MVP Scope
What ships in 3 weeks, what doesn't, and why. Built from the PM's must-have / nice-to-have lists with recommended cuts where the timeline doesn't permit. The single most important decision is the demo-vs-product framing covered below.
The framing decision
Two products are being conflated:
- Path A · Sales demo — polished UI, synthetic data, no real auth integration. Goal: get partners excited at the May 28th event. Achievable in 3 weeks.
- Path B · Working pilot — real patient data, real consent, real audit, real partners onboarded. Realistic in 2–3 months.
The current plan reads as if both are achievable simultaneously. They are not. Pick one for May 28th. The recommendation in this document is Path A for the event with Path B starting immediately after.
1. Recommended MVP (Path A · Demo)
What ships by May 28th if we treat the event as a sales demo.
HCP-Managed account & user flow In
Single account type for MVP: doctor / clinic that owns devices and assigns them to patients. Login, password reset, profile.
Why: Covers the largest pilot use case. Avoids the legal and cross-team complexity of patient-managed flow.
Patient list In
Table of patients assigned to the logged-in user. Status (active / inactive / paused), latest reading, BP category, last sync date. Filter + search.
Why: Core navigation surface. Already designed in the prototype.
Patient detail view In
Per-patient page: demographics, device assignment, blood pressure trend chart (re-added — it was stripped in the must-have prototype), latest readings table, sleep + steps summary.
Why: Without a trend chart this isn't a clinical tool. The trend chart is non-negotiable for credibility with doctors.
CSV export In
Export patient list and per-patient readings to CSV for use in clinical workflows.
Why: Frequently called out as the #1 partner workflow ask. Cheap to build (jspdf-autotable + a CSV serializer).
Synthetic data set + clear "synthetic" indicator In
Realistic-looking but fully synthetic patients, devices, and readings. UI banner / footer note that this is demo data, not real patient data.
Why: Lets the dashboard demo at the event without legal exposure. Banner protects against accidental misrepresentation.
Managed identity provider integration (Azure AD B2C / Auth0) In
Login, password reset, MFA-ready, audit-ready. Replaces David's manual workflow.
Why: One day of work; ships compliant auth without home-rolling it.
Audit logging primitives In
Append-only logging table + middleware decorator on every API handler. Captures patient data reads, exports, role changes, auth events. Even with synthetic data — primitives in place from day 1.
Why: Retrofitting audit logging later costs more than building it from scratch. Cheap insurance.
2. Cut from MVP — promote to Phase 2
Features the PM put in the must-have list that should be cut to make the timeline work.
Patient-managed device flow Cut
Patient owns the device, dashboard reads their data after consent. Requires (a) legal sign-off on consent flow, (b) mobile app team capacity, (c) B2C system endpoints we don't control.
Cut because: Cross-team dependency on the mobile app team under a 3-week timeline is unrealistic. Phase 2 after legal approval and app team capacity allocation.
PDF export Cut
Per-patient PDF report, similar to existing system.
Cut because: The PM herself flagged this as "potentially include in MVP based on development speed". CSV covers the workflow ask. PDF is a polish item — Phase 2.
Multi-team / branch UI Cut
Branch admin role, team management, team lead views.
Cut because: Out of scope per the PM's own doc. Schema supports it (multi-tenant scoping from day 1) but no UI in MVP.
Self-service partner account creation Cut
Partners create their own accounts via Shopify / website / signup.
Cut because: Per the transcript, MVP is manual: Konstantin creates the account, emails credentials. Self-service is Phase 3.
HubSpot / Shopify integration Cut
CRM sync, order-driven account creation.
Cut because: Account creation is manual for MVP. Integrations are deferred until the source-of-truth question is answered.
B2C user dashboard Cut
PM speculated that B2C users could get their own dashboard ("just another account type").
Cut because: It is not just another account type — different permissions, different revenue model, different consent model. Phase 3 at earliest.
3. PM's Must-Have List · Annotated
The PM's exact must-have list from the Product Strategy doc, annotated with our recommendation.
| Feature | PM status | Our call | Notes |
|---|---|---|---|
| Account & Rights Management | Alignment needed | In | Single account type only for MVP; full role matrix designed but not all roles built. |
| Permission Management — HCP-managed | Alignment needed | In | Doctor onboards patient, manages assignment lifecycle. |
| Permission Management — Patient-managed | Alignment needed (In Scope?) | Cut | Cross-team dependency; legal not aligned. Phase 2. |
| Monitoring Data in Dashboard | In progress | In | Patient list + detail with trend chart. |
| Data Export — CSV | Alignment needed | In | Patient list + per-patient readings. |
| Data Export — PDF | Alignment needed | Cut | Defer; CSV covers the workflow ask. |
| Data Management (B2B segment, credentials, notes, user) | Not started | In | Schema design only — covered by core data model in MVP. |
| Tracking | Not started | In | Event logging into audit table; analytics dashboarding deferred. |
4. PM's Nice-to-Have List · Annotated
| Feature | PM status | Our call | Notes |
|---|---|---|---|
| Monitoring Data overview (KPI cards, alerts) | In progress | Nice | Re-add if time permits in week 3. |
| Order Devices (embedded / lead form) | — | Cut | No revenue path defined. Phase 3. |
| HCP Referral Program | — | Cut | Phase 3. |
| Light notes / annotations | In progress | Nice | Schema in DB; UI if time. PM wants partner feedback before committing. |
| Email CSV file (weekly) | Alignment needed | Cut | Manual export covers MVP need; weekly automation deferred. |
5. Out of Scope · keep out
The PM's own out-of-scope list, validated:
- Advanced multi-user account structures within one organisation Out
- Full enterprise hierarchy management across regions, clinics, teams Out
- API / SDK integrations with third-party systems Out
- EMR / EHR integrations such as Epic Out
- Advanced automation workflows Out
- Billing & subscription automation beyond pilot workaround Out
- AI-based diagnosis, prediction, treatment recommendations Out
- Complex reporting across multiple patients / organisations Out
- Highly configurable dashboards or custom analytics Out
- Multi-patient band assignment (hardware constraint — band is currently 1:1) Out
6. Success Criteria for May 28th (Path A)
If we ship the demo path, success looks like:
- Live demo runs cleanly on the event floor on a synthetic but believable data set
- Partners can create an account on the spot (Hilo staff provisions, partner logs in)
- Partners can navigate patient list → patient detail → trend chart → CSV export end-to-end
- Auth works (real login flow against Auth0 / Azure AD B2C)
- Sub-second page transitions; no obvious bugs in the happy path
- Marketing materials (newsletter, one-pager) link to the live URL behind Basic Auth or invite-only
7. Success Criteria for Path B (working pilot, Phase 2)
What needs to be true before any real patient data lands in the dashboard:
- Legal-approved consent flow wording & technical design
- Audit logging covering all data reads, exports, role changes
- Read access to B2C data via the agreed mechanism (replica / API)
- Data Processing Agreement template ready for partner signature
- HIPAA scope clarified by Hilo legal (US customers? EU only?)
- Mobile app team alignment if patient-managed flow is included
- Restore drill on Postgres backups
- Penetration test or security review on the deployed stack