tiprankstipranks
Encompass Health (EHC)
NYSE:EHC
US Market
Holding EHC?
Track your performance easily

Encompass Health (EHC) Risk Factors

359 Followers
Public companies are required to disclose risks that can affect the business and impact the stock. These disclosures are known as “Risk Factors”. Companies disclose these risks in their yearly (Form 10-K), quarterly earnings (Form 10-Q), or “foreign private issuer” reports (Form 20-F). Risk factors show the challenges a company faces. Investors can consider the worst-case scenarios before making an investment. TipRanks’ Risk Analysis categorizes risks based on proprietary classification algorithms and machine learning.

Encompass Health disclosed 33 risk factors in its most recent earnings report. Encompass Health reported the most risks in the “Legal & Regulatory” category.

Risk Overview Q3, 2024

Risk Distribution
33Risks
39% Legal & Regulatory
24% Finance & Corporate
21% Ability to Sell
6% Production
6% Macro & Political
3% Tech & Innovation
Finance & Corporate - Financial and accounting risks. Risks related to the execution of corporate activity and strategy
This chart displays the stock's most recent risk distribution according to category. TipRanks has identified 6 major categories: Finance & corporate, legal & regulatory, macro & political, production, tech & innovation, and ability to sell.

Risk Change Over Time

2020
Q4
S&P500 Average
Sector Average
Risks removed
Risks added
Risks changed
Encompass Health Risk Factors
New Risk (0)
Risk Changed (0)
Risk Removed (0)
No changes from previous report
The chart shows the number of risks a company has disclosed. You can compare this to the sector average or S&P 500 average.

The quarters shown in the chart are according to the calendar year (January to December). Businesses set their own financial calendar, known as a fiscal year. For example, Walmart ends their financial year at the end of January to accommodate the holiday season.

Risk Highlights Q3, 2024

Main Risk Category
Legal & Regulatory
With 13 Risks
Legal & Regulatory
With 13 Risks
Number of Disclosed Risks
33
No changes from last report
S&P 500 Average: 31
33
No changes from last report
S&P 500 Average: 31
Recent Changes
0Risks added
0Risks removed
0Risks changed
Since Sep 2024
0Risks added
0Risks removed
0Risks changed
Since Sep 2024
Number of Risk Changed
0
No changes from last report
S&P 500 Average: 3
0
No changes from last report
S&P 500 Average: 3
See the risk highlights of Encompass Health in the last period.

Risk Word Cloud

The most common phrases about risk factors from the most recent report. Larger texts indicate more widely used phrases.

