Are Medspas Considered “Covered Entities” According to HIPAA?
Actually, yes. It may not be immediately apparent that medical spas and aesthetic practices must remain HIPAA compliant. And since HIPAA violation fees in the extreme can reach up to $1 million, it’s important to know what you are held accountable for. Below is a brief overview of the three main points a MedSpa must be aware of when considering HIPAA and its Privacy Rule: