Florida only · HIPAA-Compliant Business Associate Currently accepting 5 founding clinics. First 30 days of service free; inspection-ready in 14. BAA signed before any PHI moves.
ProofOps Medical
Medspa · IV · GLP-1 · TRT · Regen — Florida's managed compliance desk

When the state knocks, you hand them one binder. We keep it ready. You keep running your clinic.

Your done-for-you compliance department for Florida: the software collects and organizes, a human reviewer verifies every record against the exact Florida rule, and you approve the rare finding that needs you — a few minutes a week.

17 questions · ~5 minutes · instant score, no email needed to see it — and the 15-min call ends with a written deficiency report either way

From $599/mo founding rate — locked for the first 5 clinics · first 30 days free · public rate $999/mo. Locking now saves $4,800/yr.

Founding Cohort · Summer 2026 — 2 of 5 clinic slots remaining

Live in 7 days. Inspection-ready in 14. The 30-day mark is your money-back guarantee — in writing.

Curious what an inspector would receive? See a 2-page sample of the binder (PDF)

Casiani Gherlan, Chief Compliance Architect of ProofOps Medical Built by Casiani Gherlan, Chief Compliance Architect. He designed the framework; a second compliance reviewer signs off every record before it's filed. A team stands behind your binder.
HIPAA-Compliant Business Associate Florida only Bilingual EN / ES Onboarding 5 clinics this cohort
Why now

The regulatory landscape in Florida has permanently shifted.

Risk 01

Unannounced field inspections are the new normal.

Florida DOH and AHCA increasingly arrive with no complaint and no warning. If you can’t hand them clean logs on the spot, it’s an automatic citation.

Risk 02

Medical directors are a flight risk.

Directors are increasingly wary of personal license liability. If you can’t show them a clean, current operational record every month, many will walk — and your doors close with them.

Risk 03

The insurance trap.

Malpractice carriers can deny coverage for an adverse event if you can’t produce historic exclusion logs and signed protocol reviews. The gap surfaces exactly when you need the policy.

What you actually get

One digital binder. Everything the state can ask for.

We build and maintain a single, inspection-ready digital binder for your clinic — one organized PDF, always current, and signed off by a real person. When a surveyor, a carrier, or an attorney asks, you hand it over or print it on the spot. There’s nothing to assemble. Download a 2-page sample (PDF) →

  • OIG & state exclusion logs
  • Medical director protocols
  • Staff credentialing
  • Good Faith Exam records
  • Biomedical-waste manifests
  • Supervisory agreements
The ProofOps Medical inspection-ready digital compliance binder with the ProofOps shield
How little you actually do

Three steps. Two of them are ours.

1
You · once

Your front desk forwards the files.

Visit notes, licenses, logs — emailed to your dedicated secure inbox. No new login. No integration project.

2
We do this

We review, log, and file every record.

The platform pulls and classifies each document; the verification desk checks it against the exact Florida rule it answers to and signs off before it’s filed.

3
Always

Your clinic stays inspection-ready.

The binder is never “being prepared.” It’s always current — the moment anyone asks.

What the free audit opens on

You're not behind because you're careless. You're behind because Florida built the rules to bury you.

Your medical director lives 40 miles away, in a non-contiguous county.

Under § 458.348, that can quietly void your entire supervisory relationship — and you find out when an investigator does, not before.

A patient reacts — and a plaintiff's attorney asks for the Good Faith Exam.

If it wasn't documented before the injection, by a qualified provider — to the Board of Medicine, it never happened. That single gap turns a complaint into a settlement.

Your charts look fine — until your carrier or AHCA actually reads them.

An unsigned consent. No supervisory protocol on file. An OIG-excluded contractor nobody screened. The gaps that void coverage and invite a § 456.073 complaint are never the ones you're watching.

There's a knock at the front desk. It's an AHCA surveyor.

You have minutes, not days. Do you know — right now — where the HCC license, the GFE charts, and the waste manifests are? Or does the search start while they watch?

None of this means you run a bad clinic. It means Florida's rules were built to catch the owner carrying all of it alone.

Take the free 17-question audit — instant score

~5 minutes · written report · no email needed to see your result

Your first 14 days

Live in 7 days. Inspection-ready in 14. Defended every day after.

Not onboarding you run yourself — a white-glove migration our operation runs for you, fast. The automation moves at machine speed; the 30-day mark is purely your money-back guarantee.

