Carrier enforcement is active. Unregistered healthcare SMS is filtered without notice. FidesTrust Group finds the gaps and fixes them — before they cost you revenue.
Carrier enforcement tightened in 2024–2025. Practices with unregistered or misconfigured SMS are seeing significant message filtering increases. If your booking confirmations or reminders have a lower response rate — this is likely why.
As a healthcare organization sending patient communications via SMS, you sit at the intersection of carrier regulations and federal healthcare law. Most SMS platforms address neither correctly. Most consultants only understand one.
Medical aesthetics practices texting appointment reminders, promotions, and follow-ups.
High-frequency appointment-based practices with large patient contact lists.
Dermatology, orthopedics, urgent care, and any HIPAA-covered entity using SMS.
Every business texting from a local number must register their brand and each message campaign with The Campaign Registry. Without it, AT&T, Verizon, and T-Mobile silently filter your messages — no error, no notification, no delivery.
High impact if unregisteredAppointment details, treatment references, and follow-up messages may qualify as Protected Health Information. Your SMS platform needs a signed Business Associate Agreement. Most don’t have one — and most practices don’t know.
Federal liability exposureEvery promotional text requires documented written consent. Without it, each message is a potential TCPA violation carrying fines up to $1,500 per text, per recipient. Most practices have never formally audited their consent process.
Up to $1,500 per messageWe assess your practice across all three compliance dimensions and deliver a plain-language risk score. No sales pressure. If you’re clean, we’ll tell you that.
Select a time that works for you. We review your current setup before the call and arrive with specific findings about your practice — not a generic checklist.
Choose Your Time →Choose your starting point. Every engagement begins with your free compliance check so we recommend only what your practice actually needs.
Registration is a starting point, not a finish line. Carrier rules evolve. Platforms change. Compliance Guard monitors your practice every month so you never fall back out of compliance. Month-to-month. Cancel anytime.
Compliance Guard is available after any setup package. Your tier is based on your ongoing SMS volume — we’ll recommend the right fit during your compliance check.
Light SMS volume. Monthly monitoring & alerts.
Active SMS use. Quarterly audits & message review.
High-volume. Monthly audits & unlimited review.
Whether you have been texting patients for years or just getting started, these are the questions we hear most. Plain answers, no jargon.
A2P stands for Application-to-Person. 10DLC refers to the 10-digit local phone numbers most businesses use to send texts. In 2023 the three major carriers — AT&T, Verizon, and T-Mobile — began requiring every business that sends text messages from a local number to register their brand and the types of messages they send with a federal registry called The Campaign Registry.
If your practice sends appointment reminders, promotional offers, or any other texts to clients and you have not completed this registration, your messages are being silently filtered by carriers. No error appears on your end. Clients simply never receive them. Most practice owners have no idea this is happening.
The most common signs that your messages are being filtered include clients saying they never received your appointment reminder, a noticeable drop in clients responding to your texts, or lower response rates to promotional messages than you used to see.
The problem is that carrier filtering happens silently. Your SMS platform will often show the message as sent even when it was blocked before reaching the client. The only reliable way to know your status is to verify your registration directly, which is exactly what our free compliance check does.
Not necessarily, and this is one of the most common misconceptions we encounter. Most popular SMS platforms used by medical practices including Podium, Weave, Birdeye, Square, and Vagaro do not automatically complete A2P registration on your behalf. Some offer tools to help you register but the registration itself must be initiated and completed correctly by or for your specific business.
Even practices that have attempted registration are often missing campaign-level registration, meaning their brand may be registered but the specific types of messages they send are not. Each use case such as appointment reminders and promotional texts requires its own separate campaign registration. Our compliance check identifies exactly what is in place and what is missing.
HIPAA, the Health Insurance Portability and Accountability Act, applies to any communication that contains or could imply Protected Health Information. When your practice sends a text that references an appointment type, a treatment, a follow-up for a specific service, or anything that connects a patient's identity to their healthcare, that message may qualify as PHI under federal law.
This means your SMS platform is required to have a signed Business Associate Agreement, commonly called a BAA, with your practice before sending or storing those messages. Most SMS platforms do not provide a BAA by default and most practice owners have never been asked to sign one. Operating without a BAA on a platform handling patient communications is a federal compliance gap that creates real liability for your practice.
A Business Associate Agreement is a legally required contract between your practice and any third-party vendor that handles Protected Health Information on your behalf. It documents that the vendor agrees to handle that data in compliance with HIPAA standards.
If your SMS platform is being used to send messages that reference patient appointments, treatments, or any health-related details, yes — you need a signed BAA with that platform. If your current platform does not offer a BAA or has not provided one, your practice is operating outside HIPAA requirements for that communication channel. This is one of the three areas we assess during your free compliance check.
