🚀 Module 4: Legal & Compliance Basics

HIPAA, disclaimers, contracts — risk-proof your practice.

⏱️ 60–75 minutes Difficulty: Intermediate
← Back to Homepage
By the end of this module, you will have the legal foundation to protect your practice, set clear client agreements, and avoid compliance risks that could cost you time, money, and reputation.

2. Why It Matters

Without the right legal and compliance basics, even the best coaching practice is vulnerable. A missing disclaimer, unclear contract, or overlooked privacy law can undo years of hard work. This module ensures you create a business that’s safe, professional, and built for growth. Getting these systems in place early means fewer headaches, more trust from clients, and smoother scaling later on.

3. Step-by-Step Guide

1

Secure Your Business Entity

Register an LLC (or equivalent) to separate personal and business liability. This protects your personal assets if legal issues arise.

Pro Tip: File via your state portal or a filing service; add an operating agreement even for single-member LLCs.
2

Lock In Your Client Agreement

Define scope, payments/refunds, cancellations, confidentiality, IP, and limitation of liability in plain language. Require e-signature before starting.

Pro Tip: Include a “no medical diagnosis or treatment” clause and a clear chargeback/refund policy to prevent disputes.
3

Publish Disclaimers Everywhere

Place a health disclaimer on your website footer, intake forms, and the agreement. Redundancy clarifies boundaries and reduces risk.

Pro Tip: Add a short “acknowledge & agree” checkbox to intake forms to capture explicit consent.
4

Privacy & HIPAA Best Practices

If you touch PHI or work with covered entities, follow HIPAA. Even if not required, adopt secure platforms, least-access rules, and BAAs where needed.

Pro Tip: Use HIPAA-ready tools (e.g., SimplePractice; Zoom for Healthcare) and enable MFA + encrypted storage for notes.
5

Insurance & Recordkeeping

Get professional liability (and cyber if storing client data). Keep signed agreements and key messages archived for at least 2–7 years (per locale).

Pro Tip: Create a “matter file” per client (agreement, intake, notes, messages) stored in an organized, access-controlled drive.

4. Examples & Options

Real-World Example: Sarah, a health coach, avoided a refund dispute when a mid-package client quit. Her contract’s clear refund & cancellation clause and signed acknowledgment protected revenue and goodwill.

DIY (Free/Low-Cost)

State LLC filing + reputable contract/disclaimer templates; e-signature via Google Drive or PDF tools.

Mid-Level

HoneyBook/Rocket Lawyer for workflows, e-sign, and vetted clauses; use SimplePractice for secure client records.

Advanced

Hire a health law attorney to localize contracts, privacy policy, and BAAs; add cyber insurance and annual legal review.

5. Common Mistakes to Avoid

  • ❌ Running with verbal “agreements”.
    ✅ Require e-signed contracts before any paid work.
  • ❌ Copy-pasting someone else’s contract.
    ✅ Customize to your services, jurisdiction, and refund policy.
  • ❌ No chargeback clause.
    ✅ Add explicit language about disputes and the process for resolving them.
  • ❌ Storing client notes in unencrypted docs.
    ✅ Use secure platforms with MFA and access controls.
  • ❌ Disclaimers only on the website.
    ✅ Add to intake forms and the agreement with an acknowledgment checkbox.

6. Quick Win Highlight

💡 Quick Win: Add this exact footer disclaimer to your site today:

“The coaching provided is for educational purposes only and is not a substitute for medical diagnosis or treatment. Always consult your physician before starting any wellness program.”

💬 DM Prompt
“Hey [Name]! Do you have a clear refund/cancellation clause and a health disclaimer on your site/forms? I just added both—took 10 minutes and gives serious peace of mind.”
Mark Complete ✅

7. Mini-Implementation Exercise

Copy this mini-worksheet into your notes and check each box today:

  • [ ] LLC filed or entity confirmed
  • [ ] Client agreement template finalized & e-sign ready
  • [ ] Disclaimers placed (site footer, intake, agreement)
  • [ ] Privacy approach chosen (HIPAA/“HIPAA-lite”) + secure tools
  • [ ] Liability insurance quote requested/activated

8. Tools & Resources

LegalZoom

Fast, guided LLC filings and compliance reminders.

Rocket Lawyer

Attorney-vetted templates + e-sign and easy edits.

HoneyBook

Proposals, contracts, invoicing, and automations in one.

SimplePractice

HIPAA-ready client records, scheduling, and billing.

CPH & Associates

Affordable professional liability coverage for wellness pros.

Google Workspace (MFA)

Secure drives, email, and doc controls with multi-factor auth.

9. Checkpoint / Success Criteria

✅ Entity registered & operating agreement saved
✅ Client agreement e-sign flow tested
✅ Disclaimers placed & acknowledged by clients
✅ Secure tools configured (MFA, encryption)
✅ Liability insurance active

10. Summary & Next Step

  • Protect yourself with the right entity, contracts, and disclaimers.
  • Adopt privacy best practices and secure, HIPAA-ready tools.
  • Carry liability insurance and archive signed docs securely.
  • Review annually and update as services evolve.
Next → Module 5 Choosing Your Business Model