Military AutoSource (hereinafter "MAS") respects the privacy of our employees. We recognize that the information our employees provide to us for employment-related and health-related purposes belongs to the respective employees and that we must treat it accordingly. In accordance with the Health Insurance Portability and Accountability Act (hereinafter "HIPAA") and the requirements of the Privacy Rule, 45 CFR Parts 160 and 164, MAS is providing this notice to describe how we may use and/or disclose individually identifiable health information (hereinafter "employee information") about employees or their accounts. Terms used in this policy regarding employee information are defined in accordance with HIPAA, which is incorporated herein by reference. MAS provides Medical, Prescription Drug, Dental, Vision and Flexible Spending Account ("FSA") Programs (hereinafter collectively called the "Health Plan") to all eligible employees. Personally identifiable health information the employee provides to MAS relating to the Health Plan is "Protected Health Information" and the Health Plan must maintain the privacy of such information. The Health Plan and/or its insurers, HMOs or third party claim administrators may acquire Protected Health Information about the employee for the purposes of treatment, payment of benefits or provision of health care services, or for the overall health care operations of the Plan. This Protected Health Information will not be disclosed to anyone without the employee's express written authorization, except as permitted by law. Under HIPAA and the Privacy Rule, the Health Plan, Insurers, HMOs and third party claim administrators must provide the employee with notice of their legal duties and privacy practices with respect to that individually identifiable health information. Please contact your Health Plan, Insurer, HMO and/or claim administrator to obtain a copy of this notice.
Employee Information acquired directly by MAS or for claims purposes for plans or programs from sources other than the Health Plan is not Protected Health Information. Although HIPAA and the Privacy Rule do not apply to such information, it will be treated the same as Protected Health Information, except that it can be used and disclosed without your authorization or consent for any claim for benefits under any other pension or welfare benefit plan or program sponsored by MAS; including, short term or long term disability benefits; waiver of premium benefits under a group-term life insurance program; claims under the Dependent Care FSA that may arise because the spouse or child is ill or because the employee's spouse is physically or mentally unable to assist in caring for a dependent child or other family dependent; requests for certification of coverage of the employee or dependent; or other lawful employment-related purposes (e.g., pre-employment drug testing, requests for reasonable accommodations under the ADA, requests for family or medical leave, submission of a worker's compensation claim).
Under the Privacy Rule, employees and their covered dependents may designate a Personal Representative, whether their spouse or other third person, to act on their behalf by executing the Health Plan's authorization form, by executing a similar document, or by obtaining a court order pursuant to applicable state or other law. Generally, any court order designating someone as a guardian or executor or administrator or a duly executed power of attorney or health care proxy may serve as such a designation. You can also retain an attorney to deal with your Protected Health Information or other Employee Information. In most instances, parents are the Personal Representatives of their minor dependent children, unless there is a court order authorizing a third party to make treatment decisions for a minor child or if under the laws of some states the older minor children may obtain their own health care services without the knowledge or consent of their parents.
Designation of Personal Representatives:
MAS, with respect to all benefit plans or programs, will accommodate these situations as follows:
At MAS, we respect the privacy of our consumers. We use information our customers provide to us to better serve their needs. We recognize that this information belongs to the customer and that we must treat it accordingly.
Personal information that can identify a consumer, such as name, address, and/or financial information may only be collected when the customer voluntarily offers it and solely for purposes that are clearly identified. Personal information acquired through such registration must be kept confidential and shall not be disclosed to non-affiliated third parties without the customer's prior consent except as may be required by law. MAS employees may not, under any circumstances, seek personal information from children. We may obtain non-public personal information about customers from the following sources:
Information about our customers may only be disclosed for the business purpose of assisting in the finance, purchase and/or insuring of a motor vehicle or related product(s) upon a customer's request for such service. MAS's policy is to limit access to client information to those who need it to serve our client's needs. MAS may not share this information with any other parties other than our own affiliates, financial service providers and the manufacturer of your vehicle. If the customer does not request this service, his or her information may not be shared with them. We do not disclose client information to non-affiliated third parties, except as necessary to conduct our business. Non-public personal information may be shared only with the customer's prior consent or as permitted by law. This policy affects former as well as current customers.
Our employees, agents, administrators and subcontractors who need this information to provide then service and products the customer has requested may obtain and/or use customers' non-public personal and/or financial information solely as described herein. In accordance with the Privacy Act of 1974, the Gramm Leach Bliley Act, the Privacy and Safeguards Rules promulgated by the Federal Trade Commission and New York State Insurance Department Regulations, MAS maintains physical, electronic and procedural safeguards that comply with New York State and federal regulations to guard customers' non-public personal information from unlawful disclosure and reasonably foreseeable risks to the security of the information. Any misuse of the customer's nonpublic personal and/or financial information will subject the employee to disciplinary action, up to and including discharge and/or prosecution.
MAS's confidential information includes all proprietary; intellectual property (trademark or otherwise); trade secret; and, any other non-public information MAS expects or would reasonably expect to be kept secret and/or used solely by MAS unless otherwise agreed to. MAS owns any and all rights to its confidential information worldwide in perpetuity. By accepting to be employed by MAS, the employee agrees not to disclose the content of or otherwise use any of MAS's Confidential Information outside of the scope of his or her employment without MAS's prior written consent.
We self-certify compliance with
MAS complies with the U.S.-EU Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. MAS has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view MAS's certification, please visit http://www.export.gov/safeharbor/
James M Black II Chief Compliance Officer; Vice President and General Counsel 175 Crossways Park West Woodbury NY 11797
MAS has further committed to refer unresolved privacy complaints under the US-EU Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by MAS , please visit the BBB EU SAFE HARBOR web site at www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.
If an employee believes that his or her privacy rights have been violated, or that customer or confidential company information has been misused, he or she may complain in writing addressed to MAS's Legal Department, 175 Crossways Park West, Woodbury, NY 11797. Complaints relating to personal privacy violations may also be made in writing to the Secretary of the US Department of Health and Human Services, 200 Independence Avenue SW, Washington DC 20201, within 180 days after the employee knows or should have known about the act or omission that is the subject of the complaint. MAS will not retaliate against an employee who files such a complaint.
Dated as of __________________, ________
ACKNOWLEDGEMENT OF RECEIPT
ACKNOWLEDGED AND AGREED: