Ohio's Healthcare Regulatory Labyrinth: A Compliance Roadmap for Telehealth and Expanding Practices

Ohio presents a unique and often challenging regulatory landscape for healthcare businesses, particularly those leveraging telehealth or expanding across state lines. As a state known for its stringent Corporate Practice of Medicine (CPOM) doctrine and continuously evolving telehealth policies, understanding Ohio's specific requirements is not merely advisable—it is absolutely essential for compliant and sustainable operations. For telehealth founders, medspa owners, dental and chiropractic practices, and healthcare investors, neglecting these intricacies can lead to severe penalties, license revocations, and significant operational disruption.

For more on this topic, see our analysis: California's Regulatory Tightrope: Navigating CPOM, Telehealth, and Enforcement in the Golden State.

The Bedrock: Ohio's Strict Corporate Practice of Medicine (CPOM)

Ohio stands firm among states with a strict Corporate Practice of Medicine doctrine. This means, generally, that non-licensed individuals or entities cannot employ physicians or other licensed healthcare professionals to practice medicine, nor can they control the clinical aspects of a medical practice. This prohibition extends beyond traditional medical doctors to other licensed professionals, impacting a broad spectrum of healthcare businesses.

For more on this topic, see our analysis: Navigating the Lone Star Labyrinth: A Deep Dive into Texas Healthcare Compliance.

Ohio Revised Code (ORC) Chapter 4731 governs the practice of medicine, and while it doesn't explicitly define CPOM, the Ohio State Medical Board (OSMB) and the Ohio Attorney General have consistently interpreted it to prohibit lay corporations from practicing medicine. This stance is rooted in the principle of protecting patient safety and preserving the independent professional judgment of licensed practitioners.

For businesses like telehealth platforms, medspas, dental practices, and chiropractic offices, this strict CPOM doctrine necessitates careful structuring. The most common compliant model is the Management Services Organization (MSO) arrangement. Under this model, a non-clinical MSO provides administrative, technical, and non-medical support services (e.g., billing, scheduling, marketing, IT, real estate) to a professional entity (PE), which is owned and controlled by licensed Ohio practitioners. The PE, in turn, employs or contracts with the clinical staff and delivers all professional services.

Key compliance considerations for MSO models in Ohio include:

• Physician Autonomy: The PE must retain absolute control over all clinical decisions, hiring and firing of clinical staff, patient care protocols, and professional fees. The MSO cannot dictate medical judgment or influence treatment plans.
• Fair Market Value: All services provided by the MSO to the PE must be compensated at fair market value, and the compensation structure cannot be tied to patient volume or revenue generation in a way that could be construed as illegal fee-splitting or an inducement for referrals.
• No Fee-Splitting: Ohio law strictly prohibits fee-splitting, where a licensed professional shares a percentage of their professional fees with an unlicensed entity or individual. MSO fees must be fixed or based on legitimate administrative costs, not a percentage of clinical revenue.
• Clear Delineation of Services: The Management Services Agreement (MSA) must meticulously define the roles and responsibilities of both the MSO and the PE, explicitly stating that the MSO provides only non-clinical services.

Enforcement History: The OSMB has a history of investigating and taking action against arrangements perceived to violate CPOM or fee-splitting prohibitions. While not as frequently publicized as some other states, the risk of enforcement is significant, especially as new healthcare delivery models like telehealth and medspas proliferate. Businesses found in violation can face cease-and-desist orders, fines, and even criminal charges for aiding and abetting the unlicensed practice of medicine.

Telehealth in Ohio: Navigating a Dynamic Regulatory Environment

Ohio has made significant strides in expanding telehealth access, particularly in response to the COVID-19 public health emergency. However, its regulations require careful attention, especially for out-of-state providers and those prescribing controlled substances.

General Telehealth Requirements

Ohio Revised Code (ORC) Chapter 4743 and rules from the Ohio State Medical Board (OSMB), Ohio Board of Nursing, and Ohio Board of Pharmacy govern telehealth. Key aspects include:

• Establishment of Patient-Provider Relationship: Ohio generally allows for the establishment of a patient-provider relationship via telehealth, often requiring synchronous audio-visual communication for initial encounters. While audio-only may be permissible for established patients or in specific circumstances, video is often preferred for initial assessments to ensure a comprehensive evaluation. This is crucial for telehealth brands specializing in areas like sexual wellness or mental health, where a thorough initial assessment is paramount.
• Informed Consent: As highlighted in broader telehealth regulations, Ohio requires robust informed consent for telehealth services. This consent must cover the nature of telehealth, potential benefits and risks, privacy considerations, and emergency protocols. It's critical to ensure your consent forms are state-specific and clearly documented.
• Licensure: Providers must be licensed in Ohio to provide telehealth services to patients located in Ohio. This applies universally across all specialties, including physicians, nurses, PAs, dentists, and chiropractors. There are generally no interstate compacts for physicians that would permit practice in Ohio without an Ohio license.
• Documentation: All telehealth encounters must be thoroughly documented in the patient's medical record, including the modality used, the date and time, and the clinical findings and plan.

