Community Health Systems 2015 Annual Report Download - page 53

Download and view the complete annual report

Please find page 53 of the 2015 Community Health Systems annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 220

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220

The transition to ICD-10 coding may adversely impact our consolidated results of operations.
All healthcare providers covered by HIPAA, including our hospitals, were required to transition by October 1,
2015 to the ICD-10 code set to report medical diagnoses and inpatient procedures. ICD-10 significantly expands
the number of and detail in the codes used by providers to bill for services. All of our hospitals have transitioned
to the ICD-10 coding system, which continues to involve a significant capital investment in technology and
coding of our information systems, as well as significant costs related to training of staff involved with coding
and billing. These ICD-10 transition costs and any difficulty or delays in payors and providers transitioning to
this significantly more detailed code set could have an adverse effect on our consolidated results of operations
and cash flows. The potential for delay in billing and collection on patient receivables could also have an adverse
effect on the quality of receivables that serve as collateral for borrowings under our receivables facility, resulting
in a potential default or repayment of outstanding borrowings.
A cybersecurity attack or security breach could cause a loss of confidential data, give rise to remediation and
other expenses, expose us to liability under HIPAA, consumer protection laws, common law or other theories,
subject us to litigation and federal and state governmental inquiries, damage our reputation, and otherwise be
disruptive to our business.
We rely extensively on our computer systems to manage clinical and financial data, communicate with our
patients, payors, vendors and other third parties and summarize and analyze operating results. We have made
significant investments in technology to protect our systems and information from cybersecurity risks. During the
second quarter of 2014, our computer network was the target of an external, criminal cyber-attack in which the
attacker successfully copied and transferred certain data outside the Company. This data included certain non-
medical patient identification data (such as patient names, addresses, birthdates, telephone numbers and social
security numbers) considered protected under HIPAA, but did not include patient credit card, medical or clinical
information. The remediation efforts in response to the attack have been substantial, including continued
development and enhancement of our controls, processes and practices designed to protect our systems,
computers, software, data and networks from attack, damage or unauthorized access. Also in connection with the
cyber-attack, we have been subject to multiple purported class action lawsuits and may be subject to additional
litigation, potential governmental inquiries and potential reputation damages.
In spite of our security measures, there can be no assurance that we will not be subject to additional cyber-
attacks or security breaches in the future. Such attacks or breaches could result in loss of protected health
information or other data subject to privacy laws or disrupt our information technology systems or business. We
continue to prioritize cybersecurity and the development of practices and controls to protect our systems. As
cyber-threats continue to evolve, we may be required to expend significant additional resources to continue to
modify or enhance our protective measures or to investigate and remediate any information security
vulnerabilities. If we are subject to cyber-attacks or security breaches in the future, this could have an adverse
impact on our business, financial condition or results of operations.
A pandemic, epidemic or outbreak of a contagious disease in the markets in which we operate or that
otherwise impacts our facilities could adversely impact our business.
If a pandemic or other public health crisis were to affect our markets, our business could be adversely affected.
Such a crisis could diminish the public trust in healthcare facilities, especially hospitals that fail to accurately or
timely diagnose, or that are treating (or have treated) patients affected by contagious diseases. If any of our
facilities were involved in treating patients for such a contagious disease, other patients might cancel elective
procedures or fail to seek needed care at our facilities. Further, a pandemic might adversely impact our business
by causing a temporary shutdown or diversion of patients, by disrupting or delaying production and delivery of
materials and products in the supply chain or by causing staffing shortages in our facilities. Although we have
disaster plans in place and operate pursuant to infectious disease protocols, the potential impact of a pandemic,
epidemic or outbreak of a contagious disease with respect to our markets or our facilities is difficult to predict
and could adversely impact our business.
40