Humana 2003 Annual Report Download - page 64

Download and view the complete annual report

Please find page 64 of the 2003 Humana annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 118

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118

There can be no assurance that we will be able to continue to obtain or maintain required governmental
approvals or licenses or that legislative or regulatory changes will not have a material adverse effect on our
business. Delays in obtaining or failure to obtain or maintain required approvals could adversely affect our
revenue or the number of our members, increase costs or adversely affect our ability to bring new products to
market as forecasted.
The National Association of Insurance Commissioners, or NAIC, has adopted risk-based capital
requirements, also known as RBC, which is subject to state-by-state adoption and to the extent implemented, sets
minimum capitalization requirements for insurance and HMO companies. The NAIC recommendations for life
insurance companies were adopted in all states and the prescribed calculation for HMOs has been adopted in
most states in which we operate. The HMO rules may increase the minimum capital required for some of our
subsidiaries.
The Health Insurance Portability and Accountability Act of 1996, or HIPAA, includes administrative
provisions directed at simplifying electronic data interchange through standardizing transactions, establishing
uniform health care provider, payer, and employer identifiers and seeking protections for confidentiality and
security of patient data. Under the new HIPAA standard transactions and code sets rules, we have made
significant systems enhancements and invest in new technological solutions. The compliance and enforcement
date for standard transactions and code sets rules was October 16, 2003. We have continued to be in compliance
with this regulation. However, as many providers indicated that they could not yet comply, CMS stated that
covered entities making a good faith effort to comply with HIPAA transactions and code-set standards would be
allowed to implement contingency plans to maintain their operations and cash flows. On October 15, 2003, we
announced implementation of a contingency plan to accept non-compliant electronic transactions from our
providers. We will continue to accept and process transactions sent in pre-HIPAA electronic formats from
providers who are showing a good-faith effort until all providers and clearinghouses are capable of transmitting
fully compliant standards transactions as defined in the HIPAA implementation guidelines or until CMS begins
enforcement of the HIPAA Electronic Data Interchange regulations. Management believes that the
implementation of our contingency plans has minimized any disruptions in our business operations during this
transition. However, if entities with which we do business do not ultimately comply with the HIPAA transactions
and code set standards, it could result in disruptions of certain of our business operations.
Additionally, under the new HIPAA privacy rules, which became effective on April 14, 2003, we must now
comply with a variety of requirements concerning the use and disclosure of individuals’ protected health
information, establish rigorous internal procedures to protect health information and enter into business associate
contracts with those companies to whom protected health information is disclosed. Regulations issued in
February 2003 set standards for the security of electronic health information requiring compliance by April 21,
2005. Violations of these rules will subject us to significant penalties. Compliance with HIPAA regulations
requires significant systems enhancements, training and administrative effort. The final rules do not provide for
complete federal preemption of state laws, but rather preempt all inconsistent state laws unless the state law is
more stringent. HIPAA could also expose us to additional liability for violations by our business associates.
Another area receiving increased focus is the time in which various laws require the payment of health care
claims. Many states already have legislation in place covering payment of claims within a specific number of
days. However, due to provider groups advocating for laws or regulations establishing even stricter standards,
procedures and penalties, we expect additional regulatory scrutiny and supplemental legislation with respect to
claims payment practices. The provider-sponsored bills are characterized by stiff penalties for late payment,
including high interest rates payable to providers and costly fines levied by state insurance departments and
attorneys general. This legislation and possible future regulation and oversight could expose our Company to
additional liability and penalties.
We are also subject to various governmental audits and investigations. These can include audits and
investigations by state attorneys general, CMS, the Office of the Inspector General of Health and Human
56