Add the option for a one-time email with link. #259
Comments
|
@adriaanvanrossum has added support for saving the state in the web browser (checkbox on registration). If many people use this functionality, we might not need functionality for sending emails. I suggest we release what we have, and if the percentage who ticks that checkbox is low, we add email. |
|
I agree. Data from the Norwegian site tell us that only 10 % update their reports. My hypothesis is that this is mainly due to poor user-friendliness (and also partly to the value proposition, but that's not relevant here). I think allowing people the option of sending a one-time email with link will greatly increase the chances of users returning and updating their data. @fossecode Any suggestion on what library/framework to use for sending emails? I think we should give this high priority. |
|
I agree that this is a nice to have at some point. I guess we could achieve the same thing using the native Notifications API (https://developer.mozilla.org/en-US/docs/Web/API/notification). |
|
Nodemailer + Mailgun could probably be used. I agree, we should implement this, but it should not block the launch in NL. |
This doesn't "save" the link right? |
Right now we save the state using a cookie. The notification API can be used for sending notifications without having the page open. |
Can we pull out statistics on this percentage? |
|
By the way, we already have an issue on this: #236 |
|
I would use Mailgun API's (HTTP) over nodemailer (SMTP) for simplicity, if we're planning on implementing this: https://www.npmjs.com/package/mailgun-js |
Yeah, but the site is not launched yet. |
Yeah, I know that. :D Just wanted to check if we have support for inspecting that percentage once we go live. |
|
I think the email's value is mostly in people forgetting to update their status. Not so much able to go back to the same website. So let's say an email after 7 days would be great to ask for an update, right? |
|
Yeah I think that would be a nice feature. But then we have to store a connection between email and health information, which comes with a lot of privacy challenges. But if we find out that it is ok, it would be an awesome feature! |
|
If we ask people it's okay. We can explain that we only email them their personal link to their email address and delete their email after we did send it. Something like that. |
|
I think the laws might differ from country to country. In Norway there is a separate law for treating health information: https://lovdata.no/dokument/LTI/lov/2001-05-18-24, and there are crazy fines for breaking those laws. When we made the first version one week ago we used SMS verification codes in order to prevent people submitting multiple fake reports, but we got major pushback for saving the phone numbers. We might be ok if we delete the email addresses after we have sent the reminder, but we have to be 100% sure that we are on the right side of the law. |
|
Ah I see, do you know people who can figure this out? |
|
What about using the Notifications API? Everything client side.
…On Mon, 23 Mar 2020 at 22:08, Adriaan ***@***.***> wrote:
Ah I see, do you know people who can figure this out?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#259 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABD57KXIM2WX67XSJLQOP3RI7FTFANCNFSM4LSATJVQ>
.
|
|
Or maybe that doesn’t work on mobile very well (if at all)
On Mon, 23 Mar 2020 at 22:09, Michael McMillan <email@michaelmcmillan.net>
wrote:
… What about using the Notifications API? Everything client side.
On Mon, 23 Mar 2020 at 22:08, Adriaan ***@***.***> wrote:
> Ah I see, do you know people who can figure this out?
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <#259 (comment)>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AABD57KXIM2WX67XSJLQOP3RI7FTFANCNFSM4LSATJVQ>
> .
>
|
|
@michaelmcmillan was in contact with Datatilsynet (https://www.datatilsynet.no/en/) last week, they can probably help us answering this (at least for Norway).
Would be interesting to check out the Notifications API and see if it has any limitations. |
|
Not yet available on iOS, so I don’t think we can use it unfortunately. Alternatively we could just send a reminder email without the passcode. That way we don’t relate email addresses and passcodes. In most cases that would probably work fine given that they’ve chosen to set a cookie. |
This is how https://www.symptotrack.org does it. They just email a link and delete the email address. So no reminder, just an email with the link. Smart and simple. You need to make sure the logs do not contain that info as do the logs of the email provider. |
|
Asked Mailgun:
|
|
If mailgun will store this we could create email forwards in another service to the real emails and send those forward email to mailgun. That way mailgun does not know which original email the heath report belongs to. |
|
Got a reply. TL;DR they can't disable storing the info, they can limit it to keeping it for 1 hour.
|
I don't know this but I think right now the overwhelming majority of users is not saving that link.
It would be super useful for the integrity of the data if we could nudge people/help people to actually save that link.
The text was updated successfully, but these errors were encountered: