Regulatory Changes to Watch: What DPC Practices Need to Know in 2025

June 9, 2025

•

4 min read

The direct primary care model thrives on simplicity—no insurance billing, transparent pricing, and direct relationships with patients. But that doesn’t mean DPC practices are immune to the shifting tides of healthcare regulation.

As we move through 2025, several regulatory trends could affect how DPC clinics operate, especially in areas like tax treatment, scope of care, employer partnerships, and virtual services.

Here’s a breakdown of what DPC practices should be paying attention to this year—and how to stay ahead of the curve.

1. Tax Treatment of DPC Memberships (Still Evolving)

DPC advocates have been pushing for federal recognition of DPC membership fees as eligible medical expenses for years—and momentum is building.

Why it matters:
Right now, DPC fees are not consistently considered qualified medical expenses under IRS rules, which limits how patients can use HSAs, FSAs, and HRAs to pay for memberships.

What to watch in 2025:

Potential new IRS guidance or legislative action that explicitly allows HSA funds to be used for DPC memberships
State-level HSA parity or innovation (some states are working around federal limitations)
Growing employer interest in reimbursing DPC memberships via ICHRAs or QSEHRAs—these models may get additional compliance attention this year

Action Step: Stay connected with DPC advocacy groups (like the DPC Alliance or AAFP) for updates, and consult with legal or benefits advisors before structuring employer plans.

2. State-Level Legislation: Licensing, Contracts & DPC Definitions

Several states have now passed DPC-specific legislation that exempts practices from being treated as insurance. Others are considering similar bills or revisions in 2025.

Why it matters:
Your legal standing as a DPC clinic may differ by state. These laws can influence:

Whether your clinic needs to register with the insurance department
How you structure patient contracts
Whether you're allowed to treat Medicaid/Medicare patients under a DPC model

What to watch in 2025:

New or amended DPC laws in states like New York, Massachusetts, and California
Clarifications on hybrid models that blend insurance billing with membership fees
State medical boards introducing more rules on telemedicine, patient handoffs, and concierge vs. DPC distinctions

Action Step: Review your state’s DPC status annually and consider working with a healthcare attorney to update your membership contracts and compliance documents.

3. Telehealth and Cross-State Care Regulations

Telehealth rules were relaxed during the pandemic, but states are tightening again, and federal licensure compacts are still uneven.

Why it matters:
If you offer virtual visits or remote services, you need to ensure:

Providers are licensed in the states where patients are located
You comply with any specific telehealth consent, documentation, or platform requirements

What to watch in 2025:

Updates to the Interstate Medical Licensure Compact (IMLC)—more states are joining, but not all
State-specific telemedicine waivers expiring or becoming permanent
Increased enforcement of out-of-state care restrictions, especially for tele-mental health

Action Step: If your practice serves patients across state lines—even occasionally—consider multi-state licensure for your providers or limiting remote care based on state law.

4. EHR and Data Security Requirements

While DPC clinics may not participate in MIPS or CMS reporting, they’re still expected to meet basic data security standards.

Why it matters:
Ransomware attacks and data breaches are on the rise. Even small practices are being targeted. HIPAA still applies, and states are beginning to pass consumer privacy laws that go beyond federal requirements.

What to watch in 2025:

State-level data privacy laws (especially in California, Colorado, Connecticut, and Washington)
Federal momentum around patient access to records and information blocking
Expectations around interoperability—especially if you refer to outside specialists or labs

Action Step: Make sure your EHR vendor is fully HIPAA-compliant and up to date with state-level privacy standards. Regular staff training and documented security policies are essential.

5. Staffing, Scope of Practice & Nurse Practitioner Autonomy

The primary care shortage is fueling changes to scope of practice laws across the country. In 2025, expect more attention on:

Nurse practitioner (NP) independence: More states may allow full practice authority without physician supervision
Physician assistant (PA) scope: State rules may loosen to allow more independent care
Collaborative agreements: Rules around supervision, co-signing, and patient attribution are in flux

Why it matters:
If your DPC clinic employs NPs or PAs, their roles—and how you bill, supervise, or promote them—may change depending on evolving state law.

Action Step: Revisit your team’s scope and documentation processes at least annually to stay compliant with new rules.

Final Thoughts: Stay Flexible, Stay Informed

One of the biggest strengths of DPC is its flexibility—but that also means the burden is on you to stay ahead of legal and regulatory changes. Don’t wait for enforcement letters or audit requests to find out something changed.

Join state and national DPC networks to stay informed
Build a relationship with a healthcare-focused attorney or consultant
Schedule a mid-year compliance review to catch gaps before they become risks

Staying proactive about compliance helps protect your clinic and reinforces trust with patients and employer partners. Regulation doesn’t have to be the enemy—it can be a competitive edge when you're ahead of the curve.

How OptiMantra Helps DPC Practices Navigate Compliance

OptiMantra’s all-in-one EHR and practice management platform is designed to meet the needs of modern, compliance-conscious DPC providers. Whether you're managing cross-state telehealth workflows, controlling staff access to sensitive health data, or streamlining documentation for advanced practice providers, OptiMantra gives you the tools to stay ahead of regulatory shifts.

HIPAA-compliant and privacy-forward infrastructure
Telehealth and e-visit tools with customizable consent tracking
Role-based permissions for NPs, PAs, and staff
Integrated billing and documentation workflows—even for hybrid models

In a regulatory environment that’s always evolving, having a technology partner that adapts with you is key. Learn more about how OptiMantra supports DPC practices at every stage of growth. Try OptiMantra for free here.

Leonor Keller

Leonor Keller is the President of OptiMantra and a seasoned product leader with years of experience in SaaS and healthcare technology. She is passionate about creating content that helps healthcare practices—especially those just starting out—navigate the complexities of running and growing their business. Her work is driven by a deep appreciation for healthcare professionals and a commitment to supporting their success.

June 11, 2025

4 min read

Why OptiMantra’s Patient Portal Is the Best in Class for Connected, Patient-Centered Care

In today’s on-demand world, patients expect their healthcare experience to be just as connected and convenient as everything else. OptiMantra’s patient portal delivers exactly that — a robust, customizable, and secure digital hub that streamlines intake, messaging, scheduling, and health data sharing. Whether you’re a solo provider or a multi-location clinic, OptiMantra helps you build stronger relationships and provide more proactive, patient-centered care.

Measurement-Based Care: How to Make It Work in Your Office

Measurement-Based Care (MBC) is one of the most powerful yet underused tools in mental health treatment. In this guide, we demystify what MBC is, share research-backed benefits, and walk you through exactly how to implement it—without increasing your team’s workload. From assessment tools to automation tips, you'll learn how to streamline MBC into your daily practice, improve outcomes, and strengthen patient engagement.