Why a working vocabulary matters
DTC telehealth pulls vocabulary from medicine, software, marketing, regulation, finance, and operations. A founder evaluating a vendor needs to understand what BAA, PHI, EPCS, and FHIR mean in the same conversation. A clinical lead needs to follow CPOM, MSO, FIB-4, and PHQ-9 across the same operating week. A marketing lead needs to navigate TCPA, FTC, LegitScript, and GEO inside the same campaign.
The brands that move fastest have a working vocabulary across the whole stack. This glossary is the reference: 75 terms, plain-language definitions, and operator context for each.
The terms are grouped into six categories for easier reference: business model, clinical and operational, technology and infrastructure, regulatory and compliance, marketing and growth, and financial and metrics.
For the related foundational view, see Getting Started with Telehealth: A Complete Guide and What Is a Telehealth CRM? A Simple Guide for Clinics.
Business model and operational structure (15 terms)
1. DTC telehealth (Direct-to-Consumer Telehealth) A telehealth model where the brand markets and sells directly to patients, typically cash-pay, often subscription-based. Distinct from employer- or payor-sourced telehealth.
2. White-label telehealth platform Underlying telehealth software a brand uses to run intake, clinical workflow, billing, pharmacy, and patient experience under its own brand identity. The brand controls the experience; the platform handles the infrastructure.
3. MSO (Management Services Organization) The corporate entity that provides non-clinical services (technology, marketing, billing, operations) to a professional corporation. In DTC telehealth, the MSO often owns the brand and platform.
4. PC or PA (Professional Corporation or Professional Association) The clinical entity that employs licensed providers and delivers care. In DTC telehealth, the PC contracts with the MSO under an MSA. The PC is owned by licensed clinicians for compliance with state law.
5. Friendly-PC structure A common DTC telehealth legal structure where the PC is owned by a licensed clinician but operates in close coordination with the MSO under an MSA. Designed to comply with corporate practice of medicine restrictions.
6. CPOM (Corporate Practice of Medicine) Legal doctrine in many states that restricts corporate ownership of medical practices. Shapes how DTC telehealth brands structure their PC and MSO relationships. Increasingly enforced in 2026.
7. MSA (Management Services Agreement) The contract between the MSO and the PC that defines the scope of services, fees, and operational relationship. A core legal document for any DTC telehealth brand.
8. Subscription telehealth A telehealth program where the patient pays a recurring fee (monthly, quarterly, annual) for ongoing care, often including provider access, medications, labs, or other services.
9. Cash-pay model A telehealth program in which the patient pays directly, usually without insurance involvement. Common in DTC.
10. Hybrid model A program that combines cash-pay and insurance, or virtual and in-person care.
11. B2B2C telehealth A telehealth program delivered to consumers through an intermediary buyer, such as an employer or benefit plan. Distinct from pure DTC.
12. Membership program A patient relationship in which the patient pays a recurring fee for access to a bundle of programs, labs, provider visits, and portal features, rather than a single condition program. Increasingly common in 2026.
13. Multi-program platform A telehealth brand that operates more than one program (e.g., GLP-1, hair, sexual health, HRT, longevity) under one operating system and often one membership relationship.
14. White-label vs. private-label vs. branded Generally interchangeable terms for the brand running its own identity on top of underlying platform software.
15. Telehealth modality The format of care delivery: synchronous video, asynchronous messaging, audio-only, or hybrid combinations.
For the related business-model context, see DTC Telehealth Business Model: Cash-Pay, Insurance, Subscription, or Hybrid?.
Clinical and operational (16 terms)
16. EHR (Electronic Health Record) The clinical record system that stores patient charts, notes, history, prescriptions, and lab results. The clinical core of a telehealth operation.
17. Intake form The structured questionnaire a patient completes before clinical evaluation. Captures identity, history, risk factors, eligibility, and goals.
18. Provider review The clinical decision step where a licensed clinician reviews intake, decides eligibility, and approves or refuses care. Can be synchronous or asynchronous.
19. Asynchronous (async) care Care delivered through messaging, chart review, and provider notes outside of a real-time visit. Common in DTC for routine medication management.
20. Synchronous care Care delivered in real time via video or audio. Standard for evaluations, complex cases, and most therapy.
21. ePrescribe / EPCS (Electronic Prescribing of Controlled Substances) The electronic transmission of prescriptions. EPCS is the version that meets DEA requirements for controlled substances.
