MolmoroTriage

Boundaries

Security and compliance boundaries

This page makes prototype limits explicit for founder demos and manual pilot operations.

Prototype limitation

This prototype is not production-ready for storing sensitive taxpayer information. In v0, tax documents, SSNs, bank details, driver licenses, and full tax returns should remain inside the firm approved secure portal. This system is intended for front desk call logging, workflow tracking, scripts, and escalation notes.

Operator checklist

No SSNs
No tax documents
No bank data
No tax advice
Use firm portal
Escalate professional questions
Human review required

What this service does

Provides administrative front desk workflow support: routine call logging, approved scripts, appointment routing, portal guidance, bilingual process explanations, and escalation notes.

What this service does not do

Does not prepare returns, provide legal/tax/financial advice, decide deductions or credits, collect tax documents, promise refunds, or replace the firm's tax professional.

Sensitive data policy

Do not collect SSNs, bank details, driver licenses, full tax returns, or taxpayer identifiers in the prototype.

Tax advice policy

Any question about deductions, credits, filing status, dependents, reporting obligations, refund amounts, or tax positions must be escalated to the firm.

Document handling policy

Tax documents should remain inside the firm's approved secure portal such as Drake Portals, TaxDome, Canopy, SmartVault, ShareFile, or another approved system.

Escalation policy

Escalate tax advice, notices, upset clients, billing exceptions, sensitive-data risk, missing firm approval, and appointment exceptions.

AI usage policy placeholder

Future AI summarization would require firm approval, human review, consent controls, audit logs, and strict exclusion of sensitive taxpayer data.

Data retention placeholder

A production version would define retention windows, deletion workflows, role-based access, and audit trails.

Incident response placeholder

A production version would document escalation, notification, containment, and review steps for any sensitive-data incident.

Recording/transcription disclosure

Calls may be recorded or transcribed only according to the firm's approved policy.

Retention policy

Demo calls may be retained for testing. Real pilot calls should use minimal retention and redacted summaries.

Redaction policy

SSNs, bank details, IDs, W-2s, 1099s, tax returns, and exact taxpayer identifiers are not stored in the dashboard.