Henry Schein 2013 Annual Report Download - page 33

Download and view the complete annual report

Please find page 33 of the 2013 Henry Schein annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 120

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120

24
Failure to comply with health care fraud laws and regulations could result in significant civil and criminal
penalties and costs, including the loss of licenses and the ability to participate in federal and state health care
programs, and could have a material adverse impact on our business. Also, these laws may be interpreted or
applied by a prosecutorial, regulatory or judicial authority in a manner that could require us to make changes in our
operations or incur substantial defense and settlement expenses. Even unsuccessful challenges by regulatory
authorities or private relators could result in reputational harm and the incurring of substantial costs. In addition,
many of these laws are vague or indefinite and have not been interpreted by the courts, and have been subject to
frequent modification and varied interpretation by prosecutorial, regulatory authorities, increasing compliance risks.
While we believe that we are substantially compliant with the foregoing laws and regulations promulgated
thereunder, and have adequate compliance programs and controls in place to ensure substantial compliance, we
cannot predict whether changes in applicable law, or interpretation of laws, or changes in our services or marketing
practices in response, could adversely affect our business.
If we fail to comply with laws and regulations relating to the confidentiality of sensitive personal information or
standards in electronic health data transmissions, we could be required to make significant changes to our
products, or incur penalties or other liabilities.
State, federal and foreign laws, such as HIPAA, regulate the confidentiality of sensitive personal information
and the circumstances under which such information may be released. These measures may govern the disclosure
and use of personal and patient medical record information and may require users of such information to implement
specified security measures, and to notify individuals in the event of privacy and security breaches. Evolving laws
and regulations in this area could restrict the ability of our customers to obtain, use or disseminate patient
information, or could require us to incur significant additional costs to re-design our products in a timely manner to
reflect these legal requirements, either of which could have an adverse impact on our results of operations. Other
health information standards, such as regulations under HIPAA, establish standards regarding electronic health data
transmissions and transaction code set rules for specified electronic transactions, for example transactions involving
claims submissions to third party payers. These also continue to evolve and are often unclear and difficult to apply.
In addition, under the HITECH Act, which was passed in 2009, some of our businesses that were previously only
indirectly subject to federal HIPAA privacy and security rules became directly subject to such rules because the
businesses serve as “business associates” to our customers. On January 17, 2013, the Office for Civil Rights of the
Department of Health and Human Services released a final rule implementing the HITECH Act and making certain
other changes to HIPAA privacy and security requirements. Compliance with the rule was required by September
23, 2013, and increases the requirements applicable to some of our businesses. Failure to maintain the
confidentiality of sensitive personal information in accordance with the applicable regulatory requirements, or to
abide by electronic health data transmission standards, could expose us to breach of contract claims, fines and
penalties, costs for remediation and harm to our reputation.
Our global operations are subject to inherent risks that could adversely affect our operating results.
Global operations are subject to risks that may materially adversely affect our business, results of operations
and financial condition. The risks that our global operations are subject to include, among other things:
difficulties and costs relating to staffing and managing foreign operations;
difficulties in establishing channels of distribution;
fluctuations in the value of foreign currencies;
longer payment cycles of foreign customers and difficulty of collecting receivables in foreign
jurisdictions;
repatriation of cash from our foreign operations to the United States;
regulatory requirements;
anti-bribery, anti-corruption and laws pertaining to the accuracy of our internal books and records;
unexpected difficulties in importing or exporting our products;
imposition of import/export duties, quotas, sanctions or penalties;