Telemedicine, Texting, and TCPA: Telephone Consumer Protection Act Update

What does the new Supreme Court text message ruling mean for your digital health business?

The Supreme Court ruled in favor of Facebook, holding that the Telephone Consumer Protection Act (TCPA) did not apply to Facebook because the system did not have the capacity to randomly or sequentially store, or to randomly or sequentially generate, a telephone number.
Previously, companies were at risk of TCPA claims asserting only that the text messages or calls were made with devices that simply have the capacity to store and automatically dial a telephone number.
Digital health companies still have to comply with other applicable patient and consumer protection laws, including no texts or calls to number on do-not-call lists, and the HIPAA privacy and security rules, particularly with respect to text messages (and emails) containing unencrypted patient protected health information.

Telemedicine and remote patient monitoring companies will have an easier time engaging with their patients via text message. As we reported last week, on April 1st, the Supreme Court of the United States agreed with Facebook’s interpretation of the definition of “automatic telephone dialing system” (commonly referred to as an “autodialer”) in a lawsuit accusing Facebook of violating the TCPA.

Scope of TCPA Greatly Diminished

The ambiguity in the TCPA regarding the definition of an autodialer meant that digital health companies were at risk of the TCPA’s private right of action and statutory penalty provisions by texting with their patients. The Supreme Court in Facebook unanimously overturned the Ninth Circuit’s broad interpretation of an autodialer, delivering a significant win for TCPA defendants. If your dialing equipment makes calls to telephone numbers maintained in your patient management system or your customer relationship management platform and does not utilize a random or sequential telephone number generator, text messages and calls using that system or platform are not required under the TCPA to obtain prior express written consent before sending a text or making a phone call. Importantly, the ruling does not distinguish between service-related (purely informational) messages and marketing messages for autodialer purposes, and accordingly applies to both non-telemarketing and telemarketing text messages and phone calls. As a result, as long as the dialing equipment does not use a random or sequential number generator, a digital health company will not be required to obtain “prior express written consent” from their patients before sending them a text, provided other aspects of the TCPA are complied with.

Health care providers are still able to utilize the health care messages exception to the TCPA, which allows health care providers to place artificial/prerecorded voice calls to cellphones, without the patient’s prior express consent, in order to convey important informational “health care messages.” Examples include appointment confirmations, prescription notifications, and exam reminders. Under the “health care messages” exemption, there are restrictions (e.g., patient-users cannot be “charged” for the call or text message; no more than three messages initiated per week; content of messages must be strictly limited to allowed purposes and cannot include marketing, advertising, billing, etc.).

Some Risks Still Remain

Companies should note that the prohibition against pre-recorded or artificial voice calls without prior express written consent remains, as does the prohibition on unsolicited telemarketing phone calls to phone numbers on the national Do Not Call Registry or company-specific do-not-call lists.

All messaging must also comply with HIPAA privacy and security requirements. If your organization sends or is considering sending text messages that contain unencrypted PHI, it should (1) warn patients of the risks of communicating for healthcare purposes using unencrypted text messaging (or emails), (2) obtain patients’ preference and consent with respect to messages with unencrypted PHI, and (3) document the patient’s preference and consent, as well as the organization’s compliance efforts in this regard.

The Takeaway

As text messaging continues to be the preferred method of communication by patients, digital health companies will be able to better engage with their patients going forward. The ability to engage through exchanging educational and informative health care information in the way that patients consume information, will increase patient engagement and positively impact health care outcomes.

Want to Learn More?

For more information on telemedicine, telehealth, virtual care, remote patient monitoring, digital health, and other health innovations, including the team, publications, and representative experience, visit Foley’s Telemedicine & Digital Health Industry Team.

Disclaimer

This blog is made available by Foley & Lardner LLP (“Foley” or “the Firm”) for informational purposes only. It is not meant to convey the Firm’s legal position on behalf of any client, nor is it intended to convey specific legal advice. Any opinions expressed in this article do not necessarily reflect the views of Foley & Lardner LLP, its partners, or its clients. Accordingly, do not act upon this information without seeking counsel from a licensed attorney. This blog is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Communicating with Foley through this website by email, blog post, or otherwise, does not create an attorney-client relationship for any legal matter. Therefore, any communication or material you transmit to Foley through this blog, whether by email, blog post or any other manner, will not be treated as confidential or proprietary. The information on this blog is published “AS IS” and is not guaranteed to be complete, accurate, and or up-to-date. Foley makes no representations or warranties of any kind, express or implied, as to the operation or content of the site. Foley expressly disclaims all other guarantees, warranties, conditions and representations of any kind, either express or implied, whether arising under any statute, law, commercial use or otherwise, including implied warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event shall Foley or any of its partners, officers, employees, agents or affiliates be liable, directly or indirectly, under any theory of law (contract, tort, negligence or otherwise), to you or anyone else, for any claims, losses or damages, direct, indirect special, incidental, punitive or consequential, resulting from or occasioned by the creation, use of or reliance on this site (including information and other content) or any third party websites or the information, resources or material accessed through any such websites. In some jurisdictions, the contents of this blog may be considered Attorney Advertising. If applicable, please note that prior results do not guarantee a similar outcome. Photographs are for dramatization purposes only and may include models. Likenesses do not necessarily imply current client, partnership or employee status.

chowell@foley.com

Jacksonville 904.359.8745

A man in a dark suit and red tie stands smiling in a brightly lit, modern corporate law office hallway, reflecting the professionalism of top lawyers in Chicago.

amaguregui@foley.com

Tampa 813.225.4129

Related Insights

View All Posts

August 14, 2025 Foley Ignite

Telemedicine, Texting, and TCPA: Telephone Consumer Protection Act Update

What does the new Supreme Court text message ruling mean for your digital health business?

Scope of TCPA Greatly Diminished

Some Risks Still Remain

The Takeaway

Want to Learn More?

Author(s)

Chanley T. Howell

Aaron T. Maguregui

Related Insights

Will the Late Summer M&A Rebound Continue into Fall?

Tariffs and Your Contracts: Why do delivery terms matter?

SEC Intensifies Scrutiny of Chief Compliance Officers