Skip to content
RegenCompliance
All articles
Photo compliance

Before-and-After Photos: The FDA, FTC, HIPAA, and Platform Rules Nobody Talks About

Before-and-after photos are the most regulated visual in healthcare marketing - four overlapping regimes govern them simultaneously (FTC Endorsement Guides, FDA intent-of-use, HIPAA consent, platform ad policies). This is the complete compliant-photo protocol.

10 min readBy RegenCompliance Editorial, FDA/FTC compliance desk

Before-and-after photos convert. They also draw more FTC attention than any other visual format in healthcare marketing. Four separate regulatory regimes touch every before-and-after photo at once - the FTC Endorsement Guides, FDA intent-of-use rules, HIPAA consent requirements, and the healthcare-specific policies of Meta, Google, and TikTok. Most clinics comply with zero of them.

This post is the operator’s manual: the four regimes, the specific mechanics of each, what a compliant photo package looks like, and the exact disclosures that go on every image.

Regime 1 - FTC Endorsement Guides

The FTC’s Endorsement Guides (16 CFR Part 255) are the operative rules for any testimonial, case study, or outcome presentation in advertising. Before-and-after photos fall squarely under this framework.

Core requirement: typical-experience disclosure

If your photo depicts an outcome presented as typical of your patients, you must have substantiation that it is typical. If the outcome is atypical (which cherry-picked before-and-afters almost always are), you must include a clear-and-conspicuous disclosure of what the typical result actually is.

Non-compliant

(photo gallery header) "See our amazing results"

Compliant alternative

(photo gallery header) "Patient results. Individual outcomes vary. Typical weight loss in our GLP-1 program is 10-15% of body weight over 6 months; featured outcomes are higher than typical."

Why: Add a header disclosure on every gallery that establishes typical-result expectations. Individual-photo captions then don't have to repeat the whole disclosure.

“Clear and conspicuous” standard

The FTC has been specific: “clear and conspicuous” is actually readable on all devices, not tucked in a footer, not in low-contrast grey-on-grey type, and not hidden behind a click-to- expand. If a reasonable consumer has to hunt for the disclosure, it’s not clear and conspicuous.

Material connection disclosure

If the patient received compensation (cash, discount, free treatment) for the photo or testimonial, you must disclose the material connection. “Featured patient received this treatment at no charge in exchange for consenting to marketing use.”

Regime 2 - FDA intent-of-use

The FDA doesn’t regulate the photo itself, but it does regulate what the photo implies about your procedure. A photo paired with a named disease or condition is equivalent to claiming your procedure treats that condition.

This matters particularly for:

  • Acne, rosacea, melasma, hyperpigmentation photos: these are medical conditions. Paired with your aesthetic procedure, you’re making a disease-treatment claim.
  • Scar-reduction photos: depending on scar type, these can cross into medical-condition territory.
  • Alopecia / hair-loss photos: alopecia is a medical condition; clinic-level hair-loss treatments rarely have FDA approval for the indication.
  • Hyperhidrosis (excessive sweating) photos: medical condition with FDA-approved indications for specific products only.

Solution: reframe the caption from condition language to appearance language. “Acne scar removal” → “improved skin texture.” “Rosacea treatment” → “reduced appearance of redness.”

Regime 3 - HIPAA and patient consent

The patient’s image is Protected Health Information. Even if the face is cropped or blurred, any identifiable feature (a distinctive tattoo, a recognizable setting, a shared context on social media) can be enough to re-identify the patient. A signed HIPAA authorization is required before any clinical image can be used for marketing.

Required elements of the authorization

  • Specific description of what will be used (which photos, in what context).
  • Who will receive the information (clinic, marketing vendor, social platforms, the public).
  • Purpose of use (marketing).
  • Expiration date or event (e.g., “until revoked by patient”).
  • Patient right to revoke, and how.
  • Statement that treatment is not conditioned on signing.

Retain the signed authorization. When the patient revokes (and some will), you need to remove the image from all marketing surfaces within a reasonable time frame. This includes any cached or archived copies you control.

Regime 4 - Platform ad policies

Meta (Instagram/Facebook), TikTok, and Google each have their own before-and-after photo rules that operate independently of federal law. Platform rejection typically happens before a regulator notices a violation, but platform violations are often what regulators cite as evidence when they do.

