As more and more patients/clients are using smartphones, telehealth providers and remote patient monitoring (RPM) companies are communicating with clients via texting and push notifications. While text messaging is familiar to most, a push notification is a short message that is generated, for example, by a remote patient monitoring company’s app, as a convenient way to send messages to end-users. Whether the communication is by text or push notification, providers need to be aware that there are TCPA regulations covering the use of both. Failure to follow the regulations can result in the Federal Communications Commission (FCC) levying fines/penalties. Further, plaintiffs have filed private lawsuits for violations which have resulted in statutory damages awarded from $500 to $1500 per text message.
Text Messages and TCPA
The Telephone Consumer Protection Act (TCPA) is a law stating that potential recipients of calls or texts to residential lines or cell phones must agree in writing to receive the messages. Providers would be wise to obtain prior “express written consent” which includes:
- Acknowledgment that the person authorizes the provider/seller to deliver telemarketing calls using automatic telephone dialing systems or an artificial / pre-recorded voice
- Acknowledgment that signing such an agreement is not a condition of receiving goods or services. In other words, a person cannot be denied goods or services if they refuse to agree to receive calls/ texts. Permission must be written, but it can be provided electronically, following the guidelines of the federal e-sign act and state electronic signature laws. Digital consent given by email, website click sign forms, text, telephone keypress, and voice recordings are permissible forms of signature.
Exception to TCPA for Health Care Providers
Health care providers are allowed to place pre-recorded voice and text messages to cell phones without a patient’s prior consent if the message intent is to convey important healthcare information, such as scheduling and appointment reminders, prescription pick-up reminders, etc. The exception to TCPA, however, does have some rules, including:
- Patients cannot be charged for the call or message
- Only three messages can be sent per week
- The messages must be limited to healthcare information and not contain marketing, advertising, other business-related information, etc.
- The messages must also be HIPAA compliant and clients given opt-out choice, which must be acted upon promptly. For more information on HIPAA compliant texting and telehealth see HIPAA Compliant Texting.
Push Notifications Not Regulated by TCPA
Remote patient monitoring (RPM) companies may use Bluetooth-enabled medical devices that are linked to a downloadable app on the user’s smartphone. For more information on RPM see Four Types of Telehealth: Advantages and Uses. These companies find push notifications to be a convenient way to send patient messages or prompts to take some kind of action related to the device. Push notifications are not considered to be a text message or phone call, and therefore do not fall under TCPA regulation. They are, however, regulated by state privacy laws and in some cases, by HIPAA.
Have More Specific Questions about Telehealth Text Messaging Therapy?
Not surprisingly, behavioral clinicians are finding that patients and clients are increasingly asking for text therapy. Is may seem easy enough to use, but many professionals using this telehealth modality have not fully considered their legal or ethical requirements. Almost all of the national professional associations and regulatory board members in behavioral health are concerned about the text-messaging services currently being offered online, but neither of these groups has it within their purview to take a public stand — except to support education. That type of education is offered here at the Telebehavioral Health Institute.