On July 10, 2015, the Federal Communications Commission (“FCC”) issued a Declaratory Ruling and Order (“Declaratory Ruling”) in response to 21 separate requests seeking clarification or other action on the Telephone Consumer Protection Act (“TCPA”). The Declaratory Ruling has implications for any entity that utilizes wireless phone numbers for contacting consumers; those most relevant to health care companies are described below.
Congress enacted the TCPA in 1991. The TCPA and its implementing rules prohibit or impose certain limitations on calls to both residential and wireless telephone numbers. In broad strokes, the TCPA prohibits telemarketing calls made using an artificial or pre-recorded voice to residential phones, without prior express consent. The TCPA also prohibits making non-emergency calls using an autodialing system or artificial or pre-recorded voice to a wireless telephone number without prior express consent. If the call to the wireless number includes an advertisement or is considered telemarketing, the express consent must be in writing (otherwise, the express consent may be oral or written). Given the shift of many consumers away from residential phone lines, the implications of the Declaratory Ruling are wide reaching.
The Declaratory Ruling Confirms That Text Messages Are Subject to the TCPA
In the Declaratory Ruling, the FCC affirmed that the TCPA applies to text messages as well as phone calls. Further, in response to a request to exclude Internet-to-phone text messages, the FCC stated that the TCPA would apply to these text messages as well. The FCC refused the argument that the CAN-SPAM Act supplanted the TCPA with regard to these messages, stating that “[n]either the [CAN-SPAM Act] nor legislative history, however, supports the contention that Congress intended the CAN-SPAM Act to be the only regulation to apply to all unsolicited messages.” Thus, the FCC held that the TCPA applies to any form of text message received by a wireless number.
The Declaratory Ruling Provides That Liability Can Attach to Calls Made to Reassigned Numbers After the First Call
The Declaratory Ruling provides clarification related to the calling of reassigned wireless numbers. Several entities requested that liability not attach to organizations calling the number provided by the consumer when it turns out that the number had been reassigned. One organization requested a one-year grace period before liability would attach for such calls. The FCC disagreed, reiterating that the TCPA requires the consent of the current subscriber, not of the intended recipient of the call. The FCC did not find persuasive the argument that, because there is no public directory of wireless numbers, organizations will inevitably call a wireless number that has been reassigned. The FCC did provide that liability should not attach for the first call to a reassigned number, but the caller would be liable for any calls made to that number thereafter. In so holding, the FCC suggested that after the first call, the caller should be aware that the number has been reassigned. Further the FCC held that the caller bears the “burden of demonstrating: (1) that he had a reasonable basis to believe he had consent to make the call, and (2) that he did not have actual or constructive knowledge of the reassignment prior to or at the time of this one-additional-call window . . . .” Notably, the FCC saw no reason to exempt health care calls from this requirement.
The Declaratory Ruling Provides a Limited Exception for Health Care Calls
In response to a petition filed by the American Association of Healthcare Administrative Management (“AAHAM”), the Declaratory Ruling offers specific guidance on calls made by health care providers.
First, the FCC clarified that “the provision of a phone number to a health care provider constitutes prior express consent for healthcare calls subject to [the Health Insurance Portability and Accountability Act (‘HIPAA’)] by a HIPAA-covered entity and business associates acting on its behalf . . . .” However, the FCC emphasized that prior express consent based on the provision of a phone number would only apply to those calls made “within the scope of the consent given.” The FCC also commented that, while the HIPAA Privacy Rule did not define “health care messages,” the HIPAA Privacy Rule does define “health care.” Thus, the FCC emphasized that the exemption applied only to health care messages, not all messages by a provider. As an example, the FCC noted that insurance coverage calls “are not necessarily among the topics in HIPAA’s definition of health care.”
Second, the FCC clarified that if a person is incapacitated, a third-party intermediary could provide the prior express consent for health care calls, but only for the period of incapacity.
Third, the FCC responded to AAHAM’s request that non-telemarketing health care calls be exempted from the TCPA’s “prior express consent” requirement, when those calls would not be charged to the called party. The FCC granted this exemption on a limited basis. Specifically, the exemption would apply to calls that are exigent and made for a health care treatment purpose. The FCC further defined such purposes as “appointment and exam confirmations and reminders, wellness checkups, hospital pre-registration instructions, pre-operative notifications, and home healthcare instructions.”
 The FCC stated that the exemption would apply to calls subject to HIPAA but would exclude calls that include “telemarketing, solicitation, or advertising content, or which include accounting, billing, debt-collection, or other financial content.” While this exemption allows providers to make calls outside the scope of the consent given, there are still significant limitations that need to be in place to meet the exemption. According to the Declaratory Ruling, to meet the exemption, calls must satisfy the following seven conditions:
- voice calls and text messages must be sent, if at all, only to the wireless telephone number provided by the patient;
- voice calls and text messages must state the name and contact information of the healthcare provider (for voice calls, these disclosures would need to be made at the beginning of the call);
- voice calls and text messages are strictly limited to the purposes [when there is exigency and the call has a healthcare treatment purpose]; must not include any telemarketing, solicitation, or advertising; may not include accounting, billing, debt-collection, or other financial content; and must comply with HIPAA privacy rules;
- voice calls and text messages must be concise, generally one minute or less in length for voice calls and 160 characters or less in length for text messages;
- a healthcare provider may initiate only one message (whether by voice call or text message) per day, up to a maximum of three voice calls or text messages combined per week from a specific healthcare provider;
- a healthcare provider must offer recipients within each message an easy means to opt out of future such messages, voice calls that could be answered by a live person must include an automated, interactive voice- and/or key press-activated opt-out mechanism that enables the call recipient to make an opt-out request prior to terminating the call, voice calls that could be answered by an answering machine or voice mail service must include a toll-free number that the consumer can call to opt out of future healthcare calls, text messages must inform recipients of the ability to opt out by replying “STOP,” which will be the exclusive means by which consumers may opt out of such messages; and,
- a healthcare provider must honor the opt-out requests immediately.
In addition to meeting all of the above requirements, the consumer must not be charged for the text messages, i.e., the consumer cannot be charged for receiving the text, and the text cannot count against any plan limits.
Given the restraints and parameters set out by the FCC in its Declaratory Ruling, health care entities should:
- review their policies regarding the collection and use of phone numbers provided by consumers;
- ensure that the processes for collecting phone numbers distinguishes between wireless and residential numbers, when necessary, and that any subsequent use of a wireless number meets the requirements of the Declaratory Ruling;
- review potential methods to make sure that their list of wireless numbers is current and up to date; and
- check the messaging that is taking place in those wireless calls to ensure that the calls are meeting the requirements above.
* * *
This Client Alert was authored by Patricia M. Wagner. For additional information about the issues discussed in this Client Alert, please contact the author or the Epstein Becker Green attorney who regularly handles your legal matters.
In the Matter of Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991, Declaratory Ruling and Order, FCC 15-72, CG Docket No. 02-278, WC Docket No. 07-135, (rel. July 10, 2015).
Id., note 473. The HIPAA Privacy Rule defines “health care” as “care, services, or supplies related to the health of an individual. Health care includes, but is not limited to, the following: (1) Preventive, diagnostic, therapeutic, rehabilitative, maintenance, or palliative care and counseling, service, assessment, or procedure with respect to the physical or mental condition, or functional status of an individual or that affects the structure or function of the body; and (2) Sale or dispensing of a drug, device, equipment, or other item in accordance with a prescription.” 45 C.F.R. § 164.501.