Care Team Member Agreement for myCARI

Introduction

This Care Team Member Agreement ("Agreement") governs your access to and use of health information shared with you through the myCARI mobile application (the "App") as a care team member.

By accepting an invitation to join a care team and checking the acceptance checkbox, you agree to be bound by this Agreement.

Definitions

• Primary User: The myCARI account holder (patient/subscriber) who has invited you to their care team
• Care Team Member: You, the individual accepting this Agreement to access a Primary User's health information
• Protected Health Information (PHI): Any individually identifiable health information about the Primary User
• Care Team: The group of individuals authorized by the Primary User to access their health information

Your Role as a Care Team Member

Purpose of Access

You are being granted access to the Primary User's health information for the purpose of:

• Providing care, support, or assistance to the Primary User
• Coordinating health-related activities
• Monitoring health status and medications
• Communicating about health matters
• Assisting with health management tasks

Types of Care Team Members

Access and Permissions

Permission Levels

The Primary User controls what information you can access:

Access Limitations

• You can only access information the Primary User has authorized
• Permission levels can be changed or revoked by the Primary User at any time
• Some features may be restricted based on your permission level
• You cannot modify the Primary User's health records (view-only access unless otherwise specified)

Your Responsibilities

Confidentiality

By accepting this Agreement, you agree to:

1. Keep information confidential: Do not share the Primary User's health information with anyone not authorized by the Primary User
2. Use information appropriately: Only access health information for legitimate caregiving purposes related to the Primary User's care
3. Protect access credentials: Keep your myCARI account secure and do not share your login credentials
4. Report concerns: Immediately report any suspected unauthorized access or security breaches

Appropriate Use

You agree to:

• Only view health information when necessary for caregiving purposes
• Not use health information for personal gain or advantage
• Not discuss the Primary User's health information in public or unsecured settings
• Not take screenshots or photographs of health information unless authorized
• Delete any copies of health information when no longer needed

Prohibited Actions

You agree NOT to:

• Share the Primary User's health information with unauthorized individuals
• Access health information out of curiosity rather than necessity
• Use health information to discriminate against or harm the Primary User
• Sell, trade, or otherwise monetize health information
• Use health information for marketing or commercial purposes
• Continue accessing information after your caregiving role ends

Messaging Guidelines

Appropriate Communication

When using myCARI messaging features:

• Keep messages focused on health and caregiving topics
• Communicate respectfully and professionally
• Respond promptly to health-related messages when possible
• Use secure messaging within the App rather than external channels for PHI

Message Retention

• Messages are stored securely for care coordination
• Messages may be retained for HIPAA compliance even after deletion
• Your messages are visible to the Primary User and other authorized care team members
• Group chat messages are visible to all group members

Prohibited Content

Do not send messages containing:

• Harassment, abuse, or threatening language
• Spam or commercial solicitation
• Content unrelated to the Primary User's care
• Sensitive information that should be discussed in person

Audit Logging and Monitoring

What We Log

For HIPAA compliance and the Primary User's protection, we log:

• When you access health information
• What types of information you view
• Messages you send and receive
• Login times and locations
• Any changes you make (if editing is permitted)

Primary User Visibility

The Primary User can see:

• When you last accessed their health information
• General access patterns and frequency
• A summary of your care team activity

Audit Retention

• Access logs are retained for a minimum of 6 years
• Logs may be reviewed in case of suspected misuse
• Logs may be disclosed in response to legal process

Term and Termination

Duration

This Agreement is effective from when you accept it and continues until:

• The Primary User removes you from their care team
• You leave the care team voluntarily
• Your myCARI account is terminated
• The Primary User's myCARI account is deleted

Voluntary Departure

You may leave a care team at any time by:

• Using the "Leave Care Team" option in the App
• Contacting us at support@carihealth.ai

Removal by Primary User

The Primary User may remove you from their care team at any time, for any reason, without notice.

Effect of Termination

Upon termination of your care team membership:

• Your access to the Primary User's health information ends immediately
• You must delete any copies of health information you may have
• Your confidentiality obligations continue indefinitely
• Audit logs of your access are retained

Legal Acknowledgments

Not a Healthcare Provider Relationship

• This Agreement does not create a healthcare provider-patient relationship
• You are not acting as the Primary User's healthcare provider through myCARI
• You should encourage the Primary User to consult healthcare professionals for medical decisions

HIPAA Acknowledgment

You acknowledge and understand that:

• The Primary User's health information is protected under HIPAA and state privacy laws
• Unauthorized disclosure of health information may violate federal and state law
• You may be personally liable for unauthorized disclosures
• We may report violations to appropriate authorities

Liability

• You are responsible for your actions as a care team member
• You agree to indemnify MLPipes LLC for any claims arising from your misuse of health information
• We are not liable for actions taken based on health information you access

Electronic Signature

By checking the acceptance checkbox when joining a care team, you are providing your electronic signature pursuant to the Electronic Signatures in Global and National Commerce Act (E-SIGN Act) and the Uniform Electronic Transactions Act (UETA).

Your consent record includes:

• Your email address
• Your unique user ID
• Timestamp of acceptance
• The Primary User who invited you
• Version of this Agreement you accepted
• Your IP address and device identifier

Changes to This Agreement

We may update this Agreement to reflect changes in our practices or legal requirements:

• We will notify you of material changes via the App or email
• Your continued participation as a care team member after notification constitutes acceptance
• You may leave the care team if you do not agree to changes

Contact Information

For questions about this Agreement:

MLPipes LLC

• General Support: support@carihealth.ai
• Privacy Inquiries: privacy@carihealth.ai
• Website: https://carihealth.ai
• Mailing Address: 5725 S Valley View Blvd Ste 5 PMB 471045
  Las Vegas, Nevada 89118-3122 US

Acknowledgment

By checking the acceptance checkbox, you acknowledge that:

1. You have read and understand this Care Team Member Agreement
2. You agree to maintain the confidentiality of the Primary User's health information
3. You will only access health information for legitimate caregiving purposes
4. You understand your access is logged and auditable
5. You understand the Primary User can revoke your access at any time
6. You understand your confidentiality obligations continue even after access ends
7. You are at least 18 years of age (or the age of majority in your jurisdiction)