Five Constraints.
All Locked.

Why This Constraint Exists

PMS/PIMS integrations (Cornerstone, AVImark, eVetPractice) carry 4–8 week onboarding cycles, require IT coordination, and introduce patient-data scoping risks that delay trust and launch. The core after-hours value — structured triage and documented escalation — does not require access to the appointment or medical record system.

How It Is Implemented

• —Clinic identity (name, logo, hours, contacts) is entered directly in the AfterHours Ally admin — no sync required
• —ER partner contacts are maintained as a standalone curated list with address, phone, and maps URL
• —Morning handoff report goes to the practice manager's email — no PMS write-back at v1
• —On-call schedule is managed inside the product — no calendar integration required
• —First-available booking is handled via a scheduling link (Calendly or native) — not via PMS API

Why This Constraint Exists

TCPA violations carry $500–$1,500 per unconsented message. The Telephone Consumer Protection Act and the CTIA's A2P 10DLC rules require explicit opt-in consent before sending commercial/informational SMS to a mobile number. For a product that sends urgency-tier summaries and DVM pager alerts, this isn't optional — it's table stakes and a liability shield.

How It Is Implemented

• —Consent screen is the first gate: pet owner must explicitly accept before any triage content is displayed
• —Consent record is timestamped with UTC timestamp, phone number hash, IP address, and protocol version
• —Outbound SMS uses a 10DLC-registered sender (not a short code or personal number)
• —Every sent message is logged with: sender ID, recipient phone hash, message type, timestamp, delivery status
• —Pet owner phone number is stored encrypted at rest (AES-256); display views show last-4 only
• —Opt-out keywords (STOP/UNSUBSCRIBE) are handled automatically and logged
• —Consent record is surfaced in the audit trail export — not a separate system

Why This Constraint Exists

A2P messages and triage outputs carry legal exposure if they appear to constitute medical advice. The practice acts in every state regulate diagnosis and treatment prescription by licensed veterinarians. An after-hours triage tool that uses language implying diagnosis ("your pet has X") would face product liability, scope-of-practice, and Veterinary Practice Act challenges. Conservative disclaimer language is the architectural moat.

How It Is Implemented

• —Every urgency classification screen displays: "This is a triage guide, not a diagnosis. Your DVM has configured these criteria."
• —EMERGENCY outputs display: "Call [ER partner] now. Do not wait for DVM callback." — not a diagnosis, a routing decision
• —URGENT outputs display: "Your on-call DVM is being notified. This is not a diagnosis." — with explicit disclaimer above fold
• —MONITOR and ROUTINE outputs display self-care guidance with: "If symptoms worsen, use this link again or go to the ER."
• —Consent screen explicitly states: "AfterHours Ally helps you reach the right care. It does not replace a DVM examination."
• —Every session PDF/export includes the disclaimer header — it is non-removable
• —All protocol content is attributed to the named DVM who approved it, with version and approval timestamp

Why This Constraint Exists

Malpractice defense and licensing board complaints both rely on documentation. A practice that can produce a timestamped record of what was asked, what was classified, what the DVM was told, how fast the DVM responded, and what guidance was given is in a fundamentally stronger legal position than one that relies on memory or handwritten notes. Audit trail exportability is also a sales feature: risk-averse practice owners cite documentation as a primary buying criterion.

How It Is Implemented

• —Every triage session receives a UUID at creation — immutable across its lifetime
• —Session record captures: session UUID, clinic ID, DVM protocol version, consent timestamp, species/age/weight, each Q&A pair with timestamps, raw answers, weight scores, classification output, ER partner if routed, DVM page sent timestamp, DVM acknowledge timestamp (or timeout), DVM response text if provided, outcome SMS sent timestamp
• —Session records are append-only — no field may be modified or deleted post-creation
• —Retention: 7 years minimum (AVMA records retention guidance)
• —Practice admin can export: single session (PDF), date-range batch (CSV), or full audit log (CSV)
• —Morning handoff report includes session UUIDs as links to individual records
• —Phone numbers are masked in exports (last-4 only) unless decryption is explicitly authorized by the clinic owner

Why This Constraint Exists

ER routing that requires a user to copy-paste a phone number or manually search Google Maps introduces friction at the highest-stress moment in the triage flow. A tel: href activates the native phone dialer on any device in one tap. A maps URL (Google Maps or Apple Maps) launches turn-by-turn navigation immediately. These require zero third-party API integration, zero account setup, and work on every phone — making them the fastest and most reliable routing method available at MVP.

How It Is Implemented

• —EMERGENCY classification screen displays the designated ER partner card(s) above the fold
• —ER partner card contains: name, address, distance (pre-computed by clinic admin), and two CTAs
• —"Call ER Now" button uses tel:[E.164-formatted-phone] href — taps directly into native dialer
• —"Get Directions" button uses https://maps.google.com/?q=[URL-encoded-address] — opens maps app or browser
• —Clinic admin can configure up to 3 ER partners with priority order (nearest first)
• —ER partner phone numbers are masked for public display (shown as "Emergency Veterinary — tap to call") to reduce social engineering risk
• —The ER routing card includes the disclaimer: "This is not a diagnosis. Go immediately if your pet cannot stand, breathe normally, or has collapsed."
• —ER partner list is maintained by the clinic admin — AfterHours Ally does not provide a national ER directory