The healthcare landscape is ever-changing, and one trend that’s here to stay is outsourcing administrative tasks to medical virtual assistants (VAs). Whether you’re hiring a VA based in the U.S. or overseas, having a solid agreement in place is critical to ensure your practice remains compliant, efficient, and well-protected. After all, a VA could be handling sensitive patient data, dealing with insurance companies, or even scheduling your patients’ appointments.
Here, I’ll break down the essential elements of a contract with a medical virtual assistant, so you can hire with confidence and peace of mind.
1. HIPAA Compliance and Data Security
We can’t start a conversation about medical virtual assistants without addressing HIPAA. It’s non-negotiable that your VA—whether they’re based in the U.S. or halfway across the globe—adheres to HIPAA rules and guidelines.
You’ll need to sign a Business Associate Agreement (BAA) with any VA who will handle Protected Health Information (PHI). In this document, you make clear that they’re responsible for securing any patient data they have access to, whether it’s while they’re scheduling appointments, managing patient records, or submitting claims to insurers.
Practical Example:
Let’s say your VA is handling medical billing. They’re regularly dealing with patient names, insurance IDs, and other sensitive information. The BAA ensures that they understand their legal obligation to protect that data—whether it’s storing it securely, encrypting it, or notifying you immediately if there’s a breach.
But don’t stop there—your contract should go deeper into data security practices. These could include using encrypted email systems, VPNs (Virtual Private Network) for accessing your records remotely, and multi-factor authentication. If your VA is overseas, be especially vigilant, as different countries have varying data protection laws. You want to stipulate regular HIPAA training for your assistant. so there is never a lapse in coverage.
Ideally, it helps if you pay for the VPN and then give access to your virtual assistant: this helps you monitor their activity as well.
Additional Tip: For overseas VAs, make sure they understand the implications of HIPAA even though they are not physically based in the U.S. While they may not be subject to U.S. law in their own country, a breach of HIPAA could have serious consequences for your practice.
2. Clarifying Independent Contractor Status
In most cases, medical virtual assistants are hired as independent contractors, which has several legal and tax implications. As a practice owner, the last thing you want is to inadvertently classify them as an employee—this opens you up to liabilities, including back taxes and penalties. This is usually an issue with virtual assistants located in the U.S. or who identify as a “U.S. person”- who may have tax liability in this country.
Make sure your agreement explicitly states that the VA is an independent contractor and, as such, is responsible for paying their own taxes, securing their own health insurance, and covering any other benefits.
To stay on the right side of the IRS, your contract should indicate that the VA has control over their own hours and workflow. For example, you might need them to respond to patient inquiries within a certain window, but you shouldn’t dictate their daily schedule.
Additional Clause: Non-Entitlement to Benefits
In your contract, specify that the VA is not entitled to employee benefits such as health insurance, PTO (paid time off), or retirement contributions. This protects you from any claims later down the line that they should be treated as an employee.
3. Defining the Scope of Work
Once you’ve clarified their status, you need to get specific about what they’ll be doing. This may sound basic, but you’d be surprised how many contracts leave this part vague, which can lead to misunderstandings down the road.
Start with a detailed description of the tasks the VA is expected to perform. Depending on your practice’s needs, this could include:
- Scheduling and managing appointments
- Handling patient inquiries (via phone or email or secure messages)
- Medical billing and coding
- Verifying insurance coverage
- Managing the EHR system
- Social media or online reputation management (this is becoming more common as practices lean into marketing)
In my previous post, I went over all the varied tasks my virtual assistant handles for the practice. Read here if you want an idea of ALL the stuff that can be outsourced.
Beyond the task list, you should also outline performance expectations. Are they expected to respond to emails within 24 hours? Should billing be submitted daily, weekly, or monthly? You’ll also want to be clear on the quality of work expected. For example, is it crucial that they stay under a 2% error rate when handling billing? Define it early, and you’ll avoid problems later.
Communication Protocol:
It’s also useful to specify communication methods and frequency. What methods will you be using to communicate with each other? We use our measure messaging portal to tag each other for tasks, shared Google documents and Google sheets as well as email. I have Google workspace: the paid version- which keeps emails within the same server encrypted. This is however, not secure for communicating outside the server: and hence I do not interact with patients via email.
Should there be daily or weekly check-ins? We do both, depending on the task. We are in constant communication via these systems, so I have real-time updates on tasks as they get done.
Establishing these protocols up front ensures that both you and your VA are aligned on expectations and workflow.
4. Compensation and Payment Terms
When it comes to compensation, you’ll want to decide whether your VA will be paid hourly, or per task. For example, if your VA is handling a steady stream of patient scheduling and insurance verification, an hourly rate might make the most sense. If they’re being hired for a specific project, like organizing your EHR system, a per-task or per-project fee may be more appropriate.
However, it’s not just about what you pay—it’s about how and when you pay them. Your contract should include clear payment terms, such as:
- Frequency of invoicing (weekly, bi-weekly, or monthly)
- Accepted payment methods (direct deposit, PayPal, Wise, etc.)
- Payment due dates (e.g., payment must be made within 14 days of receiving the invoice)
It’s also a good idea to include an annual cost of living raise, usually in the ballpark of 3-5%, depending on where you started from. If you started at a fairly high rate, the increase can be more modest that if you’re trying to catch someone up- especially if they are valuable to your practice and you would like to retain them.