Risk Factors Full Breakdown - Total Risks 33

Legal & Regulatory
Total Risks: 13/33 (39%)Above Sector Average
Regulation7 | 21.2%
Regulation - Risk 1
Other legislative and regulatory initiatives and changes affecting the industry could adversely affect our business and results of operations.
In addition to the legislative and regulatory actions that directly affect our reimbursement rates or further the evolution of the current healthcare delivery system, other legislative and regulatory changes, including as a result of ongoing healthcare reform, affect healthcare providers like us from time to time. For example, the ACA provides for the expansion of the federal Anti-Kickback Law and the False Claims Act (the "FCA") that, when combined with other recent federal initiatives, are likely to increase investigation and enforcement efforts in the healthcare industry generally. Changes include increased resources for enforcement, lowered burden of proof for the government in healthcare fraud matters, expanded definition of claims under the FCA, enhanced penalties, and increased rewards for relators in successful prosecutions. CMS may also suspend payment for claims prospectively if, in its opinion, credible allegations of fraud exist. The initial suspension period may be up to 180 days. However, the payment suspension period can be extended almost indefinitely if the matter is under investigation by the HHS-OIG or DOJ. Any such suspension would adversely affect our financial position, results of operations, and cash flows. Some states in which we operate have also undertaken, or are considering, healthcare reform initiatives that address similar issues. While many of the stated goals of other federal and state reform initiatives are consistent with our own goal to provide care that is high-quality and cost-effective, legislation and regulatory proposals may lower reimbursements, increase the cost of compliance, decrease patient volumes, promote frivolous or baseless litigation, and otherwise adversely affect our business. We cannot predict what healthcare initiatives, if any, will be enacted, implemented or amended, or the effect any future legislation or regulation will have on us. On September 30, 2019, CMS adopted a new rule as called for by the IMPACT Act that revises the discharge planning requirements applicable to our inpatient rehabilitation hospitals. Effective November 29, 2019, CMS requires every hospital (including IRFs) to have a discharge planning process that focuses on patients' goals and preferences and on preparing them and, as appropriate, their caregivers, to be active partners in their post-discharge care. For our hospitals, this rule requires instituting standardized procedures to identify those patients who are likely to suffer adverse health consequences upon discharge in the absence of adequate discharge planning and to provide a discharge planning evaluation for such patients to ensure that appropriate arrangements for post-hospital care are made before discharge. At the time of discharge, a hospital must transfer or refer the patient, along with all necessary medical information pertaining to the patient's current course of illness and treatment, post-discharge goals of care, and treatment preferences, to the appropriate post-acute care service providers and suppliers, facilities, agencies, and other outpatient service providers and practitioners responsible for the patient's follow-up or ancillary care. Patients must also be informed of all post-acute providers in the area and, for patients enrolled in managed care organizations, in network providers must be identified if the hospital has that information. Additional information must be provided to patients who are discharged home and referred for home health agency services or who are referred to other post-acute care services. In areas where we are not part of a managed care network with significant enrollment, this discharge planning rule may negatively affect the number of patients choosing us. In accordance with requirements adopted pursuant to the IMPACT Act, CMS implemented requirements to publish certain Medicare spending per beneficiary measures for each inpatient rehabilitation hospital in October 2016. The intent of tracking and publishing this data is to evaluate a given provider's payment efficiency relative to the efficiency of the national median provider in that provider's post-acute segment. CMS believes this measure will encourage improved efficiency and coordination of care in the post-acute setting by holding providers accountable for Medicare resource use during an episode of care. However, the measures may be misleading as they do not incorporate patient outcomes associated with those resources used. CMS has not proposed to compare payment efficiency across provider segments. On December 14, 2020, CMS announced the proposal of a five-year review choice demonstration for inpatient rehabilitation services (the "IRF RCD"). IRF RCD began in Alabama in August 2023. CMS intends to expand this demonstration to Pennsylvania, Texas, and California but has not yet announced the timing for doing so. We operate 47 inpatient rehabilitation hospitals (representing approximately 30% of our IRF Medicare claims) in those four states. After the initial four states, CMS intends to expand the demonstration to include additional IRFs based on the Medicare Administrative Contractor to which those IRFs submit claims. Under the IRF RCD, participating IRFs have an initial choice between pre-claim or post-payment review of 100% of claims submitted to demonstrate compliance with applicable Medicare coverage and clinical documentation requirements. Under the pre-claim review choice, services may begin prior to the submission of the review request and continue while the decision is being made. The pre-claim review request with required documentation must be submitted and reviewed before the final claim is submitted for payment. Under the post-payment review choice, IRFs would provide services, submit all claims for payment following their normal processes, and then submit required documentation for medical review. If a certain percentage of the claims reviewed are found to be valid, the IRF may then opt out of the 100% review. That percentage will initially be 80% or greater for the first six-month period and eventually increases to 90% or greater in subsequent review cycles. In opting out, the IRF may elect spot prepayment reviews of samples consisting of 5% of total claims or selective post-payment review of a random sample. For the review beginning in August 2023, we chose pre-claim review. As of year end 2023, we cannot be certain our claim validation rate will continue to exceed the required percentage for each review cycle, nor can we predict the impact, if any, it may have on the collectability of our Medicare claims over its five-year term. We may ultimately experience decreases in Net operating revenues and in cash flow, or we may incur costs associated with patient care for which the Medicare claim is subsequently denied, any of which could have an