As healthcare industry innovators work to broaden care access, more stakeholders have entered the arena to contribute capital and expertise to medical business ventures. These efforts have frequently resulted in a type of joint venture—commonly referred to as the “MSO-PC model”— between physician practices and outside business entities not licensed to practice medicine. Through this venture, the back-office functions of the physician practice are handled by an outside management services organization (“MSO”) in exchange for a fee, ostensibly allowing the physicians to remain focused on their patient care duties. Central to the model’s attractiveness is the idea that the physicians can also hold partial ownership in the MSO and participate in its distribution of profits.
The landscape of healthcare legislation imposes certain conditions on financial arrangements that must be satisfied for an arrangement to remain legitimate in the eyes of regulators. The MSO-PC model has been frequently deployed as a way for an outside business entity (with non-physician investors) to participate in the economic benefits of a licensed professional medical practice. But the legitimacy of MSO-PC models has been recently placed under growing scrutiny by the U.S. Department of Justice, renewing several questions for stakeholders, such as:
- How much control can an MSO permissibly exert over the practice of medicine?
- What is the acceptable measure of payment for services provided?
- To what extent can the arrangement withstand regulatory scrutiny (both state and federal)?
At its heart, the MSO-PC model establishes a contractual arrangement between two parties: a lay entity known as the management services organization (“MSO”) and at least one professional entity licensed to practice medicine (“PC”). Under this arrangement, the MSO provides the physician practice with nonclinical management and administrative support services in exchange for an agreed-upon fee. Because the very nature of the model exists to exert some control over a professional medical practice, its validity hinges on existing rules and regulations that prohibit the practice of medicine by non-licensed entities.
General Prohibitions at the State Level
Prohibitions against non-licensed involvement in medicine exist in various forms at the state level [1] and are part of what is now collectively known as the Corporate Practice of Medicine doctrine (“CPOM”). At this time, 33 states have some form of CPOM prohibitions in place. While the prohibitions do vary by state, there are common key themes across jurisdictions, including:
- States generally require a license to engage in the practice of medicine
- Medical entities must be wholly (or predominantly) owned by physicians licensed to practice in that state
- All medical judgment decisions must remain in the hands of licensed professionals
- All revenues generated from patient care must be paid to the medical entity
- Authority over clinical staffing decisions must remain with the physicians
The underlying rationale of CPOM legislation is that medical care provided to patients should be free of undue influence by non-licensed individuals and/or entities who may prioritize profitability over patient care quality. CPOM aims to ensure that the provision of healthcare remains patient-focused and not profit-driven. Penalties for CPOM violations can include [2] significant fines, a physician’s medical license revocation, and exposure to civil lawsuits.
Compliance with CPOM arises most frequently in civil disputes between the MSO and the physicians, with the focus typically centered on the MSO’s control over clinical operations. Some notable case law examples include the following:
- American Academy of Emergency Medicine Physician Group, Inc. v. Envision (California) (2024). AAEM-PG, a physician trade organization, challenged the legality of the MSO-PC model implemented in California by the KKR-owned Envision. At focus was Envision’s control over the hiring, paying, and scheduling of physicians, advertising practices, and payor contract negotiations. The parties ultimately settled on confidential terms with Envision exiting the California market.
- GCM Partners, LLC v. Hipaaline Ltd (Illinois) (2021). GCM, an MSO for medical cannabis telehealth providers, filed suit for wrongful contract termination against Hipaaline, from whom GCM received marketing and technology infrastructure services. In turn, Hipaaline alleged that GCM had violated CPOM rules by improperly splitting its fees with independently contracted physicians. The court ultimately sided with Hipaaline. Of note is the fact that GCM never actually bothered to establish any sort of MSO-PC structure with its affiliated telehealth providers.
