Between the stiff competition, the all-out marketing effort, and the must-meet sales goals, Open Enrollment season is stressful enough. The last thing you want to worry about are ever-changing compliance regulations.
Of course, you can’t put these important issues on the back-burner. Doing so risks litigation and jeopardizes all those efforts. That’s why our partners over at ActiveProspect and Contact Center Compliance hosted a webinar seeking to simplify compliance during Open Enrollment.
During “Don’t Get Stung by Litigators: Prepare Your Compliance Checklist for Open Enrollment,” ActiveProspect Sales Director Justin Myers hosted Arvell Craig, Director of Compliance Services at Contact Center Compliance, and Puja J. Amin, General Counsel at Digital Thrive for a discussion on how contact centers can prepare their practice to support performance and compliance during the upcoming Open Enrollment season.
The hour-long discussion touched on an array of important action items for health insurance sales and lead gen teams—from developing consent-based marketing practices to scrubbing for litigators. To get the full benefit of these experts’ analysis, tune into the full webinar here. However, to save you time, we’ve broken down the can’t-miss highlights in the brief recap below.
Preparing for Open Enrollment with a Foundation of Consent
The Center for Medicare and Medicaid Service (CMS) is a federal agency that, among other tasks, provides and enforces a series of rules known as the Medicare Communications and Marketing Guidelines (MCMG). These rules are binding, and they require Medicare Advantage and Part D sponsors to monitor and audit any partner they have a contract with—including lead providers and generators.
Why does all this matter? Well, as you know, the Medicare Annual Enrollment Period (AEP) is a very short window. In 2022, it stretches from October 15 to December 7, and it’s only after October 1 that providers and partners can actually market for upcoming plan years. So, with so much riding on this compressed period of activity, it’s absolutely crucial that marketing and sales work is done compliantly.
Among the CMS Guidelines’ most important stipulations that Puja Amin covered during the discussion were:
- Agents and brokers can use direct mail and email (as long as opt-out methods are offered) to make unsolicited contact with potential customers.
- However, no door-to-door activity and no unsolicited calls are permitted.
- Critically, though, calls are not considered unsolicited if the consumer “provides consent or initiates contact with the plan,” giving PTC, or permission to contact.
Ultimately, this PTC (along with written consent under the TCPA) form the foundation of compliant marketing efforts.
The Scope of Permission to Contact (PTC)
PTC within this health insurance space is quite different from the typical sense of consent within the outbound calling space. Rather than falling under the sphere of TCPA compliance, PTC is specifically governed by the CMS guidelines described above.
How does this affect PTC’s scope? For one, PTC is very limited in scope; it only covers the product that is actually identified in the form or source of PTC (for instance, the business reply cards that are common to the industry). This trait effectively rules out cross-marketing efforts. Additionally, PTC must be given by the individual requesting contact; it cannot, say, be granted on behalf of one’s spouse.
CMS Steps Up Oversight of Marketers
Amin described how the importance of complying with CMS guidelines is only increasing. When the CMS published its latest rules in May 2022, it specifically included independent agents and brokers as well as their referral partners (i.e., lead generators and digital marketers) in its oversight protocols for Third-Party Marketing Organizations (TPMOs).
“Carriers now have a responsibility to have oversight of every single one of their lead generators and digital marketers,” Amin said. “That means, for you lead generators and sellers out there, you too need to be able to comply with PTC and ensure that your partners understand what measures you’re taking to be compliant with these new CMS guidelines.”
PTC vs. TCPA: When Is Written Consent Required?
Although the importance of following CMS guidelines around PTC is greater than ever, lead generators, buyers, and marketers still need to keep their eye on TCPA compliance during Open Enrollment. Amin discussed the different cases in which written consent is required under the TCPA. These include:
- Any call made to a cell phone (including business cell phones) using automated or prerecorded voice technology and that contains marketing content.
- Any call made to a residential landline using a prerecorded or artificial voice and containing marketing content.
- Any call made to a residential landline on the DNC list for marketing purposes unless the caller has an established business relationship or is responding to an inquiry.
- Any prerecorded call to a residential landline in excess of the TRACED Act exemption limits. This requirement includes informational calls. TRACED Act limits commercial calls, surveys, and charitable calls to 3 per month; healthcare-related calls are limited to 3 calls per week.
How to Capture Consent
Of course, obtaining consent only gets you so far—you also need to be able to capture and prove that consent has been obtained. Here’s a variety of ways you can record and keep hold of proof of consent to protect your business:
- Online webforms are great—but they can be problematic. Ensure that forms follow formatting best practices, and use TrustedForm, the highest standard for independent proof of consent.
- Contract terms can be used to obtain written consent in compliance with the TCPA. Be sure that you’re scanning in and maintaining evidence of these terms being agreed to.
- Apps and web portals.
- Recorded phone calls. In Amin’s opinion, the use of recording to retain record of consent should be limited to informational calls (not marketing calls) in order to support TCPA compliance.
- Text messages. More and more businesses are relying on outbound text messages to contact customers. Be sure that you’re following SMS compliance best practices and are able to record customer consent within the channel.
Handling Revocation of Consent
The panelists delved into the huge importance of correctly obtaining and documenting consent, but they also underscored how pivotal it is to be able to respond quickly and compliantly in cases when consent is revoked.
“The truth is people have a right. They may have given you permission and you may have received that consent, but people have a right to take it back,” said Arvell Craig, pointing to the risks companies face if they do not have processes in place to honor that revocation request. How do you make sure your business is prepared? Craig covered these best practices:
- Maintain and manage an internal Do Not Call list. Craig says you need a list that’s company-specific, is maintained by a written policy and procedure, and is supported by a record of training.
- Integrate your internal DNC list across systems. It also essential that this procedure is integrated beyond voice, across all channels and systems to ensure that, when a customer revokes consent, your business responds quickly and comprehensively. Likewise, the list must be shared with partners.
- Account for reassigned phone numbers. Millions of phone numbers are reassigned each year. And when a lead/customer changes phone numbers, you lose consent to contact them at their new number. Ensure that you have a process in place to scrub for these numbers. The older your data, the more important it is that you check for reassigned numbers.
Creating an Open Enrollment Compliance Checklist
All told, the experts on this webinar covered a wide range of compliance insights and tips to inform your business’s procedures and workflows ahead of the upcoming Open Enrollment cycle. Take your compliance support to the next level by using these best practices to build a complete compliance checklist.
- Identify TCPA and Medicare marketing risk within your organization. Audit your practice and partners—everything from consumer outreach procedures and vendors, to agents and TPMOs—to evaluate areas of risk and exposure.
- Implement policies and procedures—and training—around DNC rules and consent. Analyze and improve your internal DNC practice and ensure all agents and partners are up to speed.
- Rely on vendors with compliance solutions, including DNC.com and ActiveProspect, which can be integrated with your dialer software.
- Manage your vendors. Especially under the new CMS guidelines, it’s essential to know who you’re working with. CMS is clearly increasing its compliance oversight of Medicare-related sales and marketing activities.
- Evaluate contract terms. Talk to your partners about reasonable terms so that you both have the same standards in place and that liability obligations are understood.
- Manage claims and serial litigators. Utilize litigator scrubbing tools—such as the one from DNC.com—and have a process in place to deal with (the often-fraudulent) claims that arise from litigators.