UnitedHealth Group (UNH)

We must comply with emerging restrictions on patient privacy and information security, including taking steps to ensure compliance by our business associates who obtain access to sensitive patient information when providing services to us.

The use of individually identifiable data by our businesses is regulated at the international, federal and state levels. These laws and rules are changed frequently by legislation or administrative interpretation. Various state laws address the use and disclosure of individually identifiable health data. Most are derived from the privacy and security provisions in the federal Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act of 1996, which is referred to as HIPAA. HIPAA also imposes guidelines on our business associates (as this term is defined in the HIPAA regulations). Even though we provide for appropriate protections through our contracts with our business associates, we still have limited control over their actions and practices. Compliance with these proposals, requirements, and new regulations may result in cost increases due to necessary systems changes, the development of new administrative processes, and the effects of potential noncompliance by our business associates. They also may impose further restrictions on our use of patient identifiable data that is housed in one or more of our administrative databases.

We must comply with emerging restrictions on patient privacy and information security, including taking steps to ensure compliance by our business associates who obtain access to sensitive patient information when providing services to us.

The use of individually identifiable data by our businesses is regulated at the international, federal and state levels. These laws and rules are changed frequently by legislation or administrative interpretation. Various state laws address the use and disclosure of individually identifiable health data. Most are derived from the privacy and security provisions in the federal Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA also imposes guidelines on our business associates (as this term is defined in the HIPAA regulations). Even though we provide for appropriate protections through our contracts with our business associates, we still have limited control over their actions and practices. Compliance with these proposals, requirements, and new regulations may result in cost increases due to necessary systems changes, the development of new administrative processes, and the effects of potential noncompliance by our business associates. They also may impose further restrictions on our use of patient identifiable data that is housed in one or more of our administrative databases.

We must comply with emerging restrictions on patient privacy and information security, including taking steps to ensure compliance by our business associates who obtain access to sensitive patient information when providing services to us.

The use of individually identifiable data by our businesses is regulated at the international, federal and state levels. These laws and rules are changed frequently by legislation or administrative interpretation. Various state laws address the use and disclosure of individually identifiable health data. Most are derived from the privacy and security provisions in the federal Gramm-Leach-Bliley Act and HIPAA. HIPAA also imposes guidelines on our business associates (as this term is defined in the HIPAA regulations). Even though we provide for appropriate protections through our contracts with our business associates, we still have limited control over their actions and practices. Compliance with these proposals, requirements, and new regulations may result in cost increases due to necessary systems changes, the development of new administrative processes, and the effects of potential noncompliance by our business associates. They also may impose further restrictions on our use of patient identifiable data that is housed in one or more of our administrative databases.

We must comply with emerging restrictions on patient privacy and information security, including taking steps to ensure compliance by our business associates who obtain access to sensitive patient information when providing services to us.

The use of individually identifiable data by our businesses is regulated at the international, federal and state levels. These laws and rules are changed frequently by legislation or administrative interpretation. Various state laws address the use and disclosure of individually identifiable health data. Most are derived from the privacy and security provisions in the federal Gramm-Leach-Bliley Act and HIPAA. HIPAA also imposes guidelines on our business associates (as this term is defined in the HIPAA regulations). Even though we provide for appropriate protections through our contracts with our business associates, we still have limited control over their actions and practices. Compliance with these proposals, requirements, and new regulations may result in cost increases due to necessary systems changes, the development of new administrative processes, and the effects of potential noncompliance by our business associates. They also may impose further restrictions on our use of patient identifiable data that is housed in one or more of our administrative databases.