Meta / Instagram

  • Before-and-after photos are explicitly prohibited for certain body-contouring, weight loss, and cosmetic categories when used in paid ads.
  • Organic content has more latitude but still triggers review when posts go viral.
  • Implying a negative self-image is against policy (“before” images that are framed as undesirable are increasingly rejected).

Google Ads

  • Before-and-after photos for most aesthetic procedures require additional review and are often restricted.
  • Medical claim policies apply regardless of whether the photo is labeled as a testimonial.

TikTok

  • Healthcare advertising is on a restricted category list.
  • Weight loss transformations and body modification content face the strictest review.

Production standards for the photos themselves

Beyond disclosures and consent, the photos have to be taken honestly. The FTC has pursued cases on photo-production grounds even when disclosure was adequate.

  • Same lighting in both photos. Warm vs cool light changes skin appearance dramatically.
  • Same angle, pose, framing. Different angles dramatize the contrast in ways not attributable to the treatment.
  • No digital retouching beyond what’s disclosed. Healing redness can be airbrushed with disclosure; fundamental facial geometry cannot.
  • Disclose the time elapsed. Three weeks vs three years is a different claim.
  • Disclose any concurrent treatments. Weight loss with diet + exercise is a different outcome than weight loss from the drug alone.
A photo that depends on misleading lighting or angle to look impressive is an FTC claim your treatment can’t actually support. The fix isn’t better lighting - it’s different patient selection.

The compliant caption template

Every featured before-and-after image should include, at minimum:

  1. Procedure described in appearance terms (not condition terms).
  2. Time elapsed between the two photos.
  3. Concurrent treatments (diet, exercise, adjunct therapies).
  4. Individual results vary disclaimer.
  5. Typical experience disclosure (either per-photo or per-gallery header).
  6. Material connection disclosure if the patient received compensation.

Example: “Patient age 42. 4 months of medically supervised semaglutide program plus dietary consultation. Patient consented to marketing use. Individual results vary; this outcome is above our typical range of 10–15% body-weight loss at 6 months. Photo taken in identical lighting and pose.”

What to do this week

  1. Audit every before-and-after photo live on your site, socials, and ads. Flag any without typical-experience disclosure, time-frame disclosure, or concurrent-treatment disclosure.
  2. Verify signed HIPAA authorization for each.If you don’t have it, take the photo down immediately.
  3. Replace condition-language captions (acne, rosacea, alopecia) with appearance-language captions (skin texture, redness, hair density).
  4. Add a gallery-header disclosureif your gallery pages don’t have one.
  5. Update your testimonial-solicitation workflow to capture consent, concurrent treatments, and time elapsed at the same moment you capture the photo. See the testimonial compliance guide.

Built for this exact problem

Scan your clinic's content before regulators do.

RegenCompliance checks every word of your marketing against live FDA and FTC enforcement data - and rewrites violations automatically. A 30-second scan can save a $50,000–$5M regulatory response.

Apply for betaTry the free demo

Related in the platform

hub

Data handling & HIPAA posture

Weekly compliance brief

One email a week. New enforcement actions, rule changes, and tactical fixes. No spam, unsubscribe anytime.

We only send one email per week. No marketing blasts.

Keep reading

FDA Warning Letters at a 25-Year High: What Every Healthcare Practice Needs to Know in 2026

More than 200 FDA warning letters hit healthcare practices in 2024 - the highest volume in a quarter century. Here is what is being flagged, why regenerative medicine and med spas are on the front line, and what a defensible marketing program looks like now.

Read article

How a Single Social Media Post Can Become a Multi-Million-Dollar FTC Settlement

Multi-million-dollar FTC settlements against stem cell and regenerative medicine clinics now routinely start with a single Instagram caption or Facebook testimonial. Here is how that chain actually works - and the four places clinics lose control of it.

Read article

Structure/Function Claims vs. Disease Claims: The One FDA Distinction That Determines Whether Your Marketing Is Legal

One line separates legal marketing from a warning letter: the difference between a structure/function claim and a disease claim. Most practice owners think they know where the line is. They are usually wrong by one or two key phrases.

Read article