Privacy Policy

Information Collected by Affordable Care Act Compliance & Services, Inc. (ACACS, Inc.)

ACACS, Inc. collects and uses various types of Customer Information to service its customers’ accounts. The Customer Information ACACS, Inc. collects and stores generally consists of the following:

  • Information gathered from applications, forms and other information provided to ACACS, Inc. in writing, in person, by telephone, electronically or by any other means, such as employer and employee names, addresses, social security numbers, plan and account assets, income, and liabilities;
  • Information provided to ACACS, Inc. from affiliated companies, employers, employees, payroll processing companies, accounting firms, and other service providers about health plans;
  • Other general information ACACS, Inc. may be provided about its customers or their employees that is not assembled for the purpose of providing services to them;
  • Information, as described above, that ACACS, Inc. obtains from any of its affiliates (not limited to those listed above).

Permissible Sharing and Disclosure of Customer Information

ACACS, Inc. collects and uses various types of Customer Information to service its customers’ accounts. The Customer Information ACACS, Inc. collects and stores generally consists of the following:

  • An ACACS, Inc. employee may share Customer Information with another ACACS, Inc. employee to the extent such employee requires such information to provide services to a Customer.
  • An ACACS, Inc. employee may also share Customer Information with other organizations that have been retained by a Customer provided
    • the Customer has authorized the release of such information, and
    • such information is necessary for such other organizations to provide services to the Customer

    Authorization to release such information shall be implied if an ACACS, Inc. employee has reason to believe another organization has been retained by a Customer and that such information is necessary for such organization to provide services requested by the Customer.

  • An ACACS, Inc. employee may also share Customer Information with employees of a Customer provided:
    • such employee reasonably believes the Customer has authorized such Customer employee to receive such information on the Customer’s behalf, and
    • such ACACS, Inc. employee reasonably believes that such Customer’s employee requires such information to carry out the employee’s employment responsibilities for the Customer.

    For this purpose, any officer, director, or owner of a Customer, and any Customer employee who provides an ACACS, Inc. employee with Customer Information shall be presumed to be authorized by the Customer to receive such Customer Information on the Customer’s behalf, unless the Customer informs ACACS, Inc. otherwise. ACACS, Inc. shall endeavor to request its Customers to provide ACACS, Inc. with:

    • a list of Customer employees who are authorized to receive Customer Information, and
    • any limitations on the type of Customer Information to be provided to specified Customer employees.
  • An ACACS, Inc. employee may also share Customer Information with an employee of a company affiliated with ACACS, Inc. if both employees believe that the sharing of such information may benefit the Customer or result in providing the Customer with information that the employees reasonably believe may benefit the Customer.
  • Employees of ACACS, Inc. and its affiliates shall commply with any request by a Customer to not share Customer Information with one or more parties specified by the Customer.
  • ACACS, Inc. employees may share Customer Information with unaffiliated third parties who perform services for ACACS, Inc. that are connected with the processing of products and services that Customers already have or have requested. Such companies may include, but are not limited to, other financial service providers such as insurance companies, payment processing companies, as well as companies such as printing and data processing companies. These companies might assist ACACS, Inc. in a number of ways in providing services to ACACS, Inc. Customers; for example, in fulfilling service requests, or processing transactions, or mailing account statements. ACACS, Inc. may also share Customer Information with companies ACACS, Inc. has hired to provide marketing and other services on behalf of ACACS, Inc., or with other financial institutions with ACACS, Inc. has joint marketing agreements. All of these companies shall be contractually obligated to keep the information that ACACS, Inc. provides to them confidential, and use the information only for the purposes of providing the services ACACS, Inc. has retained them to perform for ACACS, Inc. or for Customers. To the extent ACACS, Inc. may collect personally identifiable medical information in connection with providing Customers with any products or services, no ACACS, Inc. employee shall — either internally or externally — share such information for any purpose other than the underwriting or administration of an insurance policy, claim or account, or as otherwise specifically disclosed when the information is collected or with the consent of the individual who is the subject of the information.
  • ACACS, Inc. employees may also disclose Customer Information in connection with a subpoena or similar legal process when refusal to disclose such information would subject ACACS, Inc. or its officers, directors, shareholders, or employees to liability, penalty, incarceration, a contempt of court citation, or other adverse consequences as a result of refusing to disclose such information.
  • ACACS, Inc. employees shall distribute Customer Information to Customers, Customers’ employees, government agencies in accordance with legal disclosure and filing requirements under the Internal Revenue Code, and similar laws which are applicable to those health plans with respect to which ACACS, Inc. is providing services to Customers, and in accordance with Customers’ instructions and agreements with ACACS, Inc.
  • ACACS, Inc. employees may provide Customers with information from time to time that such employees reasonably believe is helpful for such Customers, including newsletters and other correspondence. Customers may request that any such correspondence be discontinued at any time.
  • E-mail addresses retained by ACACS, Inc. may be used by ACACS, Inc. or shared with its affiliates and agents to provide Customers with information regarding products and services or other opportunities that may be of interest to Customers.
  • Certain Customer Information may be made available to Customers and their employees in accordance with this Policy via electronic means including, but not limited to, the Internet and telephone services in accordance with legal requirements governing Customers’ retirement plans and agreements between ACACS, Inc. and Customers.
  • Customer information may be disclosed by ACACS, Inc. employees in accordance with this Policy in writing, via electronic means including but not limited to Internet, email, telephone, wireless devices, facsimile, and other electronic media.
  • ACACS, Inc. shall endeavor to request all of its Customers to provide any special instructions or limitations requested by Customers with respect to the disclosure of Customer Information. ACACS, Inc. employees shall be informed of any such Customer limitations on the disclosure of Customer Information and shall comply with such Customers’ limitations.
  • ACACS, Inc. shall make information concerning its privacy policies available to all Customers and all ACACS, Inc. employees.
  • ACACS, Inc. shall endeavor to inform Customers that information sent or received in electronic form may be vulnerable to unauthorized interception.