22. PDMP (Prescription Drug Monitoring Program) State-run electronic database that tracks controlled substance prescriptions. Federally encouraged for query at every controlled-substance prescription.
23. Refusal pathway The clinical and operational process by which a provider declines to prescribe or treat, with a respectful redirect to alternative resources.
24. Titration The process of adjusting a medication dose over time based on clinical response and side effect tolerance. Central to most GLP-1, HRT, and psychiatric medication programs.
25. Refill operations The workflow that handles ongoing medication refills, including provider approval, pharmacy transmission, patient communication, and exception handling.
26. Patient portal The patient-facing application that shows messages, appointments, lab results, prescriptions, billing, and educational content. The daily relationship surface.
27. Care coordination The ongoing operational and clinical work that connects providers, labs, pharmacies, and patients across the care arc.
28. Clinical protocol The documented clinical decision rules for a program, including eligibility criteria, treatment approach, monitoring cadence, and escalation triggers.
29. PRO (Patient-Reported Outcome) A measurement of health or function reported directly by the patient, often through validated instruments. Standard in modern measurement-based care.
30. Measurement-based care A clinical practice that uses standardized outcome measures (often PROs) to guide treatment decisions and demonstrate program effectiveness.
31. Multi-state licensure The practice of operating clinicians who hold licenses in multiple states, often coordinated through interstate compacts (IMLC for physicians, PSYPACT for psychologists, Counseling Compact for counselors).
For the broader clinical layer, see Clinical Protocols for DTC Telehealth: What to Standardize Before Your First Patient.
Technology and infrastructure (15 terms)
32. API (Application Programming Interface) The technical interface that lets one software system talk to another. The breadth of a telehealth platform's API determines what can be built around it.
33. FHIR (Fast Healthcare Interoperability Resources) The modern standard for exchanging healthcare data. A platform's FHIR support is one signal of how interoperable it actually is.
34. Webhook A real-time event notification from one system to another. The depth of webhook coverage on a telehealth platform determines what workflows can be automated.
35. SDK (Software Development Kit) A set of tools and libraries that lets engineers build on top of a platform. SDK-first platforms enable deep customization.
36. SSO (Single Sign-On) A pattern where users authenticate once and access multiple systems. Important for employer-channel telehealth, multi-platform operations, and provider experience.
37. Magic link An authentication pattern where the user clicks a one-time URL sent to email or SMS to access an account. Used widely in modern telehealth onboarding and session resume.
38. EMR vs. EHR EMR (Electronic Medical Record) historically referred to a single practice's clinical record system. EHR (Electronic Health Record) refers to a system designed to share information across providers. In practice, the terms are often used interchangeably; EHR is the more common modern usage.
39. Headless architecture A pattern where the underlying platform provides APIs and data without dictating the user interface. Headless telehealth platforms allow brands to build fully custom patient experiences.
40. Multi-tenant A software architecture where multiple customers share the same underlying infrastructure with logical separation. Standard for cloud SaaS platforms.
41. Subprocessor A third-party vendor that processes data on behalf of the platform provider. Telehealth platforms typically maintain a published list of subprocessors that handle PHI.
42. Audit log A timestamped record of who accessed what data when. Required by HIPAA and a key compliance artifact.
43. Ambient AI / ambient scribe An AI tool that listens to a clinical encounter and produces a structured chart note. The most widely adopted AI category for telehealth in 2026.
44. Agentic AI An AI system that takes action across workflows, not just summarizes. Examples in telehealth: intake automation, support agents, follow-up coordination, refill orchestration.
45. LLM (Large Language Model) A type of AI model trained on large text datasets (e.g., GPT, Claude, Gemini). The foundation for most modern AI features in telehealth.
46. RAG (Retrieval-Augmented Generation) An architecture where an AI system retrieves relevant information from a knowledge base before generating a response. Used in clinical AI to ground responses in verified sources.
For the related infrastructure work, see DTC Telehealth Tech Stack: What You Need Before Your First Patient Starts Care.
Regulatory and compliance (15 terms)
47. HIPAA (Health Insurance Portability and Accountability Act) The federal law that governs the privacy and security of protected health information. The compliance floor for any telehealth operation.
48. PHI (Protected Health Information) Health information that can identify an individual. Includes name, address, dates, diagnoses, treatments, and clinical notes. The data class HIPAA protects.
