Humana 2014 Annual Report Download - page 28

Download and view the complete annual report

Please find page 28 of the 2014 Humana annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 158

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158

20
upgraded and expanded our information systems capabilities, and are gradually migrating existing business to fewer
systems. Our information systems require an ongoing commitment of significant resources to maintain, protect, and
enhance existing systems and develop new systems to keep pace with continuing changes in information processing
technology, evolving industry and regulatory standards, and changing customer preferences. If the information we rely
upon to run our businesses was found to be inaccurate or unreliable or if we fail to maintain effectively our information
systems and data integrity, we could have operational disruptions, have problems in determining medical cost estimates
and establishing appropriate pricing, have customer and physician and other health care provider disputes, have
regulatory or other legal problems, have increases in operating expenses, lose existing customers, have difficulty in
attracting new customers, or suffer other adverse consequences.
We depend on independent third parties for significant portions of our systems-related support, equipment, facilities,
and certain data, including data center operations, data network, voice communication services and pharmacy data
processing. This dependence makes our operations vulnerable to such third parties' failure to perform adequately under
the contract, due to internal or external factors. A change in service providers could result in a decline in service quality
and effectiveness or less favorable contract terms which may adversely affect our operating results.
We rely on our agreements with customers, confidentiality agreements with employees, and our trade secrets and
copyrights to protect our proprietary rights. These legal protections and precautions may not prevent misappropriation
of our proprietary information. In addition, substantial litigation regarding intellectual property rights exists in the
software industry, including litigation involving end users of software products. We expect software products to be
increasingly subject to third-party infringement claims as the number of products and competitors in this area grows.
There can be no assurance that our information technology, or IT, process will successfully improve existing
systems, develop new systems to support our expanding operations, integrate new systems, protect our proprietary
information, defend against cybersecurity attacks, or improve service levels. In addition, there can be no assurance that
additional systems issues will not arise in the future. Failure to adequately protect and maintain the integrity of our
information systems and data, or to defend against cybersecurity attacks, may result in a material adverse effect on our
results of operations, financial position, and cash flows.
If we are unable to defend our information technology security systems against cybersecurity attacks or prevent
other privacy or data security incidents that result in security breaches that disrupt our operations or in the unintended
dissemination of sensitive personal information or proprietary or confidential information, we could be exposed to
significant regulatory fines or penalties, liability or reputational damage, or experience a material adverse effect on
our results of operations, financial position, and cash flows.
In the ordinary course of our business, we process, store and transmit large amounts of data, including sensitive
personal information as well as proprietary or confidential information relating to our business or a third-party. A
cybersecurity attack may penetrate our layered security controls and misappropriate or compromise sensitive personal
information or proprietary or confidential information or that of third-parties, create system disruptions, cause
shutdowns, or deploy viruses, worms, and other malicious software programs that attack our systems. A cybersecurity
attack that bypasses our IT security systems successfully could materially affect us due to the theft, destruction, loss,
misappropriation or release of confidential data or intellectual property, operational or business delays resulting from
the disruption of our IT systems, or negative publicity resulting in reputation or brand damage with our members,
customers, providers, and other stakeholders.
The costs to eliminate or address cybersecurity threats and vulnerabilities before or after an incident could be
substantial. Our remediation efforts may not be successful and could result in interruptions, delays, or cessation of
service, and loss of existing or potential members. In addition, breaches of our security measures and the unauthorized
dissemination of sensitive personal information or proprietary or confidential information about us or our members or
other third-parties, could expose our members’ private information and result in the risk of financial or medical identity
theft, or expose us or other third-parties to a risk of loss or misuse of this information, result in significant regulatory
fines or penalties, litigation and potential liability for us, damage our brand and reputation, or otherwise harm our
business.