Aetna 2013 Annual Report Download - page 42

Download and view the complete annual report

Please find page 42 of the 2013 Aetna annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 156

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156

Annual Report- Page 36
to PHI to any impacted individuals and to HHS and to notify the media in any states where 500 or more people are
impacted by any unauthorized release or use of or access to PHI. Business associates (e.g., entities that provide
services to health plans, such as electronic claims clearinghouses, print and fulfillment vendors, consultants, and us
for the administrative services we provide to our ASC customers) must also comply with certain HIPAA
provisions. In addition, ARRA establishes greater civil and criminal penalties for Covered Entities and business
associates who fail to comply with HIPAA's provisions and gives new enforcement rights to state attorneys
general. In January 2013, HHS issued final rules, effective in March 2013, revising HIPAA's privacy and security
rules, changing the HIPAA enforcement rule and modifying the data breach reporting requirements. Additional
regulations under HIPAA remain pending. We will continue to assess the impact of these regulations on our
business as they are issued.
The HIPAA privacy regulations do not preempt more stringent state laws and regulations that may apply to us and
other Covered Entities, including laws that place stricter controls on the release of information relating to specific
diseases or conditions and requirements to notify members of unauthorized release or use of or access to PHI.
Complying with additional state requirements could require us to make additional investments beyond those we
have made to comply with the HIPAA regulations. HHS also has adopted security regulations designed to protect
member health information from unauthorized use or disclosure.
The HIPAA privacy regulations provide patients with new rights to understand and control how their health
information is used. States also have adopted regulations to implement provisions of the Financial Modernization
Act of 1999 (also known as Gramm-Leach-Bliley Act (“GLBA”)) which generally require insurers to provide
customers with notice regarding how their non-public personal health and financial information is used and the
opportunity to “opt out” of certain disclosures before the insurer shares such information with a non-affiliated third
party. The GLBA regulations apply to health, life and disability insurance. Like HIPAA, GLBA sets a “floor”
standard, allowing states to adopt more stringent requirements governing privacy protection.
Other Legislative Initiatives and Regulatory Initiatives
In addition to the Health Care Reform, HIPAA and ARRA measures discussed above, the U.S. federal and state
governments, as well as governments in other countries where we do business, continue to enact and seriously
consider many other broad-based legislative and regulatory proposals that have had a material impact on or could
materially impact various aspects of the health care and related benefits system. For example:
Under the Budget Control Act of 2011 (the “BCA”) and the American Taxpayer Relief Act of 2012 (the
“ATRA”) automatic across-the-board budget cuts (also known as “sequestration”) began in March 2013,
including Medicare spending cuts of not more than 2% of total program costs per year through 2024. In
addition, CMS's Medicare Advantage and prescription drug program (“PDP”) premium rates for 2014
reflect a material reduction in 2014 premiums compared to 2013 for Medicare Advantage and PDP plans
which is in addition to the challenge we face from the impact of the industry-wide health insurer fee that
became effective January 1, 2014. CMS's 2014 and proposed 2015 rates represent a meaningful revenue
and operating results challenge for us. Significant uncertainty remains as to whether and how the Congress
will proceed with actions that create additional federal revenue and/or with entitlement reform. We cannot
predict future Medicare funding levels or the impact that future federal budget actions or entitlement
program reform, if it occurs, will have on our business, operations or operating results, but the effects could
be materially adverse, particularly on our Medicare and/or Medicaid revenues and operating results.
A number of states have enacted or introduced legislation or regulations requiring life insurers to take
additional steps to identify unreported deceased policyholders and make other changes to their claim
payment and related escheat practices. For additional information on these life insurance matters, refer to
“Life and Disability Insurance” beginning on page 45.