Medical Board Requirements for Telehealth Providers

The Ohio State Medical Board (OSMB) has specific rules (e.g., Ohio Administrative Code 4731-11) governing the practice of telemedicine. These rules emphasize:

• Standard of Care: Telehealth services must meet the same standard of care as in-person services. This means providers must ensure they have sufficient information to make an accurate diagnosis and develop an appropriate treatment plan via telehealth.
• Patient Evaluation: A proper patient evaluation is required before diagnosis and treatment. While this can often be done via synchronous audio-visual technology, providers must exercise professional judgment to determine if an in-person examination is necessary.
• Prescribing: The OSMB rules address prescribing via telehealth, with particular scrutiny on controlled substances.

Controlled Substance Prescribing Rules

Ohio has strict regulations regarding the prescribing of controlled substances via telehealth, aligning with federal guidelines but often adding state-specific layers. While the federal Ryan Haight Act generally requires an in-person evaluation, the COVID-19 PHE waivers allowed for exceptions. However, as the federal landscape shifts, Ohio's specific rules become even more critical.

• Initial Evaluation: For controlled substances, an in-person evaluation is often required before an initial prescription, unless specific exceptions apply (e.g., during a declared public health emergency or for certain maintenance treatments). Telehealth platforms, especially those in sexual wellness or weight loss that might involve controlled substances, must meticulously adhere to these requirements.
• Prescription Monitoring Program (PMP): Ohio mandates the use of its Ohio Automated Rx Reporting System (OARRS) for all controlled substance prescribing. Providers must query OARRS before prescribing Schedule II opioids or benzodiazepines and periodically for other controlled substances.
• Limits on Prescribing: There may be specific limits on the quantity or duration of controlled substance prescriptions via telehealth, particularly for Schedule II substances. Providers must be aware of these state-specific limitations.

Collaborative Practice and Supervision Requirements

Ohio has clear guidelines for collaborative practice and supervision, particularly for Physician Assistants (PAs) and Advanced Practice Registered Nurses (APRNs). These are highly relevant for medspas and other practices utilizing these mid-level providers.

• Physician Assistants (PAs): PAs in Ohio practice under a supervision agreement with a collaborating physician. This agreement must be filed with the OSMB and clearly delineate the PA's scope of practice, the nature of supervision, and protocols for consultation and referral. The supervising physician retains ultimate responsibility for the PA's actions. For medspas, this means strict adherence to protocols for delegated procedures like injectables or laser treatments, ensuring the PA is competent and the physician is readily available for consultation.
• Advanced Practice Registered Nurses (APRNs): APRNs (including Nurse Practitioners, Clinical Nurse Specialists, Certified Nurse-Midwives, and Certified Registered Nurse Anesthetists) require a Standard Care Arrangement (SCA) with a collaborating physician. This SCA, filed with the Ohio Board of Nursing, outlines the scope of practice, prescriptive authority, and collaboration requirements. Like PAs, APRNs in medspas must operate within the bounds of their SCA and the physician's oversight.
• Delegation: Physicians may delegate certain medical tasks to qualified personnel, but this delegation must be appropriate to the delegate's training and competence, and the physician remains responsible. Improper delegation, especially in medspa settings, is a significant compliance pitfall.

State-Specific Licensing and Registration Requirements

Beyond professional licensure, businesses operating in Ohio must be aware of various state-specific requirements.

• Business Registration: All entities, including MSOs, must register with the Ohio Secretary of State. Professional entities (PCs) for physicians, dentists, or chiropractors also have specific formation requirements.
• Facility Licensing: While not all healthcare facilities require licensure, certain types (e.g., ambulatory surgical facilities) do. Medspas, depending on the services offered, may fall under various regulatory umbrellas, including those related to medical facilities or even cosmetology if certain non-medical services are provided.
• DEA Registration: Providers prescribing controlled substances in Ohio must have both a federal DEA registration and an Ohio-specific DEA registration.

Recent Enforcement Actions and Notable Cases

While specific, publicly detailed enforcement actions against telehealth companies for CPOM violations in Ohio are less frequent than in states like California or New York, the OSMB consistently issues disciplinary actions against individual licensees for various infractions, including improper prescribing, inadequate supervision, and unprofessional conduct. These actions often highlight underlying systemic issues that could implicate business models.

For instance, actions against physicians for inadequate supervision of PAs or APRNs or for improper prescribing of controlled substances are common. These cases serve as a strong reminder that the OSMB is vigilant about maintaining the standard of care and professional accountability, which directly impacts the operational integrity of any healthcare business, especially medspas and telehealth platforms.

The Ohio Board of Pharmacy also actively enforces regulations related to prescription drug dispensing and controlled substances, including those originating from telehealth encounters. Any irregularities in prescribing patterns or pharmacy fulfillment can trigger investigations.

Key Compliance Pitfalls and How to Avoid Them

1. CPOM Violations:

   • Pitfall: MSO agreements that give the non-clinical entity control over clinical decisions, physician hiring/firing, or fee-setting.
   • Avoidance: Meticulously draft MSAs to ensure the professional entity retains absolute clinical autonomy. Ensure MSO fees are at fair market value and not percentage-based fee-splitting.