adverse effect on our financial position, results of operations, and liquidity. In January 2020, the HHS-OIG announced an audit to review incentives under the IRF-PPS to discharge patients prematurely to home health agencies. Following this audit, the HHS-OIG announced in December 2021 its recommendation to CMS to establish an IRF transfer payment policy for early discharges to home health care in which the IRF would only receive a per diem rate in lieu of the full case-mix payment. The HHS-OIG estimated the policy could have reduced total Medicare payments to IRFs in 2017 and 2018 by between 6% and 7%. The CMS proposed rule for fiscal year 2023 for the IRF-PPS included a request for comment on a potential change that could be included in future rulemaking. Based on the HHS-OIG report, CMS noted it was considering whether to modify the IRF transfer payment policy to reduce reimbursement for early discharges to home health, similar to how early discharges to acute-care hospitals, skilled nursing facilities, long-term acute-care hospitals, or another IRF, are currently treated under the IRF-PPS. In the final IRF-PPS rule for 2023, CMS acknowledged industry comments on the policy and noted those comments would be taken under advisement for future rulemaking, but neither the proposed nor the final rulemaking for fiscal year 2024 IRF-PPS made reference to a change in the IRF transfer payment policy. We cannot predict what legislative or regulatory reforms or changes, if any, will ultimately be enacted, or the timing or effect any of those changes or reforms will have on us. If enacted, they may be challenging for all providers and have the effect of limiting Medicare beneficiaries' access to healthcare services and could have a material adverse impact on our Net operating revenues, financial position, results of operations, and cash flows. For additional discussion of healthcare reform and other factors affecting reimbursement for our services, see Item 1, Business, "Regulatory and Reimbursement Challenges" and "Sources of Revenues-Medicare Reimbursement."
Regulation - Risk 2
Compliance with the extensive laws and government regulations applicable to healthcare providers requires substantial time, effort and expense, and if we fail to comply with them, we could suffer penalties or be required to make significant changes to our operations.
Healthcare providers are required to comply with extensive and complex laws and regulations at the federal, state, and local government levels. These laws and regulations relate to, among other things: - licensure, certification, enrollments, and accreditation;- policies, either at the national or local level, delineating what conditions must be met to qualify for reimbursement under Medicare (also referred to as coverage requirements);- coding and billing for services;- requirements of the "60% Rule" applicable to inpatient rehabilitation facilities;- relationships with physicians and other referral sources, including physician self-referral and anti-kickback laws;- quality of medical care;- use and maintenance of medical supplies and equipment;- maintenance and security of patient information and medical records;- minimum staffing;- acquisition and dispensing of pharmaceuticals and controlled substances;- pricing transparency and similar consumer protection rules; and - disposal of medical and hazardous waste. The "60% Rule" is a Medicare requirement that at least 60% of an IRF's patients must have a diagnosis or qualifying comorbidity from at least one of 13 specified medical conditions that typically require intensive therapy and supervision, such as stroke, brain injury, hip fracture, certain neurological conditions, and spinal cord injury. If an IRF does not demonstrate compliance with the 60% Rule by either the presumptive method or through a review of medical records, then its classification as an IRF may be terminated by CMS causing the facility to be paid under the acute-care payment system which would result in reduced reimbursement per discharge. If one or more of our hospitals fails to demonstrate compliance with the 60% Rule and CMS re-classifies it as an acute-care hospital, our revenue and profitability may be materially and adversely affected. In the future, changes in these laws or regulations or the manner in which they are enforced could subject our current or past practices to allegations of impropriety or illegality or could require us to make changes in our hospitals, equipment, personnel, services, capital expenditure programs, operating procedures, and contractual arrangements. Those changes could also affect reimbursements as well as future compliance, training, and staffing costs. Examples of regulatory changes that can affect our business, beyond direct changes to Medicare reimbursement rates, can be found from time to time in CMS's annual rulemaking. For example, the final rule for the fiscal year 2010 IRF-PPS implemented new coverage requirements which provided in part that a patient medical record must document a reasonable expectation that, at the time of admission to an IRF, the patient generally required and was able to participate in the intensive rehabilitation therapy services uniquely provided at IRFs. CMS has also taken the position that a patient's medical file must appropriately document the rationale for the use of group therapies, as opposed to one-on-one therapy. Beginning on October 1, 2015, CMS instituted a new data collection requirement pursuant to which IRFs must capture the minutes and mode (individual, group, concurrent, or co-treatment) of therapy by specialty. Additionally, from time to time CMS has adopted changes in the medical conditions that will presumptively count toward the 60% compliance threshold to qualify for reimbursement as an inpatient rehabilitation hospital. Of note, the HHS-OIG periodically updates a work plan that identifies areas of compliance focus. In recent years, the HHS-OIG work plans for IRFs have focused on, among other items, the appropriate utilization of concurrent and group therapy, adverse and temporary patient harm events, and billing error rates for IRFs. In September 2018, the HHS-OIG released a report purporting to identify a high error rate (approximately 80% of claims) among inpatient rehabilitation hospital admissions in a small sample of 220 claims. Based on its findings, the HHS-OIG extrapolated the error rate to the universe of inpatient rehabilitation claims and, among other things, recommended reevaluation of the IRF-PPS. However, that HHS-OIG report involved an extremely small sample size, was not a random sample of cases, included some citations to coverage requirements that did not match actual regulations, appeared to conflate technical documentation requirements with medical necessity determinations, and was at odds with actual MAC reviews of claims during that same timeframe which found substantially lower error rates. On September 15, 2022, the HHS-OIG updated its work plan to conduct a nationwide audit of IRF claims in order to determine the extent to which CMS could clarify the Medicare IRF