Compliance

The compliance stack, layer by layer. Federal floor. State overlay. Operator config.

Outbound dialing is governed by a federal floor, a state-by-state overlay, and a handful of vertical-specific regimes (FDCPA, HIPAA-aware, FEC). The platform handles the operational controls; this index covers how they map to the underlying law. We are operators, not lawyers — read these as runbooks, not as legal advice.

See the trust center Talk to us

7-day free trial · Cancel anytime · Pay with card, PayPal, or USDT

vicifast — compliance check

Per-dial checks

all passed

TCPA · Blacklist Alliance scrub✓ clean · 47ms

DNC list · federal + state✓ not listed

Call window · per-state law✓ 8 AM – 9 PM local

Consent flag · prior express✓ on record

Recording disclosure✓ played at 00:02

Audit log row written · 7-year retention · operational, not legal advice.

6regulatory regimes covered

12+state-by-state pages

Per-trunkTCPA scrubbing

7-yraudit log retention

Regulatory regimes

Six regimes, every one operationalised on the platform.

Each tile is a regime the platform is configured for. The deep guides below cover the runbook — what to set, what to scrub, how to retain, what the audit trail looks like.

TCPA

Federal Telephone Consumer Protection Act. Prior express consent, ATDS rules, DNC mechanics, post-2024 FCC clarifications. Per-trunk Blacklist Alliance scrub baked into the platform.

FDCPA

Fair Debt Collection Practices Act. Calls-per-day caps, time-of-day windows, third-party disclosure prohibitions, validation notice timing. Per-list recording retention for the regulatory window.

HIPAA-aware

On enterprise contracts. PHI scrub on transcripts, voicemail content rules, BAA sign-on, encrypted at rest. Standard plans do not sign BAAs; HIPAA-handling workloads engage via /enterprise.

FEC + political

Federal Election Commission record-keeping. 7-year donor retention. NGP VAN / ActBlue / Aristotle export hooks. Solicitation script disclosure timing.

GDPR + DPA

EU customers can pick EU-only regions. DPA published; sub-processor list at /sub-processors with notice on changes. Right-to-deletion via admin data-purge after the legal retention window.

Recording laws

Two-party vs one-party consent by state. Announce-beep, opening-disclosure, opt-out flow tuned per recording-jurisdiction. Per-list recording_retention overrides for litigation-hold cases.

Federal + topic guides

Deep guides per regime.

Operator-perspective writing. What changed, what the platform handles for you, what you still need to configure, what the audit trail proves.

TCPA compliance for outbound dialing

Operator-perspective guide to the Telephone Consumer Protection Act — what's required, what's enforced, what hits dialing operations.

Read the guide

DNC compliance for VICIdial operators

Federal DNC, state DNC, internal DNC — how to configure VICIdial to honor all three and stay defensible.

Read the guide

STIR/SHAKEN for outbound dialers

How STIR/SHAKEN attestation works, why your answer rates depend on it, and how to get attestation A.

Read the guide

Call recording laws by state

One-party vs two-party consent, where each applies, and how to configure VICIdial's recording for compliance.

Read the guide

HIPAA-aware dialing for call centers

Operator-perspective guide to HIPAA for VICIdial deployments — what the law covers, what the platform supports, where Business Associate Agreements come in.

Read the guide

State telemarketing law overview

Which states have their own telemarketing rules on top of federal TCPA, and the operational deltas.

Read the guide

By state

State-by-state overlay on the federal floor.

Call windows, do-not-call list mechanics, recording-consent posture, registration requirements. The differences that change how you configure a campaign.

Florida

Florida Telephone Solicitation Act — what's added on top of federal TCPA. Time windows, registration, statutory damages.

California

California adds strict recording rules + the CCPA/CPRA privacy overlay to federal TCPA.

New York

NY Telephone Consumer Protection Act (2025 update) — what changed and what it means for outbound dialers.

Washington

WA Telephone Consumer Protection Act — strict consent + statutory damages on top of federal.

Texas

Texas Business and Commerce Code Ch. 305 — what TX adds to federal TCPA.

Illinois

Illinois Restricted Call Registry + state-specific consumer protections.

Massachusetts

MA two-party recording + telemarketing rules.

Maryland

MD Wiretap Act (two-party) + Maryland Telephone Solicitations Act.

Oklahoma

OK Consumer Protection Act + telemarketer licensing requirements.

Indiana

Indiana DNC list + state-specific telemarketing rules.

New Jersey

NJ Do Not Call list + Consumer Fraud Act overlay.

Pennsylvania

PA Telemarketer Registration Act + DNC list.

Procurement evidence in one place.

Security posture, retention windows, sub-processor list, DPA, incident disclosure contact, and the current state of every certification we hold (or are pursuing) — all on the trust center.

Open the trust center

Compliance is operational. We give you the platform controls.

The legal interpretation stays with you and your counsel. We make sure the dialer can actually enforce what they tell you to.

See the trust center