Open manishapriya94 opened 2 years ago
Capturing discuss notes working with @nawazkhan and @ankitagrawal98
Stage 2 needs to be expanded to take advantage of Auth0's SMS passwordless login option (which is through Twilio ironically) detailed https://auth0.com/docs/authenticate/passwordless/authentication-methods/sms-otp in order to allow people to authenticate with their mobile device rather than needing a Google account
We think the Auth0 passwordless login using the Universal Login flow makes the most sense IF it can provide the phone number used for authenticating
Implement necessary database schema changes for containing constituents mobile number, per campaign notification preference as well as UI changes that populate the data
Developing a monthly digest process that generates digests around the various campaigns that constituents have signed up for
Explore a method for organizers to send out ad-hoc messages to constituents for a given campaign
Open source alternative: https://fonoster.com/
cc: @nawazkhan @ankitagrawal98 @andyfeller
Hello,
As of now, I'm not seeing a source of the sms message, nor what triggers it.
Do the individual campaign managers have access to Twilio accounts (presumably under some sort of organization) and setup their own flow to call an Amplify API endpoint? Or are we looking for a more in-house solution where campaign managers can login to Amplify and build and send their own messages and notifications from Amplify?
Community user story: The groups often don't have IT people and might create another barrier if they have to have their own tooling.
If constituent:
If its admin
access and authentication to perform action
what visibility does subscription give?
Compliance check:
Next steps @Iamsoto explores issues:
Also. HIPAA specifically is for Protected Health Information. I don't see health information stored in Amplify. So I don't believe HIPAA specifically should be a concern for us. Correct me if I'm wrong
source: https://www.cdc.gov/phlp/publications/topic/hipaa.html https://support.twilio.com/hc/en-us/articles/360059959413-Building-HIPAA-Compliant-Messaging-Applications-with-Twilio
The California Consumer Privacy Act might be something to be aware of, however: And if we're reaching an international audience, The EU has the GDPR. Let me know if this seems more relevant.
Source: https://oag.ca.gov/privacy/ccpa https://digitalguardian.com/blog/what-gdpr-general-data-protection-regulation-understanding-and-complying-gdpr-data-protection
Context
User Story: A user can choose to opt into sms alerts around the cause they wrote a letter for. The twilio integration allows us to follow up with user education via SMS.
Specs
Integrate Twilio
Update Database
References
Data Structure | Data Report Feature Discussion Twilio API Docs User Journey Miro
Exit Criteria
Exit Criteria