Discretionary bonuses are also a good idea. It lets you compensate an exceptional member of your team, commensurate with their contribution. This is often tied to a performance metric or how the practice does, in general- because the idea is, everyone is rowing the same boat.
International VAs and Payment Methods
If your VA is overseas, factor in currency exchange rates and possible bank fees. Platforms like PayPal, TransferWise (now Wise), or Payoneer can help manage international payments smoothly, but it’s worth being clear in your contract who will cover any additional transfer fees.
My virtual assistant is paid hourly, for 40 hours a week. I pay her via Wise, once a week, at the end of the week. I’ve found Wise to be seamless and their fees are lower than some other international money transferring options.
5. Termination Clauses
No one likes to think about ending a working relationship before it even begins, but having termination terms in place can save both you and your VA a lot of headaches if things don’t work out.
Your contract should address both termination for cause (e.g., breach of contract, poor performance) and termination for convenience (e.g., either party decides to end the relationship for non-performance-related reasons). Specify how much notice is required for either type of termination. A typical notice period is 30 days, but this can be shorter if the situation calls for it.
Example Clause:
“If either party wishes to terminate this agreement without cause, a written notice of 30 days is required. In cases of a breach of contract, the agreement may be terminated immediately upon written notice.”
Include a clause detailing what happens to any property or data (including patient records) that the VA may have in their possession at the time of termination. All PHI must be returned or securely destroyed per HIPAA regulations.
6. Data Ownership and Intellectual Property
Any work your MVA does for your practice, from creating patient handouts to refining your billing processes, should belong to you. To protect your practice’s interests, include a work-for-hire clause in your agreement. This ensures that anything the VA creates while working for your practice automatically becomes your property.
For example, if your VA creates a patient intake form or helps you develop an online scheduling system, they can’t claim ownership of it later on.
Make sure your contract clearly states that the intellectual property rights for all work performed during the contract are transferred to you upon payment.
7. Time Zones and Language Barriers for Overseas VAs
If you’re hiring an overseas VA, particularly from countries like the Philippines, India, or Latin America, you’ll need to think through time zone differences and language skills.
In your contract, specify whether the VA is expected to work within your practice’s hours or if they can work asynchronously (handling tasks on their own schedule as long as deadlines are met). For most tasks involving patient care, it is imperative that the virtual assistant work during the same hours that the practice is open. Billing-related processes, though may be an exception to this. Or, if you have a VA who is taking care of other types of tasks- like social media management or marketing- things that do not require real-time interaction- it is fine for them to work on their hours.
Language proficiency is another important factor. If your VA will be communicating with patients directly (via phone or email), their English proficiency should be high enough to ensure smooth interactions. Make sure to outline expectations around this in your contract.
8. Subcontracting and Confidentiality
I did not even think about this one until I came across it somewhere. Even though your VA is likely an independent contractor, you might want to restrict their ability to subcontract their work to others without your approval. This is particularly important when it comes to maintaining HIPAA compliance and ensuring that only qualified individuals are handling sensitive information.
At the same time, your agreement should include a confidentiality clause. This goes beyond HIPAA and protects your practice from leaks of proprietary business information, such as financial data, business strategies, or patient lists.
9. Tracking Time Worked: Tools and Best Practices
Since most VAs are independent contractors and often bill by the hour, it’s important to keep an accurate record of how much time they’re spending on tasks. Fortunately, there are plenty of tools designed specifically for remote work that allow you to do just that. Your agreement should specify which tool will be used and how frequently reports will be sent (e.g., daily, weekly).
Set Clear Time-Logging Expectations
In your agreement, clarify how often the VA should log their hours (real-time, daily, or weekly) and provide regular updates.
10. Monitoring Work Performance
Like an other employee you may hire for your practice, monitoring your VA’s performance ensures the quality of that work is up to par.
I like to do the same things I would, if I had in-person employees in my office.
5 minute daily huddles: going over the most pressing issues: anything important or out of the ordinary things expected to happen during the work day. Discuss anything that went wrong the previous day and how we can avoid it next time.
Throughout the day, I give smaller bits of feedback: like the language in a message to a patient or tweaks to the calendar.
If you are less hands-on with the tasks that your V.A. performs, you might want to spot-check their work intermittently, to catch errors or deviations from Standard Operating Procedures (SOPs). This could be as simple as reviewing the details of a few cases or records each week. If issues arise, it gives you a chance to address them early before they become larger problems. You may do this yourself or outsource this to your office manager or someone in a supervisory role.
I aspire to weekly/monthly meetings, but have not been able to implement those consistently. They may be more important in a larger practice- to make sure everyone is steering in the same direction. However, I do make sure to do a written annual performance review.
Dealing with Underperformance
Even with clear monitoring processes in place, you may occasionally find that your VA’s performance isn’t meeting expectations. To handle this, make sure your contract includes a performance review process and opportunities for correction. For example, you might set a plan for improvement with specific targets and a timeline for achieving them. If the issues persist, refer to the termination clause you’ve built into the agreement.
Final Thoughts
Hiring a medical virtual assistant can be a game-changer for streamlining the operations of your practice, reducing your administrative burden, and even improving the patient experience. But to do it right, you need a comprehensive agreement that covers all the bases—from HIPAA compliance to independent contractor status, and everything in between.
By thinking ahead and including these critical clauses in your agreement, you’ll set yourself and your VA up for success—and protect your practice from avoidable risks.
If you want to take a look at the Agreement I wrote up for my virtual assistant, send me an email and I will send it right to your inbox!
