Do's and Don'ts of Medicare Compliance

Life as an agent before Medicare’s Annual Enrollment Period is a flurry of contracting and certifying. But there’s another C that’s even more important: Compliance.

It’s not just something to consider during the busy season. Compliance should be a year-long goal for every agent.

Important Note on Medicare Marketing Guidelines

Before we get into the do’s and don’ts, it’s important to note that you can find the full Medicare Communications and Marketing Guidelines (MCMG) on CMS.gov. You can view the Medicare Advantage and Part D Communication Requirements on the Federal Register site. The Federal Register site is straightforward and easy to navigate, so it’s never been easier to brush up on the latest Medicare marketing guidelines and updates!

You can also check out our 2025 Medicare Changes page to learn more about what’s coming!

TPMO Guidelines

The Centers for Medicare & Medicaid Services (CMS) consider agents and brokers third-party marketing organizations (TPMOs), and as such, require you follow certain rules when marketing Medicare Advantage or prescription drug plans. These requirements include:

  • Identify and make a list of all vendors, contractors, and subcontractors you use for marketing, sales, lead generation, and enrollment. Revise your existing written agreements and enter into written agreements with all of your TPMOs to require your TPMOs to be compliant with TPMO regulations.
  • Do not share personal beneficiary data with other TPMOs unless prior express written consent is given by the beneficiary. Prior express written consent from the beneficiary to share the data and be contacted for marketing or enrollment purposes must be obtained through a clear and conspicuous disclosure that lists each entity receiving the data and allows the beneficiary to consent or reject to the sharing of their data with each individual TPMO.
  • Disclose to carrier(s) and/or Ritter any subcontracted relationships used for marketing, lead generation, and enrollment.
  • Develop a plan and report monthly to the carrier(s) and/or Ritter any staff disciplinary actions or violations of any requirements that apply to the MA plans or Part D plans associated with beneficiary interaction to the MA plans or Part D plans.
  • Use the appropriate TPMO disclaimer (described below) as required under § 422.2267(e)(41) and § 423.2267(e)(41).
  • Record all sales, enrollment and marketing calls (including video calls) with beneficiaries in their entirety. According to the CMS 2024 Final Rule, call recording is limited to marketing (including retention marketing), sales, and enrollment calls.

The TPMO Disclaimer

Agents must add the following TPMO disclaimer to their email communications, website, print materials, other marketing materials, and within the first minute of sales calls. This is a standardized disclaimer and must be used verbatim.

If marketing fewer than all plans within a service area, use:

“We do not offer every plan available in your area. Currently we represent [insert number of organizations] organizations which offer [insert number of plans] products in your area. Please contact Medicare.gov, 1-800-MEDICARE, or your local State Health Insurance Program (SHIP) to get information on all of your options.”

If marketing all plans within a service area, use:

“Currently we represent [insert number of organizations] organizations which offer [insert number of plans] products in your area. You can always contact Medicare.gov, 1-800-MEDICARE, or your local State Health Insurance Program (SHIP) for help with plan choices.”

This disclaimer must also be present when communicating electronically with a beneficiary through email, online chat, or other means of electronic communication.

Here are some other disclaimers you may need on your marketing materials

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) establishes national standards and procedures for protecting patients’ medical information as it’s maintained or transferred by “covered entities,” their “business associates,” or “business associate subcontractors.” Insurance agents fall into the latter two categories. As a business associate, you are only authorized to use protected health information (PHI) for the specific purposes outlined by the covered entity that provides it. This makes it essential to adhere to their HIPAA guidelines, formalized in a contract.

To safeguard against such risks, avoid actions like sending PHI over unsecured emails or internet services, leaving PHI in voicemails, or disposing of PHI documents without shredding them.

Call Recording

Agents and brokers must record all sales, marketing (including retention marketing), and enrollment calls (inbound and outbound) in their entirety. Examples include introductory calls to inform or educate clients about Medicare Advantage and Prescription Drug plans, subsequent calls when the beneficiary makes an enrollment decision, and post-enrollment discussions, including retention-marketing calls that influence a beneficiary to stay enrolled in a current plan. Agents do not need to record conversations when meeting with the beneficiary in person.

