Terms of Use

By accessing or using MyMedAccess (the "Service"), you agree to be bound by these Terms of Use ("Terms"). If you do not agree to these Terms, you may not use the Service. These Terms constitute a legally binding agreement between you and MyMedAccess Inc. ("we," "our," or "us"). You must be at least eighteen (18) years of age to create an account and use the Service. MyMedAccess Inc. does not knowingly permit users under 18 to register. In compliance with the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq., we do not knowingly collect personal information from anyone under 13.

We reserve the right to modify these Terms at any time. For material changes, we will notify you at least 30 days in advance via email. On your next sign-in following a material change, you will be presented with a blocking in-app notification requiring your affirmative acceptance before you may continue using the Service. If you do not accept the updated Terms, you may export your data or close your account.

MyMedAccess Inc. operates a HIPAA-compliant personal health record application that enables adult patients to securely access, manage, and share their medical records with authorized healthcare providers. The Service is operated in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), 45 C.F.R. Parts 160 and 164, and the Health Information Technology for Economic and Clinical Health Act (HITECH). The Service includes:

• Secure access and management of personal health records
• Document upload with automated OCR (Optical Character Recognition) processing
• Encrypted QR code-based record sharing with healthcare providers
• Push notifications for document and account activity

To use the Service, you must create an account and provide accurate, complete, and current information, including information sufficient to verify your identity as required by applicable law. We may require identity verification before granting access to or permitting sharing of Protected Health Information. You are responsible for:

• Account Security: Maintaining the confidentiality of your login credentials, including any multi-factor authentication methods you enroll.
• Accurate Information: Ensuring that all personal and health information you provide is accurate and up to date.
• Authorized Use: You may not share your account credentials with any third party. You are responsible for all activity that occurs under your account.
• Prompt Notification: Immediately notifying us of any unauthorized use of your account or any other security breach.

You agree not to use the Service to:

• Violate any applicable law, regulation, or third-party rights
• Upload false, misleading, or fraudulent health information
• Attempt to gain unauthorized access to other users' accounts, data, or any part of the Service infrastructure
• Reverse engineer, decompile, or disassemble any aspect of the Service
• Interfere with or disrupt the Service, servers, or networks connected to the Service
• Use automated means (bots, scrapers, crawlers) to access the Service without our written permission

The Service is not a substitute for professional medical advice, diagnosis, or treatment, and does not constitute the practice of medicine. MyMedAccess does not provide clinical services, telemedicine, or medical consultation of any kind. Nothing in the Service or these Terms shall be construed as creating a physician-patient relationship. Always seek the advice of your physician or other qualified, licensed health provider with any questions you may have regarding a medical condition. In the event of a medical emergency, call 911 or your local emergency services immediately.

MyMedAccess is a tool for organizing and sharing your existing health records. We do not provide medical advice, interpret test results, or make treatment recommendations. The automated OCR (Optical Character Recognition) processing of uploaded documents is a technological tool only and may contain errors, omissions, or inaccuracies. You are solely responsible for verifying all extracted or processed information against your original source documents before sharing such information with any healthcare provider. We expressly disclaim any liability arising from clinical or personal decisions made in reliance on unverified OCR-processed data. Your use of the Service may involve the collection and handling of health-related information. Please review our Privacy Policy for more information regarding your rights.

The Service, including its design, features, code, and content (excluding your personal data), is owned by MyMedAccess and protected by copyright, trademark, and other intellectual property laws.

You retain full ownership of all personal and health information you upload to the Service. By using the Service, you grant us a limited, non-exclusive license to process and transmit your data solely for the purpose of providing the Service to you.

The Service is provided "as is" and "as available" without warranties of any kind, either express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement. Notwithstanding the foregoing, nothing in these Terms shall be construed to disclaim, limit, or waive any rights or obligations imposed by HIPAA, the HITECH Act, or any other applicable federal or state law that cannot be waived by contract.

We do not warrant that the Service will be uninterrupted, error-free, or secure at all times. While we implement industry-leading security measures, no method of electronic storage or transmission is 100% secure.

To the maximum extent permitted by applicable law, MyMedAccess Inc. and its officers, directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of data, loss of profits, or business interruption, arising out of or related to your use of the Service.

Our total aggregate liability for any claims arising from or related to the Service shall not exceed the amount you paid us, if any, in the twelve (12) months preceding the claim.

You may terminate your account at any time by contacting support or using the account deletion feature in the app. Upon termination:

• Your access to the Service will be revoked immediately.
• We will retain audit logs and account data for the minimum period required by applicable law and then securely destroy them. PHI retrieved via FHIR API is not persistently stored on our servers.
• Any active QR code sharing sessions will be immediately invalidated.

We may suspend or terminate your account if you violate these Terms, engage in fraudulent activity, or if required by law. We will provide notice of termination unless prohibited by law or if immediate termination is necessary to protect the safety of users.

These Terms shall be governed by and construed in accordance with the laws of the State of Florida, without regard to its conflict of law provisions. Any disputes arising under or in connection with these Terms shall be subject to the exclusive jurisdiction of the state and federal courts located in Palm Beach County, Florida.

MyMedAccess does not engage in default data sharing. Before we collect any personal data, you must affirmatively accept these Terms, our Privacy Policy, and our HIPAA Authorization at registration. No bundle acceptance is permitted. Each consent is version-stamped and timestamped in our audit log.

You have the following rights regarding your personal data:

• Right to Access: Access all personal health data through the App at any time. Export your complete health record as a FHIR R4 Bundle (JSON) or PDF at any time.
• Right to Correction: Edit demographic fields and correct OCR-extracted data directly in the App. For data originating from an external covered entity, we will assist you in asserting amendment rights with that provider.
• Right to Deletion: Request deletion of your account and all associated data at any time via the in-app account closure flow or by emailing connect@mymedaccess.io. We will process your request within 30 days and provide written confirmation.
• Right to Data Portability: Export your health data as a FHIR R4 Bundle or PDF at any time. Exports are provided within 5 business days at no charge.
• Right to Withdraw Consent:Withdraw consent for any optional data use at any time through the Privacy & Settings screen without penalty. Withdrawal of consent for a required use will result in account deactivation and data deletion as described above.

An account is considered dormant after 12 consecutive months of inactivity. MyMedAccess will:

• At 12 months: Send an email notice with instructions to reactivate or close your account.
• At 18 months: Suspend the account. A second notice is sent.
• At 24 months: Send a final deletion notice. Absent reactivation within 30 days, account credentials and associated data are permanently deleted with written confirmation provided.

You may reactivate or request deletion at any time by contacting connect@mymedaccess.io.

In the event of a merger, acquisition, or sale of substantially all of our assets, we will notify you at least 30 days in advance via email and in-app notification. You will be provided with at least one of the following options:

• Continue using the Service under the successor entity, provided its privacy commitments are materially consistent with these Terms
• Export your personal health data as a FHIR R4 Bundle or PDF prior to the transition
• Close your account and request deletion of all personal data, processed within 30 days with written confirmation

If you believe these Terms or your privacy rights have been violated, you may file a complaint by:

• Emailing connect@mymedaccess.io
• Using the in-app Contact Support feature
• Writing to: MyMedAccess Inc. | Attn: Privacy Officer | 1050 NW 15th Street, Suite 201A, Boca Raton, FL 33486

We acknowledge all complaints within 5 business days and resolve them within 30 days. We will not retaliate against any user for filing a good-faith complaint. You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights at hhs.gov/ocr.

These Terms are effective as of May 14, 2026 and supersede all prior versions. The current version is always available at mymedaccess.io/terms.

If you have questions about these Terms of Service, please contact us: