Compliance (TCPA/DNC)

Most outbound insurance agents still need their own Subscription Account Number (SAN) from the Federal Trade Commission and should wash outbound dial lists against the Federal DNC. The reason: our scrub happens at the moment of lead capture, but a consumer can place themselves on the DNC the next day. If you have held a lead for 31+ days before dialing, you are responsible for re-scrubbing. A SAN costs $0 for exempt organizations and roughly $80 per state area code per year otherwise; most agents register once and forget about it. We recommend Contact Center Compliance, DNC.com, or PossibleNOW as vendors for ongoing DNC washes — any of them can wash a list of 1,000 numbers in seconds for pennies.

The CMS MCMG — updated annually and most recently tightened for plan year 2024 and 2025 — governs how Medicare Advantage and Part D plans can be marketed. Key rules: you must disclose the number of plans and carriers you represent at the start of the call; you cannot cross-sell non-health products during an MA sales call; you must obtain a Scope of Appointment (SOA) at least 48 hours before a formal sales presentation except in limited walk-in scenarios; and all MA marketing and enrollment calls must be recorded in entirety and retained for 10 years. InsureLeads Medicare leads comply with CMS rules at the point of capture — the consumer agrees to be contacted about Medicare options — but the SOA and call recording obligations are yours as the agent. Your FMO or upline can supply a compliant SOA form.

A Scope of Appointment is a CMS-required form documenting which Medicare product types a beneficiary has agreed to discuss (for example, MA, Part D, Medicare Supplement). You must collect a signed SOA before a formal sales presentation of Medicare Advantage or Part D products. As of plan year 2024, the SOA must be collected at least 48 hours in advance except for (a) walk-ins to your office, (b) SOAs completed at an educational event, or (c) within four days of the end of a valid election period. The SOA can be collected by paper, electronic signature, or a recorded verbal attestation. For Medicare Supplement and non-MA/PDP products, an SOA is not required by CMS but many carriers and FMOs still require one as a best practice. Keep SOAs for 10 years.

For Medicare Advantage and Part D: yes, full call recording is required by CMS as of 10/1/2022 for all marketing, sales, and enrollment calls, and recordings must be retained for 10 years. This applies whether the call is inbound, outbound, in person over an internet connection, or a live transfer. For Medicare Supplement, life, final expense, and health products, call recording is not federally required but is a strong best practice for TCPA defense — a recording of the consent acknowledgement is the single strongest piece of evidence in a TCPA lawsuit. Use a recording platform that generates tamper-evident timestamps (CallRail, Convoso, Balto, Ringba, or your dialer's native recording). Several states (CA, FL, IL, MD, MA, MT, NH, PA, WA, CT) require two-party consent — announce the recording at the start of the call.

Yes. Several states layer their own mini-TCPA statutes on top of the federal rules. Florida's Telephone Solicitation Act (FTSA) is the most aggressive — it creates a private right of action for any call or text without prior express written consent and has generated a wave of litigation since its 2021 amendment. Oklahoma passed a similar statute (OTSA) in 2022. Washington State prohibits commercial texts without express consent. Maryland requires two-party consent for recordings. California's CIPA is being used creatively against website chat and tracking pixels. New York requires clear disclosure of the seller's identity in the first 30 seconds of a sales call. Our consent language is engineered to satisfy the strictest of these — including FTSA — so buyers in any state are covered, but you should still familiarize yourself with the state rules where you operate.

When a consumer asks to be removed or replies STOP to a text, you must honor the request within a reasonable time — the FCC's 2024 revocation rule requires most requests to be honored within 10 business days, and the safe harbor is same-day. InsureLeads maintains a shared suppression list: if a consumer opts out with any InsureLeads buyer, that number is suppressed across our entire platform within 24 hours so it cannot be accidentally re-delivered. You should also maintain your own internal DNC list — the FTC TSR requires it — and honor opt-outs for five years. Revocation can be made through any reasonable method (voice, text, email, web form) and cannot be conditioned on filling out a specific form or calling a specific number. Train your agents: "please take me off your list" is a revocation.

For every lead you work, keep six artifacts for at least five years (seven for TCPA, ten for Medicare): (1) the lead record as we delivered it, including consent-language snapshot, timestamp, URL, and IP; (2) your dialer log showing date/time of each call, duration, and disposition; (3) call recordings for any consent acknowledgement and — for MA/PDP — the entire call; (4) the SOA if applicable; (5) your suppression list showing the number was not on DNC at time of first call; (6) any application or contract signed. If you receive a TCPA demand letter, forward it to us immediately — we provide the full consent bundle on our end at no charge and, for litigation-grade cases, a sworn declaration. Most demand letters settle for $500–$1,500 if documentation is clean; they settle for $10,000–$50,000 if it is not.