Compliance Enabled Text Messages for effective HCP Engagement for Pharma Sales Reps
Kathleen McQuade | May 11, 2023
With more and more people reaching for their phones whenever they need to send a message, texting has steadily become the preferred form of communication globally. As a matter of fact, nearly 65% of the world’s population now utilizes text messaging for day-to-day communication. In North America alone, where 80% population is text-enabled, more than six billion SMS messages are sent daily1. And those figures aren’t expected to slow any time soon.
With so many messages being sent and received, it’s natural that texting would become a vital part of the pharma-to-physician dynamic. That’s why it’s critical executives take steps to ensure their teams are compliant with current regulations. By adhering to best practices and having policies in place to maintain compliance standards, pharmaceutical commercial organizations can limit their risk exposure and minimize any potential consequences.
What is Compliance?
In its most basic sense, compliance means that a company adheres to the applicable rules and regulations that are in place2. Compliance comes in varying forms and laws depending on the vertical and location. For instance, the Telephone Consumer Protection Act (TCPA)3 is a federal law that regulates telemarketing calls, auto-dialed calls, pre-recorded messages, and text messages. This law mandates businesses obtain prior expressed consent before sending text messages to consumers for marketing purposes.
The Federal Trade Commission (FTC) has a similar law that it enforces, the CAN-SPAM Act4, which sets rules for commercial emails, including text messages that contain commercial content with the intent of having the consumer authorize these lines of communication. Additionally, the US Department of Justice (DOJ) Criminal Division recently released an important update in March 2023 on the Evaluation of Corporate Compliance Programs (ECCP)5. Of note is the new guidance's emphasis on communication platforms used to conduct company business. The update is designed to ensure that business-related electronic data and communications are preserved by the company and remain accessible. Businesses need to address compliance with both BYOD policies and record tracking/keeping capabilities. These topics are addressed, for example, in Factor 3, Part B of the document, which states:
“. . . In evaluating a corporation’s policies and mechanisms for identifying, reporting, investigating, and remediating potential misconduct and violations of law, prosecutors should consider a corporation’s policies and procedures governing the use of personal devices, communications platforms, and messaging applications, including ephemeral messaging applications. Policies governing such applications should be tailored to the corporation’s risk profile and specific business needs and ensure that, as appropriate and to the greatest extent possible, business-related electronic data and communications are accessible and amenable to preservation by the company.”
When businesses fail to comply with these laws, they can face hefty fines and legal action. For example, in 2020, the FTC settled with a debt collector for $1.3 million for allegedly sending illegal text messages to consumers. In another case, a healthcare provider (HCP) paid $2.3 million to settle claims that it violated the TCPA by sending unsolicited SMS text messages to patients. These are just a few examples of potential consequences of non-compliance, but there is a litany of other cases in which the outcomes are similar.
Compliant Text Messaging
Compliant text messaging refers specifically to the practice of sending text messages that are in accordance with regulations and best practices. This includes complying with laws such as the TCPA, CAN-SPAM Act and ECCP, as well as industry standards and guidelines. And as with all laws, ignorance of the law doesn’t protect one from guilt. It is the responsibility of businesses to stay on top of these continuously evolving regulations.
In many cases, businesses are required to obtain explicit consent from customers before sending them text messages. Compliant text messaging practices ensure that businesses remain clear and transparent and obtain proper opt-in consent from their customers that’s in line with the laws of the land. Businesses can obtain proper opt-in consent from their customers in various ways, such as via a web page opt-in form, SMS opt-in ask, in-person opt-in, and other appropriate methods.
Regardless of the approach, a company’s opt-in process should also include an option for customers to opt out at any time, and the business should honor these opt-out requests promptly. Customers should be able to stop receiving communications at any given time through a clear and conspicuous mechanism for opting out of receiving future messages. This can be as simple as including the phrase "Reply STOP to unsubscribe" at the end of the message or “Reply with NO if you no longer wish to receive these messages.”
For text messaging activity to comply with industry standards and best practices, it must be done through a reputable platform. This includes offering encryption and other security features to protect consumers’ information. Companies should also routinely monitor business-related text messages to ensure that they follow regulations and best practices. For example, checking for opt-out requests and ensuring messages are not sent outside of approved hours.
Why is Compliant Texting Important for Pharma?