Prohibited Disclosure of Customer Information

  • Other than as described above, an ACACS, Inc. employee shall not disclose Customer Information to any individual, organization, government agency, court, parties to litigation, a Customer employee, a plan beneficiary, or any other individual or organization in the absence of a subpoena, court order, or other legal process requiring ACACS, Inc. to provide Customer Information.
  • ACACS, Inc. and its employees shall not sell or otherwise make available e-mail lists of Customers’ e-mail addresses or other personally identifiable information to third party marketers.

Accuracy of Customer Information

  • ACACS, Inc. employees shall comply with written and unwritten policies and procedures concerning the accurate processing of Customer
  • Information, as such policies and procedures may be changed from time to time.
  • ACACS, Inc. shall endeavor to inform Customers that they are under an obligation to assist ACACS, Inc. and its employees in carrying out the requests Customers make of ACACS, Inc., including providing full and truthful information to ACACS, Inc. and its employees and promptly complying with requests of ACACS, Inc. and its employees for information documents, or payment.

Safeguarding Customer Information

Customer Information maintained by ACACS, Inc. shall be safeguarded, and access to such information shall be limited to those ACACS, Inc. employees who require such information to provide service to Customers. Information safeguards may include, but not be limited to computer passwords, monitoring of computer and correspondence activities, computer firewalls, regular computer backups, encryption, regular updates of anti-virus software, limitations on installation and use of unauthorized software on any computers with access to Customer Information, limitations on copying electronic information and transporting computer hardware containing Customer Information, and controls over deletion of Customer Information from ACACS, Inc. computers.

Retention and Disposition of Customer Information

Customer Information received by ACACS, Inc. may be retained for as long as ACACS, Inc. reasonably believes such Information should be retained to comply with legal requirements or as necessary to provide services to Customers. Customer Information that ACACS, Inc. believes is no longer required to be maintained by ACACS, Inc. shall be disposed of in a manner designed to prevent the unauthorized disclosure of such information.

Application of Policy to Customer Information of Former Customers

All policies stated herein shall apply to Customer Information maintained by ACACS, Inc. with respect to individuals and organizations even if such individuals or organizations are no longer Customers of ACACS, Inc.

Amendment of Privacy Policy

The policies and procedures stated herein may be changed by ACACS, Inc. at any time with or without notice to Customers or Customers’ employees.