Check out our blog post, A Review of the Top Call Recording Applications for Compliant Medicare Business, to see our recommendations for call recording technology.

Permission to Contact

Every interaction with a potential client has a starting point. While agents are permitted to make unsolicited direct contact with potential enrollees via email, the email must have an opt-out option to remain compliant. Additionally, the content of any unsolicited email cannot steer a recipient into choosing or retaining a plan. A compliant email would promote your services rather than any specific plans.

Agents are still not allowed to approach potential enrollees in common areas, make unsolicited phone calls, or go door to door.

To begin the conversation with potential enrollees, you’ll want to obtain Permission to Contact (PTC). You can use lead providers to send out business reply cards (BRCs) or flyers including an optional form to collect this permission, providing the BRC or flyer complies with all regulatory requirements such as the required disclaimer of the Telephone Consumer Protection Act. In addition, you should note that PTC and BRCs now expire after 12 months or when their purpose has been served. Please note that lead generation entities are now considered TPMOs and must comply with certain requirements.

If you use a third-party lead generation company, you must ensure the third-party lead provider understands and follows these requirements on your behalf:

  • Disclose to the carrier(s) and/or Ritter any subcontracted relationships (such as the use of a third-party lead-generation company) used for marketing, lead generation, and enrollment.
  • Develop a plan and report monthly to the carrier(s) and/or Ritter any staff disciplinary actions associated with beneficiary interaction to the plan or violations of any requirements associated with beneficiary interaction to the plan.
  • Disclose to the beneficiary when conducting lead-generating activities that his or her information will be provided to a licensed insurance agent for future contact or that he or she is being transferred to a licensed insurance agent who can enroll him or her into a new plan:
    • Verbally when communicating with a beneficiary through the telephone
    • In writing when communicating with a beneficiary through mail or other paper communication
    • Electronically when communicating with a beneficiary through email, online chat, or other electronic messaging platform

Additionally, PTCs are not the same as a Scope of Appointment. The PTC comes first, hopefully followed by an appointment. Ahead of the appointment, you’ll need to obtain a signed Scope of Appointment form from the beneficiary.

Permission to Contact is not the same as Scope of Appointment. Mostly, PTC comes first, then Scope of Appointment next.

While not directly related to PTC, it’s also important to remember: As an agent, you cannot require a beneficiary to provide personal information (e.g., Medicare Beneficiary Identifier, Social Security number, or any required data to perform an eligibility query using CMS systems) to receive carrier plan options. The only exception is that you may ask for the client’s zip code to determine plans offered within their service area.

Scope of Appointment

Scope of Appointment (SOA) means just what it says. It’s a form outlining exactly what you’ll be presenting to a client during a meeting. The SOA ensures that potential enrollees will not be pitched plans other than those they originally requested.

Every Medicare sales appointment requires an SOA, whether the meeting occurs in person or remotely. Per CMS, agents must keep SOA forms on file for at least 10 years, even if the appointment didn’t end in a sale. The SOA will be valid for 12 months or until it is utilized, and you will need to obtain a new one if the original expires. An SOA is used when an enrollment has occurred or the beneficiary requests to cease further discussions. Agents may use the same SOA in follow-up discussion if the beneficiary wants to take additional time to consider their options after the initial discussion.

You must wait 48 hours between obtaining an SOA from a client and an appointment. Exceptions to this rule include when a beneficiary is four days or less from the end of a valid enrollment period (e.g., Annual Enrollment Period, Open Enrollment Period, Special Enrollment Period, Initial Coverage Election Period) or unscheduled in-person meetings (walk-ins) initiated by the beneficiary.

What happens if your client requests Medicare information outside of the Scope during your meeting? You must fill out a second Scope covering the new information before continuing the meeting. If they’re interested in non-health related products, you must schedule a future appointment to discuss them.

Marketing Rules

CMS also regulates marketing and plan presentations, including when you’re allowed to market, and how you market.

Agents must wait until October 1 to begin marketing next year’s plans to potential beneficiaries and cannot enroll members until October 15.

