United Healthcare 2010 Annual Report Download - page 14

Download and view the complete annual report

Please find page 14 of the 2010 United Healthcare annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 157

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157

Other Federal Laws and Regulation
We are subject to various levels of federal regulation. CMS regulates our UnitedHealthcare Medicare &
Retirement and UnitedHealthcare Community & State Medicare and Medicaid businesses, as well as certain
aspects of our OptumHealth business. CMS has the right to audit performance to determine compliance with
CMS contracts and regulations and the quality of care given to Medicare beneficiaries. See Note 13 of Notes to
the Consolidated Financial Statements in this Form 10-K for a discussion of audits of our risk adjustment data for
several of our plans.
Our Health Benefits reporting segment, through UnitedHealthcare Community & State, also has Medicaid and
CHIP contracts that are subject to federal regulations regarding services to be provided to Medicaid enrollees,
payment for those services and other aspects of these programs. There are many regulations surrounding
Medicare and Medicaid compliance, and the regulatory environment with respect to these programs has become
and will continue to become increasingly complex as a result of the Health Reform Legislation. When we
contract with the federal government, we are subject to federal laws and regulations relating to the award,
administration and performance of U.S. government contracts. In addition, certain of Ingenix’s businesses, such
as its high acuity software products and clinical research activities, are subject to regulation by the U.S. Food and
Drug Administration, and the clinical research activities are also subject to laws and regulations outside of the
United States that regulate clinical trials. Laws and regulations relating to consumer protection, anti-fraud and
abuse, anti-kickbacks, false claims, prohibited referrals, inappropriately reducing or limiting health care services,
anti-money laundering, securities and antitrust also affect us.
HIPAA, GLBA and Other Privacy and Security Regulation. The administrative simplification provisions of the
Health Insurance Portability and Accountability Act of 1996, as amended (HIPAA), apply to both the group and
individual health insurance markets, including self-funded employee benefit plans. HIPAA requires guaranteed
health care coverage for small employers and certain eligible individuals. It also requires guaranteed renewability
for employers and individuals and limits exclusions based on pre-existing conditions. Federal regulations related
to HIPAA include minimum standards for electronic transactions and code sets, and for the privacy and security
of protected health information. The HIPAA privacy regulations do not preempt more stringent state laws and
regulations that may also apply to us.
Federal privacy and security requirements change frequently because of legislation, regulations and judicial or
administrative interpretation. For example, the U.S. Congress enacted the American Recovery and Reinvestment
Act of 2009 (ARRA), which significantly amends, and adds new, privacy and security provisions to HIPAA and
imposes additional requirements on uses and disclosures of health information. AARA includes new contracting
requirements for HIPAA business associate agreements; extends parts of HIPAA privacy and security provisions
to business associates; adds new federal data breach notification requirements for covered entities and business
associates and new reporting requirements to HHS and the Federal Trade Commission (FTC) and, in some cases,
to the local media; strengthens enforcement and imposes higher financial penalties for HIPAA violations and, in
certain cases, imposes criminal penalties for individuals, including employees. HHS has indicated that it will
issue regulations this year on key aspects of HIPAA, primarily ARRA amendments to HIPAA. In the conduct of
our business, we may act, depending on the circumstances, as either a covered entity or a business associate.
Federal consumer protection laws may also apply in some instances to privacy and security practices related to
personal identifiable information. The use and disclosure of individually identifiable health data by our
businesses is also regulated in some instances by other federal laws, including the Gramm-Leach-Bliley Act
(GLBA) or state statutes implementing GLBA, which generally require insurers to provide customers with notice
regarding how their non-public personal health and financial information is used and the opportunity to “opt out”
of certain disclosures before the insurer shares such information with a third party, and which generally require
safeguards for the protection of personal information. See Item 1A, “Risk Factors” for a discussion of the risks
related to compliance with HIPAA, GLBA and other privacy-related regulations.
ERISA. The Employee Retirement Income Security Act of 1974, as amended (ERISA), regulates how goods and
services are provided to or through certain types of employer-sponsored health benefit plans. ERISA is a set of
12