Patient Visit Advocate module-spec M-00
module-spec artifact · for Patient Visit Advocate · phase M-00 · status approved
module-spec artifact · for Patient Visit Advocate · phase M-00 · status approved
- Policy artifact includes source-backed medical safety, privacy, consent, encryption, and tracking rules.
- Feature spec records platform and anonymous-draft decisions.
- MVP output taxonomy explicitly separates allowed preparation outputs from disallowed clinical outputs.
- First health-data input, model-processing consent, generated brief footer, and question plan header have approved draft copy.
- Plan blocks implementation until model/provider data-handling review is assigned.
- M00-AC-CLIENT-001
- id: M00-AC-CLIENT-001 - criterion: M-00 references client-source-reference as the canonical current client boundary, while keeping final attorney review as a release gate. - M00-AC-CLIENT-002
- id: M00-AC-CLIENT-002 - criterion: No implementation task is approved unless its acceptance criteria include the applicable Q&A disclaimer, onboarding, coverage, and lint rules.
Lock the safety, privacy, regulatory posture, and AI-output boundary before implementing the patient visit advocate MVP.
Machine-readable source fields
Lock the safety, privacy, regulatory posture, and AI-output boundary before implementing the patient visit advocate MVP.
M-00
Safety and Product Boundary
draft
M-01 Visit Data Model
| id | gate |
|---|---|
| LEGAL-FINAL-001 | Attorney/legal final signoff required before public Q&A launch; client dev reference is pre-review guidance, not final legal clearance. |
1.0
| id | url | title | relevance |
|---|---|---|---|
| FDA-CDS-2026 | https://www.fda.gov/media/191560/download | FDA Clinical Decision Support Software guidance transcript | Avoid outputs that provide specific diagnostic or treatment directives or replace clinician judgment. |
| HHS-MHEALTH | https://www.hhs.gov/hipaa/for-professionals/special-topics/health-apps/index.html | HHS/OCR Resources for Mobile Health Apps Developers | Use the federal mobile health app interactive tool to evaluate HIPAA, FTC Act, Health Breach Notification Rule, FD&C Act, COPPA, and related obligations. |
| FTC-MOBILE-HEALTH-BEST-PRACTICES | https://www.ftc.gov/business-guidance/resources/mobile-health-app-developers-ftc-best-practices | FTC Mobile Health App Developers: Best Practices | Requires clear notice/affirmative express consent, strong encryption, vulnerability management, data inventory, and transparent privacy/security statements. |
| FTC-HHS-TRACKING-RISK | https://www.ftc.gov/news-events/news/press-releases/2023/07/ftc-hhs-warn-hospital-systems-telehealth-providers-about-privacy-security-risks-online-tracking | FTC and HHS warning on health data tracking technologies | Health apps and telehealth surfaces must avoid impermissible or undisclosed disclosure of sensitive health data to third-party trackers. |
- Organize user-provided symptoms, timeline, concerns, context, and unknowns
- Generate a concise visit brief for patient use
- Generate clinician-facing questions the patient can ask
- Translate user-entered medical terms or instructions into plain language with uncertainty
- Summarize user-entered post-visit notes into next steps and open questions
- Diagnosis or differential diagnosis
- Medication or treatment recommendation
- Care pathway directive
- Acute risk prediction
- Provider-facing clinical decision support
- Claims that the product is HIPAA compliant or FDA-cleared without formal review
| id | role | status | artifact id |
|---|---|---|---|
| client-source-reference | client-provided compliance and Q&A corpus source | draft | fb647c16-c6de-412b-a46f-56746971cf25 |
| compliance-gap-review | artifact update checklist before build approval | draft | 1709cbbf-8bc3-44d0-b580-e5a38baf4a94 |
Some symptoms can require urgent medical attention. If you think this could be an emergency, call emergency services or seek urgent care now. This app cannot determine how serious your symptoms are.
If the user reports potentially severe or emergency symptoms, stop normal generation and show conservative urgent-care copy plus emergency-services guidance appropriate to the product region. Do not attempt precise triage ranking in MVP.
- Policy artifact includes source-backed medical safety, privacy, consent, encryption, and tracking rules.
- Feature spec records platform and anonymous-draft decisions.
- MVP output taxonomy explicitly separates allowed preparation outputs from disallowed clinical outputs.
- First health-data input, model-processing consent, generated brief footer, and question plan header have approved draft copy.
- Plan blocks implementation until model/provider data-handling review is assigned.
- M00-AC-CLIENT-001
- id: M00-AC-CLIENT-001 - criterion: M-00 references client-source-reference as the canonical current client boundary, while keeping final attorney review as a release gate. - M00-AC-CLIENT-002
- id: M00-AC-CLIENT-002 - criterion: No implementation task is approved unless its acceptance criteria include the applicable Q&A disclaimer, onboarding, coverage, and lint rules.
| id | copy | location |
|---|---|---|
| COPY-001 | This app helps you prepare for a medical visit. It does not diagnose conditions, provide treatment advice, or replace a clinician. If you may be having an emergency or severe symptoms, seek urgent medical care now. | first health-data input |
| COPY-002 | To create your visit brief, we need to process the health details you entered. Continue only if you want this app to use that information for appointment preparation. | before server/model processing |
| COPY-003 | Use this brief to help explain your concerns and ask questions. Your clinician is responsible for diagnosis and treatment decisions. | generated brief footer |
| COPY-004 | These are questions to discuss with your clinician, not medical instructions. | question plan header |
Pocket Advocate Developer Reference Guide v1.0, May 2026
- Patient education and advocacy
- Questions to ask providers
- Rights and healthcare-system navigation
- General condition vocabulary with individual caveats
- Emergency awareness without app-provided triage criteria
- Diagnosis or symptom-based condition inference
- Treatment recommendations or preferred medications
- Universal clinical thresholds, doses, targets, or taper schedules
- Emergency triage criteria using specific measurements or time windows
- Directive medical instructions such as never, always, must, should, or need to when applied to clinical action
The app gives patients vocabulary and courage to ask questions; providers give medical answers.
Action required before public launch
- Create a data inventory before implementation: raw intake, extracted structure, generated brief, question plan, debrief, memory items, account metadata, logs, analytics events.
- Do not send health content to analytics, ad pixels, session replay, or generic product telemetry.
- Use strong encryption in transit and at rest for any persisted health content.
- Require explicit consent before server/model processing of health content.
- Make deletion/export/correction requirements part of the memory foundation before public launch.
- Retain raw chat only if there is a clear user-visible reason; prefer structured user-corrected memory.
| id | requirement |
|---|---|
| QNA-SC-001 | All Q&A content uses section label Questions to ask your provider; old What to do or ask label is forbidden in DB and UI. |
| QNA-SC-002 | Every expanded Q&A card renders exact non-dismissible disclaimer: General educational information only ? not medical advice. Always discuss your specific situation with your qualified healthcare provider. |
| QNA-SC-003 | First launch requires explicit acknowledgement of the exact client onboarding disclaimer before content access; same text remains available in Settings > Legal. |
| QNA-SC-004 | Coverage clusters render exact recency caveat and are tagged in the data model. |
| QNA-SC-005 | Content linting flags clinical thresholds, directive clinical language, drug recommendations in answer text, emergency triage specificity, diagnosis implications, and unqualified comparative claims. |
| QNA-SC-006 | Workbook row count discrepancy is resolved before scope/cost estimates or full import approval. |