49. BAA (Business Associate Agreement) A contract between a covered entity (or business associate) and a vendor that handles PHI on its behalf. Required by HIPAA.
50. SOC 2 A widely used framework for evaluating the security, availability, confidentiality, processing integrity, and privacy of a service organization. Often required by enterprise customers and serious B2B telehealth partners.
51. 503A pharmacy A traditional compounding pharmacy regulated primarily by state boards of pharmacy, dispensing patient-specific prescriptions.
52. 503B outsourcing facility A larger-scale compounding facility regulated by the FDA, allowed to produce drugs without patient-specific prescriptions under defined conditions.
53. Ryan Haight Act The federal law that generally requires at least one in-person medical evaluation before prescribing a controlled substance. Suspended for telemedicine controlled-substance prescribing during the COVID public health emergency; the suspension is currently extended.
54. DEA telehealth flexibilities The set of policies allowing telemedicine prescribing of controlled substances without a prior in-person visit, extended through December 31, 2026. A permanent rule is in progress.
55. EPCS Electronic Prescribing of Controlled Substances. Defined process and identity verification requirements for controlled-substance ePrescribing.
56. TCPA (Telephone Consumer Protection Act) The federal law that governs marketing calls and text messages. Particularly relevant for SMS marketing in telehealth, with steep per-violation penalties.
57. CAN-SPAM The federal law governing commercial email. Requires truthful subject lines, valid postal address, and working unsubscribe.
58. FTC Endorsement Guides FTC guidance on testimonials, endorsements, affiliate compensation disclosure, and what constitutes a "typical" experience. Recently amended with stricter standards.
59. State AG enforcement Enforcement by state attorneys general under state unfair-or-deceptive-practices statutes. In 2026 the most active enforcement layer for DTC telehealth advertising.
60. Corporate Practice of Medicine (CPOM) See entry 6. Increasingly enforced in 2026 through state lawsuits.
61. Compliance posture The overall set of policies, procedures, contracts, and controls a telehealth brand maintains to meet legal and regulatory requirements.
For the related compliance work, see HIPAA-Compliant Telehealth Software in 2026: What That Actually Means and DEA Telehealth Controlled-Substance Flexibilities Extended Through 2026.
The Real 2026 Peptide Timeline
Removal from Category 2 is the first gate, not the last. The path from April 2026 to a legally compoundable peptide runs through the PCAC meeting, an FDA determination, and 503A Bulks List inclusion.
- 1April 22, 2026Complete
Removed from Category 2
BPC-157, TB-500, KPV, MOTs-c, Semax, Epitalon, and DSIP exit the FDA's significant-safety-concerns list. Compounding still not authorized.
- 2July 9, 2026Upcoming
Public comment deadline
Final day to submit comments to docket FDA-2025-N-6895. Comments after this date are not presented to the committee.
- 3July 23-24, 2026Upcoming
PCAC meeting at White Oak
Pharmacy Compounding Advisory Committee reviews and votes on adding peptides to the 503A Bulks List. Day 1 covers BPC-157, KPV, TB-500, MOTs-c. Day 2 covers DSIP, Semax, Epitalon.
- 4Post-meetingPending FDA
FDA determination
FDA reviews the PCAC recommendations and publishes a determination, typically through a notice or proposed rule. Usually months, not days.
- 5503A Bulks ListPending FDA
Compounding becomes legal
Once a peptide is formally included, licensed 503A pharmacies may compound for individual patients with a valid prescription, subject to the rest of the framework.
Marketing and growth (8 terms)
62. GEO (Generative Engine Optimization) The discipline of optimizing content so AI answer engines (ChatGPT, Claude, Perplexity, Gemini, AI Overviews) cite the brand as the answer.
63. AEO (Answer Engine Optimization) A near-synonym for GEO, emphasizing optimization for AI-driven answer experiences.
64. SEO (Search Engine Optimization) The discipline of optimizing content to rank in traditional search engines.
65. CRO (Conversion Rate Optimization) The discipline of improving the rate at which visitors complete a desired action (intake completion, checkout, etc.).
66. LegitScript A certification organization that telehealth platforms and pharmacies use to demonstrate legitimacy for advertising on Meta, Google, and other platforms.
67. Pharma authorization Platform-level approval (typically Meta and Google) that a telehealth or pharmacy advertiser must obtain to run prescription-related ads.
68. Special Ad Category Meta's classification for certain ad categories (including health) that triggers additional review and audience-targeting restrictions.