- Andrew Carothers, M.D., P.C. v. Progressive Insurance Company (New York) (2019). Dr. Carothers, a radiologist, sued Progressive for denial of insurance claims. Progressive alleged that Dr. Carothers’ PC was fraudulently incorporated because it had improperly delegated control to its landlord, Hillel Sher, from whom it leased all medical equipment and facility space. The New York Civil Court ruled in favor of Progressive and dismissed the complaint. The decision was upheld by both the Appellate Court and the Court of Appeals.
- Allstate Insurance Co. v. Northfield Medical Center (New Jersey) (2017). As part of an investigation into possible illegal insurance claims, Allstate challenged the MSO-PC relationship between Northfield Medical Center, PC and JSM Management Company, Inc. The allegations centered on the MSO’s service agreements, which imposed significant termination penalties and diverted all medical practice profits to the MSO by charging above-market management fees. A $4 million judgement was awarded in Allstate’s favor. The decision was reversed in the Appellate Court but ultimately upheld in the New Jersey Supreme Court.
- Inquiry into Aspen Dental Management, Inc. (New York) (2015). The New York Attorney General (“AG”) launched an investigation into Aspen Dental Management, a private equity-backed company that managed a network of dental practices. Issues under investigation included Aspen's intrusion on patient care, control over practice finances, and receipt of management fees based on a percentage of practice profits. The AG ultimately reached a settlement with Aspen. As part of its assurance of discontinuance, the AG required Aspen to surrender all control of clinical and financial decisions to the practices, cease communications with practice staff about dental care, and switch to a fixed fee structure.
Before considering any regulatory requirements at the federal level, the MSO-PC model must first establish and document a division between clinical and nonclinical duties consistent with the rationale of CPOM. A properly developed management services agreement (“MSA”)—the model’s governing document—must be carefully drafted and provide an unambiguous picture of the parties responsible for clinical and non-clinical functions. All patient care duties should be explicitly and exclusively reserved for the PC and be free of any implicit expectation that the PC will generate business for the MSO or another related entity.
A common problem area for the MSO-PC model is the use of template forms to formalize its division of duties. While the types of services offered by the MSO landscape may be similar, each MSO-PC relationship is unique and should be treated as such in the governing document. Boilerplate documents should be avoided, as any ambiguities surrounding roles and responsibilities will invariably give rise to disputes between the parties.
Another potential problem area often overlooked in the division of duties is the provision of software and related IT. MSOs will frequently provide PCs with non-clinical software for practice management functions (e.g., scheduling, billing), telehealth platforms, and patient outreach. However, when it comes to the provision or licensing of clinical software (e.g., EMR systems), the clinical data must always belong to the PC. The MSA must clearly specify that the MSO’s role is strictly limited to administrative functions (e.g., technical support, non-clinical configurations) and that the PC retains exclusive ownership of, authority over, and unrestricted access to its patient data and clinical configurations. Additionally, the MSO must comply with all applicable HIPAA regulations if it accesses patient data at any time (e.g., during system maintenance) and establish proper privacy protocols through a business associate agreement with the PC.
In addition to establishing a CPOM-compliant division of duties, the MSO-PC model must also navigate existing federal laws and satisfy three compliance thresholds commonly referred to in the industry as “The Big 3”: the Fair Market Value standard, the Volume or Value standard, and the Commercial Reasonableness standard. Our discussion of the federal regulations continues in Part 2.
How Withum Can Help
Withum offers in-depth consulting and forensic accounting services for transactions, arrangements, and disputes across the broader healthcare industry. Whether you require expert assistance for regulatory compliance, strategic advisory, tax planning, financial reporting, or litigation support, Withum’s Healthcare Valuation Services Team is equipped with the requisite knowledge and experience to provide guidance that you can trust.
Contact Us
For more information on this topic, please contact a member of Withum’s Healthcare Services Team.
[1] The prohibitions are found in statutory and regulatory language, medical board decisions, and case law.
[2] CPOM violations in some states (e.g., Texas) can also result in criminal charges.
