I'm no lawyer, but have been thru the FCC testing process a few times. For a ordinary device that doesn't deliberately transmit (called "unintentional radiator" by the FCC), there is no legal requirement for certifcation. There are legal requirements for what it is allowed to emit, but it up to you how to make sure your device works within the rules.
You can simply sell a unintentionally radiating device without testing. However, if someone files a complaint and the device is found to exceed the legal radiation limits, you're in deep doodoo. If you had the device tested by a accredited test lab and they determined it was within the limits, your legal case will be much better. The FCC still has the right to force you to withdraw the product and even confiscate every unit out there, but if you can show you followed accepted practices of testing then there will be much less of a issue of punative actions.
Intentional radiators are a different story. You do have to have FCC certification to legally sell one in the United States. When the device is certified, you get a certification ID, and that ID generally has to be indicated somewhere on the outside of the device where others can see it.
In the case of a bluetooth module, most likely the module vendor has gotten the certification for the module. If not, I wouldn't go near it. Even if so though, you are still on the hook for the product as a whole. The module will also be certified with some restrictions, like a specific list of antennas that it is certified with. If you attach a different antenna, for example, the module is no longer certified and you're on your own.
If you're trying to sell a intentionally radiating product, you'd better talk to a expert early in the process. You can wing it a bit with unitnentional radiators, but you really don't want to play games with intentional radiators, even if you're using a certified module that does all the intentional radiating.
It might be a good idea to talk to a testing house. They generally will know all the rules. Just keep in mind they sell testing services, and their answers may a bit biased towards you needing a lot of testing.
Your use case sounds like a perfect match for Bluetooth LE. I would seriously consider it. The biggest disadvantage would be, as you hinted at, older smartphones don't support it. However, adoption is growing rapidly. Apple's iOS devices (iPhones, iPads, iPod Touches) support Bluetooth LE as far back as the iPhone 4S, iPad 3 & iPad Mini, for example. Pretty much all recent Android devices support it too, from my understanding.
The smartphone integration of Bluetooth LE will be much easier than Bluetooth Classic (particularly on iOS, if that is relevant to your product).
There's a whole bunch of BLE chipsets and modules already available. A few suggestions: http://www.ti.com/product/cc2541, http://www.bluegiga.com/bluetooth-4.0-modules
If you absolutely need to support legacy devices, then a dual mode Bluetooth chipset like the TI CC2560 would probably be your best bet. I don't have much experience working with legacy Bluetooth so can't offer much more in that area.
Best Answer
My understanding is that if your digital device is capable of plugging into mains power, you will have to at least get unintentional radiator testing done. From what I hear (no personal experience, just research), testing for unintentional radiators is relatively cheap and easy. The sparkfun link below estimates the cost at about $1500.
For intentional radiators, it seems that using a certified device with modular approval, subject to the module's grant restrictions, allows you to use the certification of the module. You still have to have the unintentional radiator testing done though.
See:
http://www.rfi-global.com/images/uploads/file/FCC%20Certification%20-%20Overview%20For%20Integrated%20Wireless%20Devices.pdf
http://www.digikey.com/en-US/articles/techzone/2011/mar/the-fcc-road-part-15-from-concept-to-approval
https://www.sparkfun.com/tutorials/398