In the CMS MA & Part D Communication Requirements, CMS differentiates between materials that are considered “non-marketing” and “marketing.” The difference between the two is based on the content and the intent of the piece. Non-marketing pieces tend to be more general, providing non-specific information to prospective and current enrollees. Marketing pieces, however, are aimed to influence beneficiaries in either enrolling into a plan or retaining their existing plan. Marketing materials contain some plan-specific information, such as benefits, premiums, and comparisons to other plans. If marketing plan-specific benefits in print ads, you must include the carrier names in 12-pt font.

All materials are subject to CMS review and approval before you can use them, whereas non-marketing materials are not.

Note: Medicare marketing materials that mention any benefits, including widely available ones (e.g., dental, vision, and hearing), are considered marketing and need to be filed with and reviewed by CMS, via HPMS, prior to usage.

During presentations, you should never attempt to mislead your clients, willingly or unwillingly. Stay away from using absolutes and superlatives to describe plans and benefits. Your job is to present information, not show favoritism between carriers or plans. Similarly, if a potential enrollee expresses interest in just one plan, you must inform them that other plans are also available to them. When a client is being enrolled, agents must explain how their current coverage will be affected. Make sure you don’t leave this out when speaking with potential enrollees.

Avoid using absolutes and superlatives to describe Medicare plans and benefits.

CMS puts a large focus on agent transparency. Similar to their rules on absolutes and superlatives, agents should not use the word “free” to describe $0 premiums. CMS also states that the term free should not be used “in conjunction with any reduction in premiums, deductibles or cost share, including Part B premium buy-down, low-income subsidy or dual eligibility.”

While one component of your client’s health care may come at low or no cost, costs could be incurred in other areas. For example, $0-premium plans typically have higher copays, while plans with higher premiums offer lower out-of-pocket cost. By calling a plan “free,” you’re generalizing just one part of the plan’s full package. In fact, those marketing Medicare cannot advertise generalized savings at all when savings are specific to the individual.

When mentioning star ratings, you must convey that plans are evaluated yearly by Medicare and that the ratings are based on a five-star rating system. You may not reference the star rating based on prior contract year data when the marketing materials are for the upcoming year. See our recommended disclaimer below:

“Every year, Medicare evaluates plans based on a five-star rating system.”

Agents must also let potential enrollees know when a plan has been assigned a Low Performing Icon (LPI) by CMS. You may not showcase the overall star rating and fail to disclose that the plan has previously suffered from performance issues. Star ratings may not be published until CMS releases them on the Medicare Plan Finder.

Events & Appointments

The types of presentations you host throughout the year typically fall under one of three categories; educational events, sales events, and individual appointments.

Educational events must be advertised as such and be designed to inform Medicare beneficiaries about the parts of Medicare in general. When holding an educational event, you:

DO:

  • Distribute educational materials free of plan-specific information
  • Distribute educational health-care materials
  • Answer questions posed by attendees
  • Give out your business card and contact info for beneficiaries to use to initiate contact
  • Provide generic business reply cards
  • Hold the event in a public venue (optional, but under no circumstance should events be held in-home or in one-on-one settings)
  • Add the following disclaimers to advertisements and invitations:
    • “For accommodations of persons with special needs at meetings call [insert phone and TTY number].”
    • “This event is only for educational purposes and no plan-specific benefits or details will be shared.”

DON’T:

  • Give an educational presentation in a one-on-one situation
  • Distribute plan-specific materials or enrollment packets
  • Discuss any carrier-specific plans or benefits or distribute marketing plan materials
  • Display a sign-in sheet or collect contact info
  • Answer questions beyond what attendees ask
  • Schedule future marketing appointments
  • Collect SOAs or enrollment forms
  • Give away cash or other monetary rebates
  • Hold a marketing/sales event within 12 hours of an educational event at the same location or adjacent buildings
  • Lead or attempt to lead attendees toward a specific plan or set of plans

Sales events, on the other hand, are designed to steer, or attempt to steer potential enrollees towards a limited set of plans. During a sales event:

DO:

