medical emergencies. Informed consent is the backbone of patient-care regulations, but there are other rules, too. For instance, there are regulations about the structure, quality, and cleanliness of facilities — many of which have been in flux since the beginning of the 2020 pandemic.

Another area of detailed regulation concerns patient records and protection of patient data. Healthcare providers almost always have obligations to keep accurate records, retain those records for a number of years, and provide patients access to their own records. There are also obligations regarding how to keep patient data safe, secure, and confidential. Your patients know these federal privacy rules by the acronym HIPAA (Health Insurance Portability and Accountability Act). You’ll also need to understand any state laws that require providers to protect patient data, secure a patient’s permission to disclose data to any third parties, and tell patients how they can receive records of their own data.


After refreshing your knowledge of HIPAA, visit HHS.gov to look at the requirements of the Health Information Technology for Economic and Clinical Health (HITECH) Act — particularly if you’re planning on offering telehealth options.

If you’re in the healthcare industry or considering opening a healthcare provider business, it’s essential to stay fully informed on these and all applicable small business regulations.