Compliance regulations are designed to help protect consumers' privacy and security. Text messages can often contain sensitive information, such as personal identifying information (PII) and financial data. If these communications are not protected, they can be intercepted by cybercriminals and used for malicious purposes like identity theft and fraud. Compliance with regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR) can help ensure that consumers' information is protected and safe.
For companies, compliant texting is important for many reasons, including the legal ramifications noncompliance can hold. Depending on where in the world the texting occurs, messages can be subject to various laws and regulations in place to help protect consumers’ privacy. Companies that are non-compliant with these laws can face legal penalties, fines and severe damage to the company’s reputation. The latter of which can have dire consequences.
Compliance also helps companies maintain a positive relationship with their customers. Consumers are increasingly concerned about their privacy and the security of their personal information, especially as cybercriminals are getting more creative with their breaches and exploits. By following best practices and regulatory requirements, businesses can build trust with their customers, enhance their reputations and build relationships that stand the test of time. And a reputation for taking customer privacy and security seriously is worth its weight in gold.
A recent study from Cisco6 indicated that 86% of customers care about data privacy and want better controls in place. The same study found that 87% of customers would not do business with a company if concerned about its security practices. This speaks volumes about what compliance can contribute to all aspects of your business.
So, what steps can businesses take to ensure that their text messages are compliant? Here are a few best practices:
Obtain consent: As mentioned earlier, the TCPA requires businesses to obtain written consent before sending text messages to consumers for marketing purposes. This means that consumers must explicitly agree to receive text messages from the business. Businesses should keep records of this consent in case of any legal disputes, no matter what method they choose to receive said consent.
Include opt-out instructions: The CAN-SPAM Act requires that commercial messages include a clear and conspicuous mechanism for consumers to opt out of receiving future messages from that company. This can be as simple as including the phrase "Reply STOP to unsubscribe" at the end of the message or something similar.
Monitor messages: Businesses should make it a habit of regularly monitoring their text messages to ensure that they are in compliance with regulations and best practices. This includes checking for opt-out requests and ensuring messages are not sent outside of approved hours. To help ensure dialogue is focused on approved content, consider enacting a policy that enables keywords to be tagged for review or blocked.
Train employees: Businesses should also plan to regularly train their employees on best practices and regulatory requirements. This can help to prevent accidental non-compliance practices and ensure that everyone in the organization is on the same page with evolving laws and regulations.
Use a reputable messaging platform: Finally, it goes without saying; not all messaging platforms are created equal. Businesses should choose a platform that complies with industry standards and best practices. For pharmaceutical commercial organizations, the ZING Engagement Suite is a great choice.
ZING Makes Pharma Compliance Easy
Critical for the pharma-to-physician relationship, compliance measures have been difficult to ensure with traditional text messaging. But not anymore. Compliance-enabled text messaging is easy to implement with solutions like P360’s ZING Engagement Suite. With ZING, all the messages, digital assets and replies sales teams send to HCPs can be preapproved by compliance and preloaded into the system. That way, nothing gets out that isn’t already approved.
In addition, ZING’s intuitive user portal, which can be branded and completely customized, offers administrators a simple way to track individual messages, link clicks, digital asset views and more. And all of ZING’s data can be stored for up to 10 years and pulled into a report for legal upon request. The data from the system also integrates back to sales profiles in existing CRM systems. Certain keywords can also be marked as prohibited, while others can be flagged for review.
With ZING, pharma teams can exchange compliant two-way unified messaging with HCPs without barriers. There are no apps for end-users to download and there are no subscriptions for them to deal with. To HCPs, ZING offers a seamless, hassle-free experience that’s seen as nothing different than their normal method for receiving texts.
As discussed, compliance is essential when it comes to text messages. Non-compliance can result in significant legal consequences, damage to a business’s reputation and harm to consumers' privacy and security. Alternatively, compliance helps ensure that text messages are safe and effective. By following best practices and expanding regulatory requirements, businesses can build trust with their customers and cultivate relationships that flourish.
References:1. https://www.slicktext.com/blog/2018/11/44-mind-blowing-sms-marketing-and-texting-statistics/ 2. https://www.eqs.com/what-is-compliance 3. https://www.fcc.gov/sites/default/files/tcpa-rules.pdf 4. https://www.ftc.gov/legal-library/browse/rules/can-spam-rule 5. https://www.justice.gov/criminal-fraud/page/file/937501/download 6. https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/cisco-cybersecurity-series-2021-cps.pdf?CCID=cc000742&DTID=esootr000875&OID=rptsc027438