Day 7 · Your compliance desk goes live

Your workspace is live, your files are flowing in, and the audit is already running.

You forward documents by email — or grant read-only, revocable access where you'd rather we pull records ourselves. No new software for your team. The platform ingests and classifies every record; the architect-designed framework maps each one to the exact Florida rule it answers to — and surfaces every gap before anyone else does.

Day 14 · 100% inspection-ready

Every license, protocol, GFE, and manifest — verified, signed off, and formatted to AHCA's standard.

Two weeks in, every gap is closed and your inspection pack is assembled — one bound, date-stamped PDF, digital and ready to print. The exact pack a surveyor asks for, built before anyone asks.

Day 31+ · Continuous Defense Mode

The system defends you every day after — monthly OIG exclusion screening, RN/NP license-expiry tracking, and monthly bio-waste manifests, logged automatically.

Surfaced to you only when something genuinely needs your signature. You stop managing compliance — you approve it.

The 30-day guarantee

We execute in 14 days — the 30-day window is your ironclad money-back guarantee. If your clinic isn't locked down by day 30, every dollar comes back. The Chief Compliance Architect and a second reviewer stand behind every page.

Why owners pick ProofOps over the national tools

Three things the national tools can't do for a Florida clinic.

This is what Friday looks like when compliance is handled.

P
ProofOps Compliance Desk
4:45 PM · Friday
Hi Dr. Reyes — your team forwarded this week’s GLP-1 visit notes. We’ve reviewed and logged them and refreshed your AHCA binder. You’re inspection-ready. One protocol needs your signature; it’s in your inbox. Have a great weekend!
Illustrative — an example of the weekly update you receive
The product, not a promise

See exactly what you're buying.

We run it; you watch it. A live readiness view you can open any time — and when an inspector shows up, the bound pack is one click.

Your live readiness view
The live ProofOps readiness dashboard showing the clinic's compliance score and what is handled versus pending

Check on everything, live, anytime. Your score, what's handled, and the few things waiting on you — from your phone.

One-click inspection pack
The one-click inspection pack screen that assembles the bound, bookmarked PDF an AHCA surveyor receives

Inspection at the door? One click. The bound, date-stamped pack — cover letter, exhibits, source documents — ready to hand over.

Want the full tour? See every check in the 32-point framework → · 2-page sample binder (PDF)

For the medical director

You carry the liability. We carry the paper trail that defends you.

In Florida, the supervising physician owns the clinical and legal exposure for everything the clinic does — every Good Faith Exam, every standing order, every delegated injection. ProofOps is your operational malpractice policy: continuous, remote, time-stamped proof that the supervision actually happened.

§ 458.348 · the 25-mile rule

A geographic technicality never invalidates your supervision.

We verify your primary-practice location against the 25-mile / contiguous-county boundary, document it, and flag the day it stops being true — before an investigator does.

Remote oversight

Every GFE and standing order, in real time, from your phone.

A dedicated medical-director portal shows what's been performed, by whom, and what's still awaiting your review. Sample, co-sign, and request revisions remotely. Your oversight is provable, not assumed.

Defensible on demand

When a § 456.073 complaint names you, the defense is already built.

Chart-review records, the supervisory agreement, and standing orders are assembled and date-stamped in advance. You don't reconstruct your defense under a 20-day clock — you hand it over.

The guarantee

When the door opens, you're already defensible.

One bound pack. Every exhibit a Florida surveyor, a Board investigator, an OCR auditor, or a plaintiff's attorney can demand — current, formatted, date-stamped. You press one button, or hand over one binder. There's no scramble, because there's nothing left to assemble.

Operational lock-down

Your defensibility isn't a feature you switch on. It's the baseline state we hold for you.

Licenses tracked to the day. Supervisory geography verified against § 458.348. Every GFE, consent, exclusion screen, and manifest where it belongs. The binder is never "being prepared" — it is always ready, the moment anyone asks.

In writing, every engagement
  • Inspection-ready in 14 days; a 30-day money-back guarantee. We deploy fast — but if your clinic isn't locked down within 30 days, every dollar you've paid comes back, in writing.
  • Cited? We defend the paperwork. On any surface we manage, we assemble the response and every exhibit, at no extra cost.
  • A name and a direct line. An inspection or citation is answered in under an hour — never a ticket queue.
  • Yours to keep. Leave whenever, with a clean export of the whole binder, MD pack, and audit trail.
Read the guarantees in full
Casiani Gherlan, Chief Compliance Architect of ProofOps Medical
A note from the Chief Compliance Architect

I built ProofOps because Florida medspa owners deserve a real compliance department, not another tool to run themselves.

