McKesson 2012 Annual Report Download - page 18

Download and view the complete annual report

Please find page 18 of the 2012 McKesson annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 128

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128

McKESSON CORPORATION
14
Operating, Security and Licensure Standards: We are subject to the operating and security standards of the
Drug Enforcement Administration (the “DEA”), the U. S. Food and Drug Administration (“FDA”), various state
boards of pharmacy, state health departments, the U.S. Department of Health and Human Services (“HHS”), the
CMS and other comparable agencies. Certain of our businesses may be required to register for permits and/or
licenses with, and comply with operating and security standards of the DEA, FDA, HHS, CMS, various state boards
of pharmacy, state health departments and/or comparable state agencies as well as foreign agencies and certain
accrediting bodies, depending upon the type of operations and location of product development, manufacture,
distribution, and sale. As part of these operating, security and licensure standards, we regularly receive requests for
information and occasionally subpoenas from government authorities. Although we believe that we are in
compliance in all material respects with applicable laws and regulations, there can be no assurance that a regulatory
agency or tribunal would not reach a different conclusion concerning the compliance of our operations with
applicable laws and regulations. In addition, there can be no assurance that we will be able to maintain or renew
existing permits, licenses or any other regulatory approvals or obtain without significant delay future permits,
licenses or other approvals needed for the operation of our businesses. Any noncompliance by us with applicable
laws and regulations or the failure to maintain, renew or obtain necessary permits and licenses could have a material
adverse impact on our results of operations.
Pedigree Tracking: There have been increasing efforts by Congress and state and federal agencies, including
state boards of pharmacy and departments of health and the FDA, to regulate the pharmaceutical distribution system
in order to prevent the introduction of counterfeit, adulterated and/or mislabeled drugs into the pharmaceutical
distribution system (“pedigree tracking). Certain states have adopted or are considering laws and regulations that
are intended to protect the integrity of the pharmaceutical distribution system, while other government agencies are
currently evaluating their recommendations. For example, Florida has adopted pedigree tracking requirements and
California has enacted a law requiring chain of custody technology using radio frequency tagging and electronic
pedigrees, which will be effective for us in July 2016.
In addition, the Food and Drug Administration Amendments Act of 2007, which went into effect on October 1,
2007, requires the FDA to establish standards and identify and validate effective technologies for the purpose of
securing the pharmaceutical supply chain against counterfeit drugs. These standards may include any track-and-
trace or authentication technologies, such as radio frequency identification devices and other similar technologies.
On March 26, 2010, the FDA released the Serialized Numerical Identifier (“SNI”) guidance for manufacturers who
serialize pharmaceutical packaging. We expect to be able to accommodate these SNI regulations in our distribution
operations. Nonetheless, these pedigree tracking laws and regulations could increase the overall regulatory burden
and costs associated with our pharmaceutical distribution business, and could have a material adverse impact on our
results of operations.
Privacy: State, federal and foreign laws regulate the confidentiality of sensitive personal information, how that
information may be used, and the circumstances under which such information may be released. These regulations
govern the disclosure and use of confidential personal and patient medical record information and require the users
of such information to implement specified privacy and security measures. Regulations currently in place, including
regulations governing electronic health data transmissions, continue to evolve and are often unclear and difficult to
apply. Although we modified our policies, procedures and systems to comply with the current requirements of
applicable state, federal and foreign laws, including the Health Insurance Portability and Accountability Act of 1996
(“HIPAA”) and the Health Information Technology for Economic and Clinical Health (“HITECH”) Act portion of
the American Recovery and Reinvestment Act of 2009, new laws and regulations in this area could restrict the
ability of our customers to obtain, use or disseminate personal or patient information, or it could require us to incur
significant additional costs to re-design our products in a timely manner, either of which could have a material
adverse impact on our results of operations. In addition, the HITECH Act expanded HIPAA privacy and security
requirements and increased financial penalties for violations. It also extended certain provisions of the federal
privacy and security standards to us in our capacity as a business associate of our payer and provider customers.
These standards may be interpreted by a regulatory authority in a manner that could require us to make a material
change to our operations. Furthermore, failure to maintain confidentiality of sensitive personal information in
accordance with applicable regulatory requirements could expose us to breach of contract claims, fines and
penalties, costs for remediation and harm to our reputation.