United Healthcare 2015 Annual Report Download - page 31

Download and view the complete annual report

Please find page 31 of the 2015 United Healthcare annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 113

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113

If we sustain cyber-attacks or other privacy or data security incidents, that result in security breaches that
disrupt our operations or result in the unintended dissemination of sensitive personal information or
proprietary or confidential information, we could suffer a loss of revenue and increased costs, exposure to
significant liability, reputational harm and other serious negative consequences.
We routinely process, store and transmit large amounts of data in our operations, including sensitive personal
information as well as proprietary or confidential information relating to our business or third-parties. Some of
the data we process, store and transmit may be outside of the United States due to our information technology
systems and international business operations. We may be subject to breaches of the information technology
systems we use. Experienced computer programmers and hackers may be able to penetrate our layered security
controls and misappropriate or compromise sensitive personal information or proprietary or confidential
information or that of third-parties, create system disruptions or cause shutdowns. They also may be able to
develop and deploy viruses, worms and other malicious software programs that attack our systems or otherwise
exploit any security vulnerabilities. Our facilities may also be vulnerable to security incidents or security attacks;
acts of vandalism or theft; coordinated attacks by activist entities; misplaced or lost data; human errors; or other
similar events that could negatively affect our systems and our and our customer’s data.
The costs to eliminate or address the foregoing security threats and vulnerabilities before or after a cyber-incident
could be significant. Our remediation efforts may not be successful and could result in interruptions, delays, or
cessation of service and loss of existing or potential customers. In addition, breaches of our security measures
and the unauthorized dissemination of sensitive personal information or proprietary information or confidential
information about us or our customers or other third-parties, could expose our customers’ private information and
our customers to the risk of financial or medical identity theft, or expose us or other third-parties to a risk of loss
or misuse of this information, result in litigation and potential liability for us, damage our brand and reputation,
or otherwise harm our business.
If we are not able to protect our proprietary rights to our databases, software and related products, our
ability to market our knowledge and information-related businesses could be hindered and our results of
operations, financial position and cash flows could be materially and adversely affected.
We rely on our agreements with customers, confidentiality agreements with employees and third parties, and our
trademarks, trade secrets, copyrights and patents to protect our proprietary rights. These legal protections and
precautions may not prevent misappropriation of our proprietary information. In addition, substantial litigation
regarding intellectual property rights exists in the software industry, and we expect software products to be
increasingly subject to third-party infringement claims as the number of products and competitors in this industry
segment grows. Such litigation and misappropriation of our proprietary information could hinder our ability to
market and sell products and services and our results of operations, financial position and cash flows could be
materially and adversely affected.
Restrictions on our ability to obtain funds from our regulated subsidiaries could materially and adversely
affect our results of operations, financial position and cash flows.
Because we operate as a holding company, we are dependent upon dividends and administrative expense
reimbursements from our subsidiaries to fund our obligations. Many of these subsidiaries are regulated by
departments of insurance or similar regulatory authorities. We are also required by law or regulation to maintain
specific prescribed minimum amounts of capital in these subsidiaries. The levels of capitalization required
depend primarily upon the volume of premium revenues generated by the applicable subsidiary. In most states,
we are required to seek prior approval by state regulatory authorities before we transfer money or pay dividends
from our regulated subsidiaries that exceed specified amounts. An inability of our regulated subsidiaries to pay
dividends to their parent companies in the desired amounts or at the time of our choosing could adversely affect
our ability to reinvest in our business through capital expenditures or business acquisitions, as well as our ability
29