2. Improper Telehealth Patient-Provider Relationship:

   • Pitfall: Providing care via audio-only when synchronous audio-visual is required, or failing to establish a legitimate relationship before prescribing.
   • Avoidance: Implement clear protocols for initial patient evaluations, prioritizing synchronous audio-visual where required. Train providers on Ohio's specific requirements for establishing care via telehealth.

3. Controlled Substance Prescribing Non-Compliance:

   • Pitfall: Prescribing controlled substances via telehealth without an in-person visit when required, or failing to use OARRS.
   • Avoidance: Develop strict internal policies aligning with federal and Ohio-specific controlled substance prescribing rules. Mandate OARRS checks and maintain comprehensive documentation.

4. Inadequate Supervision/Collaboration:

   • Pitfall: Superficial supervision agreements for PAs/APRNs in medspas or other settings, or delegating tasks beyond their scope or competence.
   • Avoidance: Ensure all supervision agreements and SCAs are robust, filed, and actively implemented. Regularly review and document supervision activities, training, and competency assessments.

5. Billing and Coding Errors:

   • Pitfall: Incorrect use of CPT/HCPCS codes, modifiers, or place of service indicators for telehealth services, leading to claim denials or audits.
   • Avoidance: Stay updated on commercial payer and Medicaid telehealth billing policies. Implement rigorous internal audits and provide ongoing training for billing staff on Ohio-specific requirements.

6. Lack of State-Specific Informed Consent:

   • Pitfall: Using generic consent forms that do not meet Ohio's specific disclosure requirements for telehealth.
   • Avoidance: Customize consent forms to include all Ohio-mandated disclosures. Ensure the consent process is documented.

Comparison with Neighboring States

Ohio's regulatory environment, particularly its CPOM, stands in contrast to some neighboring states:

• Pennsylvania: While Pennsylvania also generally upholds CPOM, its enforcement posture can sometimes be perceived as slightly less aggressive than Ohio's, though still requiring careful MSO structuring. Telehealth regulations are also robust but have seen recent expansions.
• Michigan: Michigan has a less stringent CPOM doctrine, with some exceptions for corporate employment of physicians under specific circumstances, offering slightly more flexibility for certain business models compared to Ohio.
• Indiana: Indiana generally maintains a CPOM doctrine, but like many states, the practical enforcement often allows for MSO models with proper structuring. Telehealth has expanded significantly in recent years, with clear guidelines.
• Kentucky: Kentucky also has a CPOM doctrine, requiring MSO models for compliant operations. Its telehealth laws have also evolved to support broader access, but with specific rules for licensure and patient-provider relationships.

Compared to these, Ohio's stance on CPOM, coupled with its detailed telehealth and prescribing rules, positions it as a state where meticulous compliance planning is non-negotiable. Businesses cannot assume that a model compliant in a neighboring state will automatically pass muster in Ohio.

What This Means For Your Practice

Operating or expanding into Ohio demands a proactive and informed approach to compliance. For telehealth founders and operators, this means:

• Robust Legal Counsel: Engage experienced Ohio healthcare counsel to structure your business model (e.g., MSO agreements) to be CPOM-compliant from day one.
• Provider Licensure: Ensure all providers are properly licensed by their respective Ohio boards before seeing any Ohio patients.
• Telehealth Protocols: Develop and implement state-specific telehealth protocols covering patient-provider relationship establishment, informed consent, documentation, and emergency procedures.
• Controlled Substance Vigilance: If prescribing controlled substances, adhere strictly to Ohio's OARRS requirements and any in-person visit mandates.

For brick-and-mortar practice owners, medspas, dental, and chiropractic practices:

• CPOM Review: Regularly audit your ownership and operational structures to ensure ongoing CPOM compliance, especially if considering new service lines or partnerships.
• Supervision Clarity: Ensure all collaborative and supervision agreements for PAs and APRNs are current, comprehensive, and actively followed, with proper documentation.
• Delegation Policies: Establish clear policies for delegation of tasks, ensuring staff competence and physician oversight.
• Billing Accuracy: Train staff on Ohio-specific billing and coding for all services, including any telehealth components.

For healthcare investors and advisors, due diligence must include a thorough review of target companies' Ohio compliance posture, particularly regarding CPOM, telehealth, and professional practice arrangements. The potential for regulatory enforcement can significantly impact valuation and operational viability.

Ohio's healthcare regulatory landscape is complex but navigable with the right expertise and commitment to compliance. By understanding and proactively addressing its unique requirements, healthcare businesses can establish a strong, compliant foundation for growth and patient care in the Buckeye State.

---

Further Reading

• California's Regulatory Tightrope: Navigating CPOM, Telehealth, and Enforcement in the Golden State
• Navigating the Lone Star Labyrinth: A Deep Dive into Texas Healthcare Compliance
• Navigating New York's Regulatory Labyrinth: A Compliance Roadmap for Healthcare Innovators
• The Compliance Crucible: Navigating CPOM, Telehealth Prescribing, and DOJ Scrutiny in a Rapidly Evolving Healthcare Landscape