Group US, Inc. / Carolina Consulting Services, Inc.
NOTICE OF PRIVACY PRACTICES AND POLICIES
AVISO DE LAS PRÁCTICAS DE PRIVACIDAD Y NORMAS
This notice is in effect as of April 14, 2003

In Compliance with Title V of the GRAMM-LEACH-BLILEY ACT (GLBA) and associated state laws and in accordance with our contractual obligations to various COVERED ENTITIES as BUSINESS ASSOCIATES under Federal Laws pertaining to privacy of personally-identifiable health information and protected health information under regulations relating to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), we are providing you with this document, which notifies you of the privacy policies and practices of Carolina Consulting Services, Inc.

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Statement of Our Duties. We are required by law to maintain the privacy of your personally identifiable health and nonpublic personal information and to provide you with this notice of our privacy practices and legal duties. We are required to abide by the terms of this notice. We reserve the right to change the terms of this notice and to adopt any new provisions regarding the personal health information that we maintain about you. If we revise this notice, we will provide you with a revised notice by mail or hand delivery.

Statement of Your Rights. You have a right to know how we may use or disclose your personal health information. This notice informs you of those uses and disclosures. There are certain uses and disclosures of your personal health information that we are permitted or required to make under law without your permission. For all other uses and disclosures, we first must obtain your permission. In addition, you have the following rights:The right to request that we place additional restrictions on our uses and disclosures of your personal health information. However, we are not obligated to agree to impose any such additional restrictions.
The right to access, inspect and copy the protected information pertaining to you that we maintain in our files about you, and the right to have us correct or amend any information that we create in error. Requests to access or amend your health information should be sent to the contact person and address provided in Paragraph 8 below.

The right to receive an accounting of the disclosures of your personal health information that we make for purposes other than activities related to your treatment, or our payment functions or other health care operations.
The right to request that you receive communications of personal health information in a confidential manner.
If you received this notice electronically, you also have the right to obtain a paper copy of this notice from us on request.
Information We Collect About You. We collect the following categories of information for group and/or individual policies from the following sources:
Information that we obtain directly from you, in conversations or on applications or other forms that you fill out.
Information regarding current or prospective plan participants we obtain about them on applications or other forms.
Information about the plan’s transactions with our affiliates, others or us.
Information that we obtain as a result of our transactions with you.

Permissible Uses and Disclosures of Protected Information. We disclose the information we receive regarding current or prospective plan participants only in accordance with the terms and conditions of the various Business Associate contracts we have entered to with Covered Entities under HIPAA Privacy Regulations and as permitted under state and federal laws concerning the privacy of your insurance and financial information. Those include:
Permissible Uses and Disclosures

Situations Permitted or Required by Law. We also may use or disclose your protected health information without your written permission for other purposes permitted or required by law, including the following:
As authorized by and to the extent necessary to comply with workers’ compensation or other no-fault laws;
To an oversight or insurance regulatory agency for activities including audits or civil, criminal or administrative actions;
To a public health authority for purposes of public health activities (such as to the Federal Food and Drug Administration to report consumer product defects);
To a law enforcement official for law enforcement purposes or in response to a court order or in the course of any judicial or administrative proceeding;
To organ procurement organizations or other entities for approved research; or
To a governmental authority, including a social service or protective services agency, authorized to receive reports of abuse, neglect or domestic violence.

For any Purposes to Which you have Not Objected. In certain limited circumstances, we may use or disclose your protected health information after we have given you an opportunity to object and you have not objected. For example, if you do not object, we may use limited information about you to maintain an office directory, to notify family members or any other person identified by you regarding issues directly related to such person’s involvement with your care or payment for that care, or in emergency circumstances.
For Purposes for Which We Have Obtained your Written Permission. All other uses or disclosures of your protected health information will be made only with your written permission, and you may revoke any permission that you give us at any time.
Complaints About Misuse of Health Information. You may complain either directly to us or to the Secretary of Health and Human Services if you believe that your rights with respect to our protection of your health information have been violated. To file a complaint with us, you may send a written statement outlining your complaint, the facts and circumstances surrounding your complaint, including the names, dates and as many details as possible. You will not be retaliated against in any way for filing a complaint.

Our Practices Regarding Confidentiality and Security. We restrict access to nonpublic personal and personally-identifiable health information about you to those employees and agents who need to know that information in order to provide products and services to you. We maintain physical, electronic and procedural safeguards that comply with state & federal regulations to guard your nonpublic personal information.

Our Policy Regarding Dispute Resolution. Any controversy or claim arising out of or relating to our privacy policy, or the breach thereof, shall be settled by arbitration in accordance with the rules of the American Arbitration Association, and judgment upon the award rendered by the arbitrator(s) may be entered in any court having jurisdiction thereof.
Contact Person for Filing Complaint or Obtaining Other Information.

Our contact/Privacy Officer is:

William J. Brannon
Carolina Consulting Services, Inc.
2-B Terrace Way
Greensboro, NC 27403
(336) 294-4440 Fax (336) 547-9400