Keep Your ACA Compliance Records in a Vault You Control
If you assist consumers on the Federally-facilitated Marketplace or a State-based Marketplace on the Federal Platform, CMS requires documented consumer consent before assistance and documented review and confirmation of eligibility application information before submission. Those records must be retained for at least 10 years and produced to CMS on request.
Informed + Choice gives you one independent place to create, capture, store, import, and retrieve those records.
Keep the quoting and enrollment tools you already use. Put compliance in a vault that stays with your agency.
Share with a fellow ACA broker
Two records. One repeatable workflow.
You do not need another bloated CRM to handle ACA Marketplace compliance. You need a clean workflow for the two records that matter most: consumer consent and eligibility application review. CMS does not prescribe one exact documentation method, but it does require a process where the consumer or authorized representative takes an action that creates a record you can maintain and produce. CMS examples include recorded phone calls, text messages, emails, and signed electronic forms.
With Informed + Choice, you generate the record, send a secure link, capture the consumer's action, and keep the audit trail with the final file. If you already quote or enroll through another platform, keep doing that. Informed + Choice is the independent record layer underneath your existing stack.
What this workflow covers
Consumer Consent Documentation
Your consumer consent workflow captures the information CMS expects, including the scope, purpose, duration, date, parties, and rescission process.
Eligibility Application Review
Your eligibility application review workflow captures the separate information CMS expects before submission, including the review date, the consumer or authorized representative, the explanation of the attestations, and the assisting agent or broker.
Send forms by text or email from your own device, let the consumer sign without creating an account, and keep the signed file with its audit details in one place. Historical PDFs and related files can be imported into the same vault so older records are not stranded across folders and prior systems.
What about recorded calls?
If your documentation is a recorded call rather than an e-signed form, keep that recording alongside the rest of the file. CMS says unwritten verbal consent by itself is not enough, but a recorded call can be part of a compliant record when the documentation requirements are met.
See the ACA Consent Workflow in Action
Watch how an ACA broker generates a digital Consent for Assistance form, sends it via SMS, and stores it in tamper-proof 10-year WORM storage — all in under two minutes. The same workflow applies to Eligibility Application Review forms.
Desk Audit Readiness
When CMS requests ACA consent evidence, respond fast
ACA Compliance Vault keeps each consent record organized with clear event history so a CMS desk audit feels like a quick export task, not a high-risk scramble.
- Consumer evidence chain: View and signing events are stored in sequence for each consent record.
- One-click documentation: Pull the evidence receipt or original locked PDF directly from the audit view.
- Built for 10-year retention: Records remain available in WORM storage through the full CMS retention window.
Why independent storage matters
Compliance records should not be trapped inside your quoting stack, enrollment platform, or FMO tool. An independent vault keeps your files portable, searchable, and under your agency's control even if the rest of your stack changes later. Informed + Choice already supports platform-independent storage and historical imports so you can consolidate prior records instead of leaving them scattered across vendors and inboxes.
The Data Lock-In Problem
If you ever decide to switch uplines or change enrollment platforms, your mandatory compliance records are trapped in a system you no longer control. To protect your independent agency and your license, you need an independent compliance vault.
Learn why a decoupled compliance architecture is critical for protecting your agency's independence — in both the Medicare and ACA markets.
Built for agencies, not just solo agents
CMS allows consent at the agency level when the documentation names the specific agency. If that agency-wide consent is still valid, other agents in the same agency can rely on it for the actions authorized by the consumer. The separate application-review documentation requirement still applies before submission or updates.
Works With Your Existing Stack
Keep your current quote engine
Already using another quoting or enrollment workflow? Keep it. This page is not about replacing every tool in your stack. It is about giving your agency a clean, repeatable compliance layer that stays with you even if the rest of your workflow changes.
Consumer Consent Records
Document scope, purpose, duration, date, parties, and rescission process — the elements CMS expects for consent documentation.
Application Review Records
Document review date, consumer or authorized representative, attestation explanation, and assisting agent or broker — the separate elements CMS expects before submission.
One Vault. $9.99/mo.
Both record types plus Medicare SOAs stored for 10 years in the same platform-independent vault. One price. No bloat. No contracts.
16 Languages Built In
View supported languages for consent and review forms
Send ACA consent forms and Medicare SOAs in Spanish, Chinese, Vietnamese, Korean, Arabic, and 11 more languages. Instructions, prompts, and the final signed PDF are all presented in the selected language.
Included with Your ACA Compliance Vault Account
Built-in Marketplace Plan Finder
Search Marketplace plans, compare options, and review provider and drug coverage — all inside your ACA Compliance Vault account.
Also from Informed + Choice
Also sell Medicare?
Our agent platform handles everything upstream for the senior market — Blue Button consent, automatic Part D medication imports, and coverage-aware Medicare intake workflows. Use it alongside SOA Vault or separately.
$9.99/mo. Consumer consent, eligibility review & Medicare. Stored for 10 years.
CMS may request your documentation at any point during the 10-year retention period. Full compliance protection for both markets costs less than a single lunch per month.
The risk of no vault
$25,000+
Potential fines, lost commissions, and license suspension from a failed CMS audit
The cost of protection
$9.99/mo
Unlimited consent and review records, Medicare SOAs, e-signatures, and 10-year platform-independent storage
SOA Vault — ACA & Medicare
Full compliance. Both markets. No contracts.
Rate locked & guaranteed for 10 years
Sign up now and keep $9.99/mo even after prices increase. No contracts — cancel anytime.
- Unlimited consumer consent & eligibility review documentation
- Medicare Scope of Appointment forms in the same vault
- Send via text or email from your own device
- 10-year tamper-proof WORM storage produced to CMS on request
- Call recording storage alongside signed forms
- Historical PDF import to consolidate records from prior systems
- Platform-independent — stays with your agency if your stack changes
That's $119.88/year for full CMS audit protection across consumer consent, eligibility review, and Medicare.
Frequently asked questions
Does this apply in every state?
The federal documentation rules apply to the Federally-facilitated Marketplace and State-based Marketplaces on the Federal Platform. State-based Marketplaces that do not use the federal platform may have similar or different rules, so agents should confirm those requirements with the relevant state authorities.
Can we use our own forms and workflow?
Yes. CMS does not pre-approve your exact forms or process. You can use your own form or method as long as it meets the documentation requirements, and CMS also offers a model consent form you may adapt.
Can the record be text, email, e-signature, or a recorded call?
Yes. CMS examples include recorded phone calls, text messages, emails, and signed electronic forms, as long as the process creates a maintainable record that can be produced on request. Unwritten verbal consent alone is not enough.
How long do we need to keep ACA records?
At least 10 years following the enrollment or application submission, and CMS may request that documentation at any point during that period.
Can we import historical files?
Yes. Informed + Choice already supports importing older forms and related files into one searchable vault so your previous records are not stranded in email, desktop folders, or prior systems.
We also sell Medicare. Do we need a separate compliance tool?
No. ACA workflows and Medicare Scope of Appointment workflows run in the same SOA Vault account, so you can keep both lines of business in one compliance system.
Own your ACA compliance records.
Keep your current stack. Keep your records searchable. Be ready when a file is requested.
Resources: ACA Marketplace tools · SOA Vault features · Medicare agent tools · Blog · Pricing
Compliance requirements described here are based on CMS rules for agents and brokers assisting consumers on the Federally-facilitated Marketplace and State-based Marketplaces on the Federal Platform. Off-Marketplace business and State-based Marketplaces not on the federal platform may be subject to different state rules.