Compliance & Security
At ReadyMode, compliance and security are top of mind when managing processes and data with our customers. We aim to build security and data integrity into our solutions and products for our customers and their businesses.
This is our resource center where you can find information on common questions.
Compliance
ReadyMode helps you address risks and stay compliant with our
Full Attestation for STIR/SHAKEN
Prevent costly fines. Decrease your risk of costly TCPA and DNC violations with native integrations to industry-leading compliance vendors.
System protocols & procedures implemented to help prevent potential compliance issues around Caller ID Spoofing
Avoid dialing mistakes. Import, export, filter and edit your DNC list with custom filtering for comprehensive telemarketing compliance.
TCPA
ReadyMode understands the complications of how to comply with the Telephone Consumer Protection Act 47 U.S.C. § 227 (TCPA) – we monitor changes in rules and regulations to facilitate your compliance where we can, including ensuring that the ReadyMode platform cannot generate phone numbers.
Our platform was built with compliance as a key driver so you can prevent costly fines and decrease your risk of costly TCPA and DNC violations with native integrations to industry-leading compliance vendors.
The Telephone Consumer Protection Act (TCPA) is a federal law that protects consumers from certain unwanted phone calls.
In 1991, Congress passed the Telephone Consumer Protection Act (TCPA) to restrict telemarketing calls, autodialed calls, prerecorded calls, and unwanted faxes. The National Do-Not-Call (DNC) Registry is monitored by the Federal Trade Commission (FTC). The Federal Communications Commission (FCC) has the authority to implement the TCPA through rules and regulations.
The Telephone Consumer Protection Act (TCPA) covers a wide range of concerns connected to dialing practices. To verify that your contact center is compliant with the TCPA, ReadyMode recommends seeking proper legal and compliance guidance. The following are a few instances of TCPA rules:
- All lists and leads utilized for selling, should be compared to the Do Not Call (DNC) list.
The Federal Communications Commission (FCC) has primary authority to implement and enforce the TCPA. State Attorneys General and private citizens through lawsuits also have Congressional authority to enforce rights under the TCPA. ReadyMode recommends that all of our customers work with their legal partners to review their dialing procedures to ensure compliance.
The TCPA was created to protect customer privacy by prohibiting businesses from participating in unwelcomed telemarketing communications practices, and the FCC has since interpreted the law to include text-based telemarketing. Regulations are always changing, so you should maintain up-to-date information on the most recent rulings and how they pertain to your call center.
In general, unless the recipient has given the caller “prior express consent” to receive the call/text, the TCPA bans utilizing an ATDS or prerecorded or artificial-voice message to contact mobile phones, and prerecorded or artificial-voice telemarketing messages to reach residential phones.
Specifically, below are a list of some of the rules that fall under TCPA:
- Prohibits solicitors from calling residences before 8 a.m. or after 9 pm, local time.
- Requires solicitors to maintain a company-specific “do-not-call” (DNC) list of consumers who asked not to be called.
- Requires solicitors to honor the National Do Not Call Registry unless an exception applies, such as having prior express consent or an established business relationship.
- Requires solicitors to provide their name, the name of the person or entity on whose behalf the call is being made, and a telephone number or address at which that person or entity may be contacted.
- Prohibits any call made using automated telephone equipment or an artificial or prerecorded voice to an emergency line (e.g., “911”), a hospital emergency number, a physician’s office, a hospital/health care facility/elderly room, a cellular telephone, or any service for which the recipient is charged for the call.
- Prohibits unsolicited advertising faxes.
STIR/SHAKEN
System protocols & procedures implemented to help prevent potential compliance issues around Caller ID Spoofing.
STIR/SHAKEN is a caller ID-authentication framework that acts as a digital signature of trust passed from carrier to carrier to improve traceable call delivery.
The Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using toKENs (SHAKEN) standards are abbreviated as STIR/SHAKEN. This means that before reaching customers, calls passing over interconnected phone networks would have their caller ID “signed” as real by originating carriers and verified by other carriers.
All calls must be authenticated/signed by voice service providers within the STIR/SHAKEN framework as required by the TRACED ACT. Only a designated carrier or voice service provider can sign calls.
Phone carriers within the STIR/SHAKEN network will award an attestation, or verification, rating of A, B, or C:
- ‘A’ = ‘Full Attestation,’ which means the carrier knows the caller’s identity and that the caller has the right to use the phone number as a calling number.
- ‘B’ = ‘Partial Attestation,’ which means the carrier knows the caller’s identity but is unsure if the caller has the authority to use the phone number as a calling number.
- ‘C’ = ‘Gateway Attestation,’ which is assigned when A or B cannot be met.
