Hi everyone, I'm seeking recommendations on what approach to take for our use case. how it works: In our project, patients can belong to 0 or many organizations (that is, the patient is the owner of their information), each organization has 1 or many practitioners. The patient, if he wants, can share his information (profile, observations, medicationRequests, etc.) with a practitioner or an organization. To model this I planned to use the following resources: Organization, Patient, Practitioner, PractitionerRole and CareTeam. I'm not sure if the access policies allow defining, in a generic wa, any limitations for practitioners to the data of the assigned patients (when there is a CareTeam that relates them). Would it be valid to have a bot/subscription related to CareTeam that assigns an access policy to the practitioner to be able to read the patient's resources? For example, a CareTeam is created for patient A and practitioner B, at which time a bot assigns an access policy to certain resources of patient A. In case that CareTeam is deleted, changes its status to inactive or is modified, The access policy for patient A will be removed. Do you think there is another simpler way to implement this use case? Note: if you read any of my previous questions, we were using different projects for each organization, this is no longer the case. Thanks in advance