  • Use the necessary TPMO disclaimer on printed marketing materials
  • Let beneficiaries approach you first (if at an informal event)
  • Use sign-in sheets that are clearly indicated as optional
  • Follow the specific carrier’s filing and reporting procedures prior to the event
  • Follow the specific carrier’s cancellation procedures
  • Name all the products and plan types you’ll cover before starting
  • Make sure to use only carrier-approved materials and talking points
  • Collect TCPA-compliant lead cards and business reply cards
  • Schedule follow-up meetings and collect SOAs for future appointments
  • Distribute star ratings information, Summary of Benefits, Pre-Enrollment Checklist, and the Multi-Language Insert with any enrollment form
  • Collect enrollment applications
  • Call attendees from a sales event if they gave permission for a follow-up call (you must have documented permission to contact)
  • Distribute giveaways with your contact information on it, provide promotional items or offer refreshments or lights snacks (items must comply with CMS’ nominal gifts ordinances)

DON’T:

  • Offer health screenings
  • Request or accept a referral
  • Give away cash or other monetary rebates
  • Offer or subsidize meals
  • Make absolute statements
  • Compare one carrier’s plan to another carrier’s plan by name without getting written consent from all carriers involved in the comparison or without having studies or statistical data to back up comparisons
  • Use pressure to sign someone up
  • Cross-sell or promote non-health-related products
  • Require attendees to sign in (sign-in sheets MUST be optional)
  • Require attendees to fill out an SOA or enrollment forms
  • Hold a marketing/sales event within 12 hours of an educational event at the same location or adjacent buildings
  • Use contact information provided by attendees for raffles or drawings for any other purpose
  • Give away cash or other monetary rebates

Agents are allowed to improvise their delivery of the presentation and content they’d like to cover before accepting an application at a sales appointment. Only “talking points” need to be submitted to CMS by the carriers, allowing agents the freedom to conduct a more interactive sales presentation.

Individual appointments fall under the same category as sales events and the same CMS regulations apply. Don’t forget, whether you’re meeting in person, or discussing plans one-on-one over the phone, you must have an SOA.

Meeting in person or discussing plans one-on-one over the phone requires an SOA.

Websites

Consumer-facing websites that promote a specific carrier or a group of carriers’ Medicare Advantage or Part D products must be submitted to CMS for approval. This is typically accomplished through the carriers. You may refer to the specific carrier’s policy regarding website review. CMS has increasingly cracked down on websites in recent years, so it’s important to be sure your website is properly evaluated.

Consider signing up for PlanEnroll, Integrity’s client-facing enrollment site you can use to compare plans and enroll clients in a plan. PlanEnroll is seamlessly integrated with MedicareCENTER to host all your clients’ information in one place. PlanEnroll is an excellent way to generate new leads in a compliant way! Access your site by registering for MedicareCENTER.

Social Media

Just like your website, any post on social media must remain compliant. Being present on social media is good for engaging with your community, but you want to make sure you’re doing it right.


Our eBook, Social Media Marketing for Insurance Agents, goes even more in depth on how to utilize social media to enhance your business.


We’ve talked before about the importance of an online presence, but be forewarned, likes or shares on social media do not constitute PTC for sales purposes.

Secret Shoppers

Staying compliant should be a year-long objective for every agent. Annual Enrollment is the culmination of revised CMS Medicare Advantage & Part D Communication Requirements, new plans, and all kinds of potential enrollees, some of which could be secret shoppers.

CMS secret shoppers measure quality of service and compliance with Medicare regulations to gather specific information about products and services. These secret shoppers will be looking to make sure you’re compliant, from what you say to how you present it.

● ● ●

As a certified agent, you’re responsible for following CMS guidelines. Compliance doesn’t have to be difficult, but it does require research and due diligence on your part. When in doubt, refer to Ritter for guidance!

_Editor’s Note: This was originally published in September 2016. It has been updated to include information relevant to the 2025 Annual Enrollment Period.

Not affiliated with or endorsed by Medicare or any government agency.

Share Post

Start Selling Under-65 Today!
Ritter Promotion

Related Posts


Like being the first to know? So do we. Join the thousands of independent agents getting the first word from Ritter.

Register with Ritter!