United Healthcare 2007 Annual Report Download - page 49

Download and view the complete annual report

Please find page 49 of the 2007 United Healthcare annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 106

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106

If we fail to comply with restrictions on patient privacy and information security, including taking steps to
ensure that our business associates who obtain access to sensitive patient information maintain its
confidentiality, our reputation and business operations could be materially adversely affected.
The use of individually identifiable data by our businesses is regulated at the international, federal and state
levels. These laws and rules are subject to change by legislation or administrative interpretation. Various state
laws address the use and disclosure of individually identifiable health data to the extent they are more restrictive
than those contained in the privacy and security provisions in the federal Gramm-Leach-Bliley Act and in Health
Insurance Portability and Accountability Act of 1996, as amended (HIPAA). HIPAA also requires that we
impose privacy and security requirements on our business associates (as such term is defined in the HIPAA
regulations). Even though we provide for appropriate protections through our contracts with our business
associates, we still have limited control over their actions and practices. In addition, despite the security measures
we have in place to ensure compliance with applicable laws and rules, our facilities and systems, and those of our
third party service providers, may be vulnerable to security breaches, acts of vandalism, computer viruses,
misplaced or lost data, programming and/or human errors or other similar events. Compliance with any privacy
proposals, requirements, and new regulations may result in cost increases due to necessary systems changes, the
development of new administrative processes, and the effects of potential noncompliance by our business
associates. They also may impose further restrictions on our use of patient identifiable data that is housed in one
or more of our administrative databases. Noncompliance with any privacy laws or any security breach involving
the misappropriation, loss or other unauthorized disclosure of sensitive or confidential member information,
whether by us or by one of our vendors, could have a material adverse effect on our business, reputation and
results of operations.
Our relationship with AARP is important and the loss of such relationship could have an adverse effect on
our business and results of operations.
Under our agreements with AARP, we provide AARP-branded Medicare Supplement insurance, hospital
indemnity insurance and other products to AARP members and Medicare Part D prescription drug plans to
AARP members and non-members. One of our agreements with AARP expands the relationship to include
AARP-branded Medicare Advantage plans for AARP members and non-members. Our agreements with AARP
contain commitments regarding corporate governance, corporate social responsibility, diversity and measures
intended to improve and simplify the health care experience for consumers. The AARP agreements may be
terminated early under certain circumstances, including, depending on the agreement, a material breach by either
party, insolvency of either party, a material adverse change in the financial condition of the Company, material
changes in the Medicare programs, material harm to AARP caused by the Company, and by mutual agreement.
The success of our AARP arrangements depends, in part, on our ability to service AARP and its members,
develop additional products and services, price the products and services competitively, meet our corporate
governance, corporate social responsibility, and diversity commitments, and respond effectively to federal and
state regulatory changes. The loss of our AARP relationship could have an adverse effect on our business and
results of operations.
Because of the nature of our business, we are routinely subject to various litigation actions, which, if
resolved unfavorably to us, could result in substantial monetary damages.
Periodically, we become a party to the types of legal actions that can affect any business, such as employment
and employment discrimination-related suits, employee benefit claims, breach of contract actions, tort claims,
shareholder suits, and intellectual property-related litigation. In addition, because of the nature of our business,
we are routinely made party to a variety of legal actions related to the design and management of our service
offerings. These matters include, among others, claims related to health care benefits coverage and payment
(including disputes with enrollees, customers, and contracted and non-contracted physicians, hospitals and other
health care professionals), medical malpractice actions, contract disputes and claims related to disclosure of
certain business practices. We are also party to certain class action lawsuits brought by health care professional
groups.
47