I'm Casiani Gherlan, Chief Compliance Architect. I designed the framework logic and the system that runs it — for one reason: to keep Florida medspas open, licensed, and out of the next AHCA news cycle. The whole point isn't to hand you another tool to run. It's to make sure that when an inspector, investigator, or carrier shows up — you stay in business.

Read the founder story & mission

Start free

Two free ways to see where you stand.

No commitment, no card. Get a read on your Florida compliance posture in minutes.

The math nobody shows you

What a gap costs vs. what the desk costs.

$10,000+

per claim in civil penalties — plus treble damages — for services tied to one unscreened excluded staffer. Strict liability. 42 USC § 1320a-7a

$500,000

maximum FIPA penalty when a breach notification misses Florida's 30-day clock. § 501.171(9)

$599/mo

the founding-rate desk that keeps every one of those surfaces defensible — run for you, signed off by a second reviewer.

The cheapest line item in your clinic is the one that makes everything else defensible.

Founding Cohort · Summer 2026 · 2 of 5 slots

Hand your compliance to a department that handles it for you.

On a free 15-minute call we'll walk through where you're exposed — AHCA, supervisory, GFE, OIG, OSHA — and you walk away with a written deficiency report whether or not you sign with us.

30 days free, then $599/mo founding — locked for life. Public rate $999/mo once the 5 seats fill — locking now saves $4,800 a year. Day-30 money-back guarantee.

The audit takes ~5 minutes and shows your score instantly — no email needed to see it.

Florida only. Capped at 5 founding clinics this cohort. HIPAA BAA signed before any PHI moves.

The things owners ask first

Quick answers.

Does this replace my medical director? +

No. ProofOps is the managed compliance desk that proves the work your MD, OSHA consultant, and attorney perform was actually performed and stored — with every framework mapped to the controlling Florida statute (§ 458.348, § 400.9905, Rule 64B8-9.009). We don't provide clinical supervision or legal advice; we make sure the people who do have airtight records.

Do I need an AHCA Health Care Clinic license? +

Generally yes, if your medspa is not 100% physician-owned. Florida § 400.9905 and AHCA Rule 59A-33 require an HCC license for non-physician-owned clinics offering health services for compensation. We help you document either licensure or your exemption letter. More on the AHCA HCC license →

Will this work with my EMR / practice-management tool? +

Yes. ProofOps runs alongside whatever you already use — Aesthetic Record, Boulevard, Symplast, PatientNow, anything. Documents flow in via web upload, SMS, or a dedicated email inbox you pick. Direct EMR API integrations for pre-appointment GFE checks are on the roadmap.

How does pricing actually work? +

From $599 / month for a founding-cohort single FL location — first 30 days free, then the $599/mo founding rate locked (public rate $999/mo once the first 5 clinics are filled). The one-time Historical Compliance Migration & Audit is $1,195 for founding clinics ($1,795 at the public rate), invoiced at signing — and it's exactly what the day-30 money-back guarantee refunds if we miss. Multi-location and high-volume IV / GLP-1 / TRT clinics are custom quoted. Full pricing & what's included →

I already have an office manager who handles our binders. +

Keep her — she just stops being alone on it. We take the chasing, verifying, statute-mapping, and monthly screening layer; she gets a second set of eyes on everything she files and a binder that's always assembled. Most clinics redeploy those hours back to patients — and if she ever leaves, your compliance doesn't walk out the door with her.

How much of my team's time does this actually take? +

About 90 minutes total at onboarding (signing the BAA, handing over the roster and documents), then a few minutes a week: your front desk forwards documents to your dedicated inbox, and you approve the occasional finding with one tap. We chase everything that's missing — that's the job.

Who sees our patient data? +

A Business Associate Agreement is signed before a single document moves — that's a legal obligation, not a promise. Records are encrypted in transit and at rest, isolated per clinic, and seen only by the reviewers assigned to your account. Your data is never sold or shared, and if you leave, you take a complete export and we delete on request. Full security detail →

More: Florida compliance guide · Compared to MedTrainer / Compliancy Group / Moxie · Security & HIPAA

$599/mo founding · 30 days free · 2 of 5 slots left
Get my free audit score