EMS communication over unencrypted channels is limited by HIPAA, patient information must be kept vague to protect patient privacy. In the event that, say, an individuals name needs to be given to the receiving facility to facilitate review of records prior to arrival by the ER physician, some other method of communication has to be used.
All remote based typing is awful, T9 included. I can’t speak for everyone, but I can type with swipe gestures on a virtual keyboard via remote faster than I can input T9 text. I’m unaware of any stock remote for a device with a full keyboard. I would argue Apple has text entry perfected at least as well as any other major manufacturer. You have virtual keyboard entry, solid voice-to-text, and it can be configured to push a notification to your iOS device when you enter a search bar which will auto-open to the remote app and pull up the keyboard. Because of this feature passwords can also be autofilled from Keychain to make logins easier.
You may personally prefer T9, but I’ve never seen anyone in the last decade input anything into a TV via T9. And you’re asking why it doesn’t have voice input, when it does. You admit to having never used an Apple TV yourself. I hate the idea of app-only interfaces features, but this isn’t a case like that. Maybe you should understand the features of a product before you call it “fucking stupid”.
You’ll have to strike a balance between security and ease. Your two major options are reverse proxy and VPN (Tailscale is one option for VPN)
For reverse proxy, you functionally open the app to the internet. Anyone with the correct web address can access the login page. This is inherently less secure than VPN, but not irresponsibly so. Beyond the reverse proxy itself, you’ll also have to learn how to configure an HTTPS certificate to increase security since it will be open to the internet.
For VPN, every user you want to be able to access the service has to be tied into the VPN and have the VPN running throughout their access. Tailscale is arguably the easiest way to configure a VPN right now, as you won’t have to manually deal with VPN configuration files for every device. VPN use will functionally make it like you’re on your home network. VPN access to your network should not be given to tons of people if at all possible.
Not OP but loss of the Pi results in loss of network connectivity. A headache if you’re home and never doing anything time-critical on the network. A disaster if you or anyone else is dependent on the network for anything time-sensitive (virtual doctors appointment, work call, etc), or you’re away from home and unable to directly VPN to your router to reconfigure DNS settings.