With STIR/SHAKEN, your calls from ReadyMode phone numbers will receive the highest possible level of attestation to give the called party and carriers the highest confidence in your calls from our network
- STIR/SHAKEN is a multi-industry effort to re-establish confidence in voice communications. Its purpose is to stop scammers from using robocalls and unlawful phone number spoofing to defraud consumers and businesses, while also ensuring that legitimate calls reach their intended recipients. STIR/SHAKEN does not “prohibit” specific acts; rather, it uses attestation ratings to give callers incentives to use legitimate caller ID practices to better increase the chances that their calls will be answered.
- In order to meet these ratings, the process forces callers to maintain specific standards that re-establish and maintain confidence in voice communications.
- To put it simply, when STIR/SHAKEN is implemented by both your phone carrier and a caller’s carrier, it helps validate whether incoming calls are from a verifiable source, which makes them more likely to be answered, or are possibly being spoofed, which undermines call recipients’ ability to screen calls.
STIR/SHAKEN must be implemented in the Internet Protocol (IP) sections of providers’ networks between 2021 and 2023, depending on the size and other technical aspects of the provider, so that Americans can benefit from this crucial technology and regain confidence in their phone calls.
The initial deadline for the largest carriers was June 30, 2021.
The originating carrier—which at ReadyMode is its affiliate, FCC-registered AM Communication Labs—will “sign” a call made with a ReadyMode-assigned number with an attestation rating of “A”.
The three degrees of attestation are as follows:
- A = the highest level of attestation – indicates that the carrier is completely sure about the caller’s identity and right to use that specific number and caller ID.
- B = the carrier knows who is calling, but isn’t clear if the caller is permitted to use that phone number or caller ID.
- A gateway attestation, or C grade, indicates that the carrier is unable to verify the caller’s identity or right to use the number/caller ID.
Businesses can take a number of steps to prepare for STIR/SHAKEN:
- Businesses should inquire about their STIR/SHAKEN implementation and whether they can assure that their calls earn a “A” rating by contacting their carrier(s).
- If a company is having an issue with blocked calls, it should work with a provider to rotate the phone numbers it uses, or, better yet, confirm its calling with the carriers and their analytics partners.
- Businesses should perform test calls and notify the carrier or app provider of any incorrect labeling or blocking.
To ensure that outbound call centers are ready for STIR/SHAKEN, they should cooperate directly with their dialer provider:
- Have they fully deployed STIR/SHAKEN, as confirmed by iconectiv and in the FCC’s Robocall Mitigation Database?
- What is the greatest level of attestation you can provide?
- Are they signing the calls themselves or are they having them signed by a third party? (If the latter, the highest possible rating may be B)
Those that use open source or self-hosted dialers (e.g., VICIdial) will be at danger of not receiving an A attestation.
Do Not Call Registries
Avoid dialing mistakes. Import, export, filter and edit your DNC list with custom filtering for comprehensive telemarketing compliance.
Certain states have integrated their Do Not Call lists and information with the federal DNC lists and information. The remaining states, on the other hand, have their own DNC lists that are exclusive to their state. Registrants in states that govern and regulate themselves may or may not be shared with the federal list and may have duplicate information. Prior to launching your campaign, it’s critical that you review the laws of each state where you’ll be calling.
Our platform was built with compliance as a key driver so you can prevent costly fines and decrease your risk of costly TCPA and DNC violations with native integrations to industry-leading compliance vendors.
Federal DNC Registry
The National Do Not Call Registry is a database maintained by the Federal Trade Commission that contains the phone numbers of people and families who have requested that telemarketers not call them.
State DNC Registry
In addition to the National Do Not Call List, which is available to residents in all fifty (50) states and the District of Columbia, citizens in twelve (12) states can register their residential telephones on their state do not call list.
Official Government Do Not Call regulatory sites
FTC National Do Not Call Registry – Consumers
Learn more
FTC National Do Not Call Registry – Telemarketers
Learn more
Data & Security
Keep out bad actors. Prevent your agents from signing in from unsecured locations with a powerful firewall.
Keep what you need. Record all inbound and outbound calls or selected calls for compliance and quality assurance.
Dedicated system teams ensure constant uptime as well as non-disruptive maintenance.
System Access Practices
Maintained protocols and policies to configure secure system access.
Data reliability practices and configuration ensures there is authorized access only.
Data traffic utilizes advanced protocols.
Business Continuity
ReadyMode continues to provide and improve our customers’ ability to maintain their business should there be any unplanned disruptions. We focus on maintaining and securing redundancies as well as data backups.