For Medspa Owners / Operations

How to run it.

Software stack, pharmacy partnerships, staffing models, insurance and liability, and the vendor-level decisions that shape every GLP-1 medspa.

Key Facts

3–5 vendors

Core operational stack: EMR, scheduling, payments, telehealth, pharmacy.

1:3–5

Typical MD-medical-director to NP ratio in NP-led programs.

BAA needed

For any vendor that touches PHI — including EMR, telehealth, chart storage.

Core software stack

Most GLP-1 programs run 3–5 core systems: an EMR with e-prescribing (DrChrono, Tebra, Healthie, Practice Better), a scheduling layer (Boulevard, Vagaro, or EMR-embedded), a payments provider (Stripe, Square, or EMR billing), a telehealth video solution (often EMR-embedded; Zoom for Healthcare as a standalone), and a CRM or email tool for non-PHI communication (HubSpot, Klaviyo). Evaluate each on: BAA availability, e-prescribing capability, patient portal quality, and whether the pricing scales linearly or super-linearly with patient count.

Pharmacy partnerships

Your pharmacy partner determines cost structure, legal exposure, and patient experience. Key evaluation criteria: 503A vs 503B registration, USP 797/800 compliance, sterility testing frequency, fill time (48–72 hours is standard for 503A direct-ship; same-day for 503B bulk), lot documentation, adverse-event reporting, and willingness to sign indemnification clauses. Diversify: depending on a single compounding pharmacy is one of the highest operational risks in this business.

Staffing models

NP-led with MD medical director is the dominant model because NP labor is 40–60% cheaper at comparable patient volume. Typical ratio: 1 MD for 3–5 full-time NPs. MD responsibilities: protocol approval, chart review (cadence varies by state, usually 10% random sample), complex-case escalation. NP responsibilities: intake, titration, routine visits, patient communication. Medical assistants handle non-clinical intake, check-in, and post-visit follow-up.

Insurance & liability

Core coverage needed: professional liability (malpractice) at $1M/$3M minimums for each clinician, general liability for the practice entity, cyber/privacy liability covering HIPAA breach notification ($1M+), and errors & omissions for business decisions. Compounded medication adds regulatory-risk exposure some carriers exclude — verify your policy explicitly covers compounded prescribing. Do not rely on the pharmacy's product liability policy to cover the prescriber.

Frequently asked

What software stack do most GLP-1 clinics use?+
Typical stack: EMR with e-prescribing (DrChrono, Tebra, Healthie, Practice Better), scheduling (Boulevard, Vagaro, or EMR-embedded), payments (Stripe, Square, or EMR billing), telehealth video (embedded or Zoom-for-Healthcare), patient portal (EMR-embedded), CRM/marketing automation (HubSpot or Klaviyo for non-PHI communication).
Do I need a BAA with every vendor?+
Any vendor that processes, stores, or transmits PHI requires a signed Business Associate Agreement. That typically includes: EMR, scheduling if it touches health info, telehealth video, any cloud storage of charts, email providers if used for clinical communication, and analytics tools that could track PHI. Marketing platforms used only for non-PHI communication (e.g., pre-patient email list) generally don't require a BAA.
Should I hire NPs or MDs?+
Most GLP-1 practices are NP-led because NP labor cost is 40–60% lower than MD labor at comparable patient volumes. An MD medical director is still required in most states for chart review, protocol approval, and handling complex cases. Typical staffing ratio: 1 MD medical director for every 3–5 full-time NPs.
What's a reasonable inventory approach?+
For 503B-sourced programs: 30–45 days of safety stock based on typical prescription volume. For 503A programs: patient-specific fulfillment means near-zero inventory risk, but lead-time management (pharmacy fill within 48–72 hours of prescription) is critical.

Related

Pillar

Regulations

Compounding, state rules, licensure.

Pillar

Clinical Protocols

Intake, titration, monitoring.

Pillar

Patient Acquisition

SEO, ads, referrals.