How CPOM Laws Affect Your Healthcare Business Model

The Corporate Practice of Medicine doctrine does not apply equally to every type of healthcare business. Depending on your business model, CPOM may be a major structural concern, a minor consideration, or not relevant at all. Understanding how the doctrine interacts with your specific model is essential for choosing the right corporate structure and avoiding costly compliance mistakes.

This guide examines the most common healthcare business models and analyzes their CPOM exposure.

Telehealth Platforms: High CPOM Exposure

Direct-to-consumer telehealth is the business model most directly affected by CPOM laws. If your company markets clinical services to patients, employs or contracts with providers who deliver care through your platform, and bills for those clinical encounters, you are squarely in CPOM territory in every state that enforces the doctrine.

The CPOM concern arises because the company — not the individual physician — controls the patient relationship, sets pricing, manages billing, and often defines clinical workflows. In the eyes of regulators, the company is practicing medicine through its providers.

Structural Solution

The standard fix is the MSO-PC model. The telehealth company becomes the MSO, handling technology, marketing, billing, and operations. A physician-owned PC employs or contracts with the clinicians and is the entity of record for all clinical services. The two entities are linked through a Management Services Agreement.

For multi-state telehealth companies, this typically means establishing separate PCs in each state with strict CPOM enforcement, each owned by a physician licensed in that state.

Healthcare Staffing Companies: Moderate CPOM Exposure

Healthcare staffing companies that place physicians, NPs, or PAs at client facilities operate in a gray area. The key question is whether the staffing company is simply providing personnel or whether it is controlling the clinical services those personnel deliver.

If your staffing company places providers at a client's facility and the client controls the clinical operation, your CPOM risk is generally lower. But if your company dictates clinical protocols, bills for services, or manages the patient relationship, the analysis shifts significantly.

Factors that increase CPOM exposure for staffing companies:

• Billing patients or insurers directly for clinical services provided by placed staff
• Setting clinical protocols or treatment guidelines that placed providers must follow
• Marketing clinical services to patients rather than staffing services to healthcare facilities
• Managing credentialing and privileging as if the providers are your employees rather than placements

Structural Solution

Staffing companies can often avoid CPOM issues by structuring their relationships clearly as staffing arrangements rather than clinical service delivery. The client facility should be the entity that exercises clinical control, bills for services, and manages the patient relationship. However, if the staffing company wants to offer more integrated services, an MSO-PC structure may be necessary.

Healthcare SaaS Companies: Low to No CPOM Exposure

Software companies that sell tools to healthcare providers — EHR systems, practice management software, clinical decision support, patient engagement platforms — generally do not trigger CPOM concerns. They are selling technology, not practicing medicine.

However, the line can blur when SaaS companies add clinical services to their product. Common scenarios that push a SaaS company into CPOM territory include:

• Adding a telehealth feature where the company provides the clinicians, not just the platform
• Offering clinical interpretation services (reading lab results, diagnostic imaging analysis)
• Building clinical AI that generates diagnoses or treatment recommendations presented to patients without physician oversight
• Bundling clinician access as part of a subscription that also includes software

Structural Solution

SaaS companies that want to add clinical services should consider building the MSO-PC structure before launching those services. The software business can remain in the MSO, while the clinical components are housed in a PC. This allows the company to monetize clinical services without running afoul of CPOM laws.

Brick-and-Mortar Clinics: High CPOM Exposure

Traditional medical practices and clinics are the original targets of CPOM laws. If a non-physician wants to own and operate a physical clinic, CPOM applies directly. The clinic must be structured so that a licensed physician owns the clinical entity (the PC), while the non-physician founder can own the MSO that provides business support services.

Key considerations for clinic-based models:

1. Real estate — The MSO typically leases the clinic space and subleases it to the PC, or the MSO owns the space outright and the PC pays rent as part of the MSA.
2. Equipment and supplies — The MSO purchases and owns clinical equipment, providing it to the PC through the management agreement.
3. Staffing — Non-clinical staff (front desk, billing, administrative) can be employed by the MSO, while clinical staff must be employed by the PC.
4. Branding — The MSO typically owns the brand and trademarks, licensing them to the PC.

Hybrid Models: Variable CPOM Exposure

Many modern healthcare companies combine elements of several models. A company might start as a SaaS platform, add telehealth services, then expand into physical locations. Each evolution can change the CPOM analysis and require structural adjustments.

The most important principle for hybrid models is to assess CPOM exposure at each stage of growth. What works as a pure technology play may need restructuring when clinical services are added. Build flexibility into your corporate structure from the beginning so that adding a PC later does not require a complete organizational overhaul.

Choosing the Right Structure for Your Model

The right corporate structure depends on your specific business model, the states where you operate, and your growth trajectory. There is no universal template. But there are universal principles:

• Assess your CPOM exposure honestly, based on what you actually do, not what you call it.
• Structure proactively, before you launch clinical services, not after a regulator asks questions.
• Build for growth by designing a structure that can accommodate new states, new services, and new business lines.
• Invest in ongoing compliance because your business model will evolve, and your compliance structure needs to evolve with it.

Understanding how CPOM intersects with your specific business model is the first step toward building a healthcare company that is both innovative and compliant. The entrepreneurs who get this right are the ones who build lasting businesses in healthcare.