69. Affiliate and creator program A growth channel in which third-party partners (affiliates, influencers, content creators) drive patient acquisition in exchange for compensation. Heavily regulated in 2026.
For the related marketing work, see Marketing Your GLP-1 Program in 2026 and Generative Engine Optimization for Telehealth.
Financial and metrics (6 terms)
70. CAC (Customer Acquisition Cost) The fully-loaded cost of acquiring one new patient, including paid media, content, and other channel costs.
71. LTV (Lifetime Value) The total expected revenue from a patient over the relationship, often discounted by margin and time.
72. LTV / CAC A common health ratio for subscription telehealth. Targets vary by program; LTV/CAC of 3x or higher on gross margin is a common operator benchmark.
73. Churn The rate at which patients leave the program over a defined period. Month-two churn is a particularly important measurement window in many telehealth programs.
74. ARR / MRR (Annual / Monthly Recurring Revenue) The annualized or monthly subscription revenue base. Standard metric for subscription telehealth businesses.
75. Refund rate The rate at which patients receive refunds. A guardrail metric for conversion and recovery campaigns; rising refund rates often signal the wrong patients being pushed through the funnel.
For the related metrics work, see Subscriber Growth vs. Patient Quality: The DTC Telehealth Metrics That Actually Matter in 2026 and The Weekly Telehealth Ops Dashboard: 12 Metrics Leadership Should Actually Review.
FAQs
What is the most important term for a new founder to understand? The legal structure terms (MSO, PC, MSA, friendly-PC, CPOM) shape the entire business. Get these right early.
What is the difference between an EHR and a white-label telehealth platform? An EHR is the clinical-record system. A white-label telehealth platform usually includes the EHR plus intake, payments, patient portal, scheduling, ePrescribing, and integrations.
What is the difference between asynchronous and synchronous care? Asynchronous care is delivered through messaging, chart review, and notes outside real time. Synchronous care is delivered live via video or audio.
Is HIPAA compliance enough for a serious telehealth operation in 2026? HIPAA is the floor. Most serious operators also maintain SOC 2 Type II, state-specific compliance, and increasingly readiness for employer-channel and enterprise customers.
Why does CPOM matter? Corporate practice of medicine restrictions in many states shape how DTC telehealth brands must structure their PC and MSO relationships. Recent enforcement makes structure a top-tier diligence item.
What is ambient AI? An AI tool that listens to a clinical encounter and produces a structured chart note. The most widely adopted clinical AI category in 2026.
What is GEO? Generative Engine Optimization. The discipline of optimizing content to be cited by AI answer engines like ChatGPT, Claude, and Perplexity.
What is LegitScript? A certification organization that telehealth platforms and pharmacies use to demonstrate legitimacy for advertising on Meta and Google.
Implementation suggestion
A practical way to use this glossary:
- Print or save it as the team reference
- Add brand-specific terms unique to the program (e.g., the specific name of the brand's program, the brand's clinical advisor language)
- Refresh quarterly as the category evolves (new regulatory terms, new platform categories)
- Use it in onboarding for new hires, particularly in marketing, sales, and operations roles
A clinical glossary maintained well becomes both a brand artifact (cited in content, referenced in onboarding) and a quietly powerful trust signal for sophisticated readers.
Final takeaways
A working vocabulary across clinical, technical, regulatory, marketing, and financial dimensions is what separates fast-moving DTC telehealth brands from slow ones.
What to remember:
- DTC telehealth pulls vocabulary from at least six distinct domains
- The legal structure terms (MSO, PC, MSA, friendly-PC, CPOM) are foundational and increasingly enforced
- The clinical terms (intake, provider review, async, titration, refill operations) shape day-to-day work
- The technology terms (API, FHIR, webhook, agentic AI, ambient scribe) shape platform decisions
- The regulatory terms (HIPAA, BAA, EPCS, TCPA, 503A/B) shape compliance posture
- The marketing terms (GEO, SEO, CRO, LegitScript) shape acquisition strategy
- The financial terms (CAC, LTV, LTV/CAC, churn, refund rate) shape business decisions
- A glossary is a small artifact that quietly compounds team speed and credibility
A team fluent in this vocabulary moves through vendor conversations, regulatory updates, and category shifts faster than a team that has to look every term up. The investment in shared fluency pays back daily.
The right time to make this part of the team's foundation is during onboarding, before the next big decision lands.