The Telephone Consumer Protection Act is a federal consumer protection law that governs how businesses can contact people by phone and text. Under TCPA your practice must obtain documented written consent from a client before sending them any promotional or marketing text message. Verbal consent is not sufficient. A general consent to treatment does not cover SMS marketing.
The financial exposure is significant. TCPA violations carry fines of up to $1,500 per unsolicited message per recipient. For a practice sending a monthly promotional text to hundreds of clients without properly documented consent, that exposure adds up quickly. Most practices have never formally audited whether their consent process meets TCPA requirements.
Before the call we review what we can about your current SMS setup based on the information you provide when booking. On the call itself we ask a focused set of questions covering your SMS platform, your registration status, how you collect consent from clients, and what types of messages you send.
Within 24 hours of the call we deliver a written compliance assessment covering all three areas — A2P 10DLC registration, HIPAA platform safety, and TCPA consent. Each area receives a risk rating and plain-language explanation of what we found. If everything is clean and properly configured we will tell you that. There is no sales pressure and no obligation to engage our services after the check.
The timeline has two parts. Our intake and submission process — collecting your business information, preparing your brand registration, and submitting your campaigns — typically takes 3 to 5 business days from when we receive your completed intake form.
Carrier review and approval is handled by AT&T, Verizon, and T-Mobile independently and typically takes 10 to 14 business days from submission. This timeline is carrier-dependent and outside our direct control, however we monitor your submission throughout and handle any rejection or revision requests as part of every package. We deliver your full compliance documentation within 14 business days of receiving your intake form.
No, and any service that guarantees carrier approval is not being honest with you. Carrier approval decisions rest with AT&T, Verizon, and T-Mobile and are governed by their own internal policies. What we guarantee is expert preparation and submission, meaning your brand registration and campaign submissions will be accurate, complete, and optimized to meet carrier requirements before they are submitted.
We also include rejection handling and resubmission in every package. If a carrier requests revisions or rejects a submission for a correctable reason we handle that without additional charge. Our goal is to give your registration the strongest possible foundation going in.
Compliance Guard is our monthly monitoring service. Once your registration is approved and your practice is compliant, Compliance Guard monitors your status every month to make sure nothing changes without your knowledge. Carrier policies evolve, platforms update their systems, and registration statuses can change. Compliance Guard ensures you are alerted immediately if anything requires attention.
Think of it the way you think of an annual review for other parts of your business. Registration gets you compliant. Compliance Guard keeps you compliant. It is available in three tiers based on your SMS volume — Essential at $149 per month, Standard at $249 per month, and Premium at $349 per month — and can be cancelled anytime with 30 days notice.
Yes. A2P 10DLC registration is required for all business SMS traffic regardless of message type. Appointment reminders are classified as transactional messages and require their own campaign registration separate from any promotional or marketing messages you send. The registration requirement applies to the phone number and the business sending the messages, not just to promotional content.
The good news is that transactional-only campaigns typically move through carrier review faster than mixed-use campaigns and carry lower carrier pass-through fees. If your practice sends only appointment reminders our Core Compliance package is usually the right fit.
Yes, registration requirements apply based on the type of messages being sent and the phone number being used, not the size of your contact list. A single-location practice texting 200 clients has the same carrier registration obligation as a multi-location group texting 20,000.
Smaller practices often feel less urgency around compliance because they assume these rules are aimed at large enterprise senders. In reality carriers enforce filtering at the number level, meaning your messages can be blocked regardless of how many clients you are texting. Our Core Compliance package was designed specifically with smaller practices in mind.
We address A2P 10DLC and HIPAA simultaneously. Most consultants handle one. Your practice needs both.
We work exclusively with healthcare and medical aesthetics organizations. We know your platforms, workflows, and patient communication needs.
We guarantee speed, expertise, and thorough attention — never carrier approval outcomes. We give your registration every possible advantage.
Nothing is a black box. You receive complete documentation of everything — registration confirmations, audit reports, compliance records. All yours to keep.
Start with a free 15-minute compliance check. No obligation. No sales pressure. Just a clear, specific assessment of your SMS compliance posture.
Book Your Free Compliance CheckOr reach us directly: info@fidestrustgroup.com
FidesTrust Group provides operational compliance consulting services. Nothing on this website constitutes legal advice. A2P 10DLC registration outcomes are subject to carrier policies and are not guaranteed. HIPAA compliance guidance is operational in nature and does not substitute for qualified legal counsel. FidesTrust Group is not a law firm.