SMS Consent Verification

Twilio A2P 10DLC Campaign Registration

Campaign SID: CM822efdc4fb210d6419186b8608afc6da

Brand: Pryme Practice

Use Case: Customer Care - Healthcare Communications

Overview

This document provides visual verification of our SMS consent mechanism for Twilio A2P campaign compliance. Our patient portal implements a clear, explicit opt-in process for SMS communications that meets all TCPA and carrier requirements.

Key Compliance Features:
  • Explicit opt-in checkbox specifically for SMS notifications
  • Clear description of message types patients will receive
  • Authenticated access requiring patient login
  • Timestamped consent tracking in database
  • Easy opt-out mechanism through the same interface

Patient Consent Flow

Initial Login - Communication Preferences Required

1 Patient Authentication: Patients log into the portal using one of three secure methods (Name + Birthday, Phone + Birthday, or Access Code).
2 Preferences Prompt: On first login or when preferences haven't been set, patients are prompted to configure their communication preferences.

Screenshot 1: Initial Communication Preferences Screen

This screen appears when a patient first logs in or hasn't set their preferences. Note the clear separation between SMS and Email options.

Initial login showing communication preferences with SMS opt-in option
Important Features Visible:
  • SMS Notifications checkbox - Currently unchecked (no consent given)
  • Clear description: "Receive appointment reminders, confirmations, and important updates via text message"
  • Email Communications checkbox - Separate consent for email
  • Privacy Notice explaining data usage and patient rights

Managing Consent - Patient Profile

Ongoing Preference Management

3 Profile Access: Patients can access their communication preferences anytime through their profile settings.
4 Modify Consent: Patients can opt-in or opt-out of SMS notifications at any time with immediate effect.

Screenshot 2: Patient Profile - Communication Preferences Management

The patient profile showing the communication preferences section where patients can modify their SMS consent at any time.

Patient profile showing SMS communication preferences management
Consent Management Features:
  • Toggle switches for immediate preference changes
  • Last updated timestamp showing when preferences were set
  • Auto-save functionality (changes take effect immediately)
  • Visual confirmation when preferences are saved

Technical Implementation

Database Consent Tracking

Patient Table Fields:
- sms_opt_selection (boolean): Stores consent status
- sms_opt_set_at (datetime): Timestamp of consent action
- email_opt_selection (boolean): Separate email consent
- email_opt_set_at (datetime): Email consent timestamp

Consent Verification Logic

Our Laravel backend checks the sms_opt_selection field before sending any SMS messages. Only patients with sms_opt_selection = true will receive text messages.

Compliance Features

  • Explicit Consent: Clear checkbox requiring active selection
  • Granular Control: Separate options for SMS vs Email
  • Message Type Disclosure: Clear description of what messages will be sent
  • Authenticated Access: Requires patient login preventing unauthorized changes
  • Audit Trail: Timestamped records of all consent changes
  • Easy Opt-Out: Same interface for opting out as opting in
  • Privacy Notice: Clear statement about data usage and rights

Message Types Covered by Consent

When patients opt-in to SMS notifications, they explicitly consent to receive:

Note: We do not send marketing messages. All communications are transactional and directly related to the patient's healthcare services.

Live Portal Access

Reviewers can verify our consent mechanism at our live patient portal:

Test Patient Credentials

Location URL: [Will be provided upon deployment]

Authentication Method: Name + Birthday

Test patients are available for verification. Please contact support for access credentials.

Additional Compliance Information

Opt-Out Management

In addition to the portal interface shown above, we support standard SMS opt-out keywords:

Data Retention

Consent records are maintained for the duration required by healthcare regulations and TCPA compliance requirements. All consent changes are logged with timestamps for audit purposes.