The Federal Trade Commission (FTC) recently released its Biennial Report to congress on the National Do Not Call Registry (DNC) and the numbers tell a story that Americans don’t want to be called. More than 250 million telephone numbers were active on the registry in 2025, an increase of nearly 5 million from the previous year. Add to that more than 2.6 million Do Not Call complaints in 2025, plus increased scrutiny and enforcement on the federal level, and you can see the problem hospitals and health systems face when it comes to using the phone for bad debt recovery. New potential rules, the growth of healthcare bad debt, increased risk and more are shaping how hospitals and healthcare systems are altering the way the approach recovering bad debt accounts.
“Phone calls have been a cornerstone of communications for hospitals for a variety of uses,” said GetixHealth President, Sales and Marketing, Shawn Gretz. “With the potential rule changes from the FCC, both hospitals and their partners need to ensure their patient communication strategy is prepared for whatever comes.”
No Revoke-All – For Now
In early January, the Federal Communications Commission (FCC) extended the effective date for the Telephone Consumer Protection Act’s (TCPA) “revoke-all” requirement until January 31, 2027. This new rule could be one of the most disruptive changes to hospital communications. It addresses how patients can revoke consent to receive autodialed or prerecorded calls or texts, which would affect everything from appointment reminders to bad debt collections.
The delay is not complete relief. There are existing TCPA consent and revocation obligations that remain in force. What may change is the scope of revocation. If it is taken with a wider interpretation, a patient who opts out of one type of autodialed or prerecorded communication – appointment reminders for example – could be considered to have revoked their consent for other calls or texts, like billing or bad debt unless consent for each type of communication is explicitly documented. For health systems that provide a variety of services, this could become a daunting task. While the FCC has received petitions to reconsider this approach, there have been no decisions as of early 2026, which gives hospitals to make a choice in the next year: assume the rule will take effect in a broad definition and plan accordingly or bet on a significant softening of the proposed regulation. The choice can impact both a hospital’s bad debt recovery and vendors they work with.
Vendor Risk = Hospital Risk
The voice providers and dialing platforms utilized by hospitals and health systems are directly subject to FCC robocall rules and enforcement, which means that their risk tolerance shapes the practices hospitals employ. With carriers deploying increasingly aggressive call blocking and analytics and dialing platforms tightening their own robocall policies, hospitals that believe their outreach programs are fully compliant may find their outbound capacity constrained by a vendor’s risk tolerance and how carriers label and treat their calls.
To ensure consistency and the proper risk tolerance, CFOs and risk leaders need to ask questions, including:
- Does our dialer vendor maintain current Robocall Mitigation Database filings and other required registrations?
- What contractual protection and indemnification exists if the vendor platform or traffic is flagged or blocked?
- How quickly can the vendor adapt to new FCC or FTC guidance, and how transparent are they about enforcement inquiries?
These questions are not merely IT questions, they can impact your revenue recovery also.
What We Don’t Know Still Matters
When the FTC publishes complaint data it includes categories like debt relief and certain health-related products, but the public summaries usually do not quantify how many of these complaints or enforcement actions are specifically related to medical debt or hospital collections. FCC enforcement announcements are similar, describing targets and conduct, but do not consistently separate hospital bad debt collection as its own category, making it hard to know if it’s a smaller share of telemarketing enforcement or underreported. This uncertainty makes it difficult for hospitals and health systems to decide how to invest in compliance.
Redesign over Risk Avoidance
When hospitals treat DNC and TCPA compliance as a revenue cycle issue as much as a communication problem, reengineering consent capture, segmentation, and outreach, they are better positioned to improve their bad debt recovery while reducing regulatory exposure.
Making this change requires three shifts in through:
- Consent becomes granular and persistent: Instead of relying on a signature at registration, hospitals capture context-specific permission across the patient journey.
- Segmentation drives channel strategy: All accounts should not be treated the same. Propensity-to-pay models, prior contact history, and compliant risk can determine what contact style is used. Call, text, email or letter are utilized based on their preferences.
- Analytics track indicators, not just outcomes: Right-party contacts, opt-outs, complaints and net recovery by channel can help uncover problems earlier and reduce the likelihood of enforcement events. They can also help identify where complaint outreach actually improves financial and patient experience outcomes.
Change Is Coming
Combining ever-evolving FTC Do Not Call Registry data and potential TCPA rule changes creates a small window for action. Over the next one to two years, hospitals should:
- Audit their current consent practices and map them against TCPA and FCC requirements to identify gaps where implied consent, bundled consent, or outdated permissions may create exposure.
- Assess vendor compliance posture—particularly for dialing platforms and VoIP carriers—and ensure contracts appropriately allocate regulatory and operational risk.
- Build cross-functional governance that aligns legal, compliance, IT, and revenue cycle around a shared risk-return model for patient outreach.
If hospitals and health systems rely on reactive compliance after an event forces the issue, the costs can be higher and the options for positive outcomes fewer. Even though millions of households have placed their numbers on the National Do Not Call Registry, bad debt doesn’t simply go away. Healthcare providers need to decide how – and where – they will respond.
Ridiculously Nice Legal Disclaimer
The content provided in this communication (“Content”) is presented for educational and general reference purposes only. Americollect, LLC and/or AmeriEBO LLC either directly or indirectly through speakers, independent contractors, or employees (collectively referred to as “Americollect”) is providing this Content as a courtesy to be used for informational purposes only. The Contents are not intended to serve as legal or other advice. Americollect does not represent or warrant that the Content is accurate, complete, or current for any specific or particular purpose or application. This information is not intended to be a full and exhaustive explanation of the law in any area, nor should it be used to replace the advice of your own legal counsel. By using the Content in any way, whether or not authorized, the user assumes all risk and hereby releases Americollect from any liability associated with the Content.