Fair Debt Collection Practices Act

The Fair Debt Collection Practices Act (FDCPA) is a federal law that limits the behavior and actions of third-party debt collectors who are attempting to collect debts on behalf of another person or entity. The law restricts the means and methods by which collectors can contact consumers, as well as the time of day and number of times contact can be made.


Telephone Consumer Protection Act

The TCPA restricts telephone solicitations (i.e., telemarketing) and the use of automated telephone equipment. The TCPA limits the use of automatic dialing systems, artificial or prerecorded voice messages, SMS text messages, and fax machines.


SOC 2 Compliance

CMC obtained SOC 2 compliance, which evidences our company’s overall outlook and value placed on the security of consumer, as well as client, information. CMC intends on maintaining SOC 2 compliance and the security of our information systems to accommodate cybersecurity needs of our clients and to protect consumer information in accordance with federal regulations.

View press release


Gramm-Leach Bliley Act

The Gramm-Leach-Bliley Act (GLB Act or GLBA), is a federal law enacted in the United States to control the ways that financial institutions deal with the private information of individuals. The Act consists of three sections: The Financial Privacy Rule, which regulates the collection and disclosure of private financial information; the Safeguards Rule, which stipulates that financial institutions must implement security programs to protect such information; and the Pretexting provisions, which prohibit the practice of pretexting (accessing private information using false pretenses). The Act also requires financial institutions to give customers written privacy notices that explain their information-sharing practices.


HIPAA and HITECH Compliance

The Health Insurance Portability and Accountability Act (HIPAA) was the first legislation that created a set of security standards and requirements for protecting health information. In a recent revision of the act in 2009, HIPAA was extended with the Health Information Technology for Economic and Clinical Health (HITECH) Act. HIPAA and HITECH both attend to the topic of security and privacy of healthcare patients

FWA logo

Fraud, Waste, and Abuse (FWA)

The Center for Medicare and Medicaid Services (CMS) requires compliance with Medicare Part D, more specifically preventing Fraud, Waste, and Abuse. CMC complies with these requirements in an effort to prevent, detect, and correct any instances of non-compliance with Medicare Part D and federal healthcare programs overall. This includes compliance with the False Claims Act, Anti-kickback Statute, Stark Statute, and HIPAA (to name a few). CMC performs searches against the Office of Inspector General (OIG) and General Services Administration (GSA) exclusion lists as well as maintains training programs and general vigilance to prevent non-compliance.

UDAAP logo

Unfair, Deceptive, Abusive Acts or Practices (UDAAP)

The Dodd Frank Act enacted in 2010 contains language specific to Unfair, Deceptive, Abusive Acts or Practices (UDAAP). Similar to the Fair Debt Collection Practices Act regulations, UDAAP outlines requirements where a collection agency is not permitted to use any unfair, deceptive or abusive practices when attempting to collect an amount from a consumer. It is important to note that the Fair Debt Collection Practices Act only applies to third party collection agencies while the Dodd Frank Act and UDAAP applies to any agency or entity attempting to collect an account from a consumer (including first party creditors and/or external agencies).