claim payment criteria. The HHS-OIG expects to issue a report on this in fiscal year 2024. An HHS-OIG work plan, audit or similar future efforts could result in proposed changes to the payment systems for providers or increased denials of Medicare claims for patients notwithstanding the referring physicians' judgment that treatment is appropriate. As the recent HHS-OIG work plans demonstrate, the clarity and completeness of each patient medical file, some of which is the work product of a physician not employed by us, are essential to demonstrating our compliance with various regulatory and reimbursement requirements. For example, to support the determination that a patient's IRF treatment was medically necessary, the file must contain, among other things, an admitting physician's assessment of the patient as well as a post-admission assessment by the treating physician and other information from clinicians relating to the plan of care and the therapies being provided. These physicians are not employees. They exercise independent medical judgment. We and our hospital medical directors, who are independent contractors, provide training on a regular basis to the physicians who treat patients at our hospitals regarding appropriate documentation. However, we ultimately do not and cannot control the physicians' medical judgment. In connection with subsequent payment audits and investigations, there can be no assurance as to what opinion a third party may take regarding the status of patient files or the physicians' medical judgment evidenced in those files. On March 4, 2013, we received document subpoenas from an office of the HHS-OIG addressed to four of our hospitals. On April 24, 2014, we received document subpoenas relating to an additional seven of our hospitals. Those subpoenas requested documents, including copies of patient medical records, related to reimbursement claims submitted during periods ranging from January 2008 through December 2013. The associated investigation led by DOJ was based on whistleblower claims of alleged improper or fraudulent claims submitted to Medicare and Medicaid and requested documents and materials relating to practices, procedures, protocols and policies of certain pre- and post-admissions activities at these hospitals including marketing functions, pre-admission screening, post-admission physician evaluations, patient assessment instruments, individualized patient plans of care, and compliance with the Medicare 60% rule. We settled the DOJ investigation, together with the related qui tam or whistleblower lawsuits, in 2019 for a total payment of $48 million, and we expressly denied any wrongdoing. In return for the settlement payment, the plaintiffs dismissed with prejudice their pending qui tam claims, and DOJ provided Encompass Health and all its subsidiaries with a release from civil liability. Although we have invested, and will continue to invest, substantial time, effort, and expense in implementing and maintaining training programs as well as internal controls and procedures designed to ensure regulatory compliance, we have in the past been, and could in the future be, required to return portions of reimbursements for discharges alleged after the fact to have not been appropriate under the applicable reimbursement rules and change our patient admissions practices going forward. We could also be subjected to other liabilities, including (1) criminal penalties, (2) civil penalties, including monetary penalties and the loss of our licenses to operate one or more of our hospitals, and (3) exclusion or suspension of one or more of our hospitals from participation in the Medicare, Medicaid, and other federal and state healthcare programs, which, if lengthy in duration and material to us, could potentially trigger a default under our credit agreement or debt instruments. Because Medicare comprises a significant portion of our Net operating revenues, failure to comply with the laws and regulations governing the Medicare program and related matters, including anti-kickback and anti-fraud requirements, could materially and adversely affect us. As discussed above in connection with the ACA, the federal government has in the last couple of years made compliance enforcement and fighting healthcare fraud top priorities. In the past few years, DOJ and HHS as well as federal lawmakers have significantly increased efforts to ensure strict compliance with various reimbursement related regulations as well as combat healthcare fraud. DOJ has pursued and recovered record amounts based on alleged healthcare fraud. The increased enforcement efforts have frequently included aggressive arguments and interpretations of laws and regulations that pose risks for all providers. For example, the federal government has increasingly asserted that incidents of erroneous billing or record keeping may represent violations of the FCA. Human error and oversight in record keeping and documentation, particularly where those activities are the responsibility of non-employees, are always a risk in business, and healthcare providers and independent physicians are not immune to this risk. Additionally, the federal government has been willing to challenge the medical judgment of independent physicians in determining issues such as the medical necessity of a given treatment plan. Settlements of alleged violations or imposed reductions in reimbursements, substantial damages and other remedies assessed against us could have a material adverse effect on our business, financial position, results of operations, and cash flows. Even the assertion of a violation, depending on its nature, could have a material adverse effect upon our stock price or reputation and could cost us significant time and expense to defend.
Regulation - Risk 3
The use of sub-regulatory guidance, statistical sampling, and extrapolation by CMS, Medicare contractors, HHS-OIG, and DOJ to deny claims, expand enforcement claims, and advocate for changes in reimbursement policy increases the risk that we could experience reduced revenue, suffer penalties, or be required to make significant changes to our operations.
Because Medicare comprises a significant portion of our Net operating revenues, failure to comply with the laws and regulations governing the Medicare program and related matters, including anti-kickback and anti-fraud requirements, could materially and adversely affect us. Our ability to operate in a compliant manner impacts the claims denials, compliance enforcement, and regulatory processes discussed in other risks above. The federal government's reliance on sub-regulatory guidance, such as handbooks, FAQs, internal memoranda, and press releases, presents a unique challenge to compliance efforts. Such sub-regulatory guidance purports to explain validly promulgated regulations but often expands or supplements existing regulations without constitutionally and statutorily required notice and comment and other procedural protections. Without procedural protections, sub-regulatory guidance poses a risk above and beyond reasonable efforts to follow validly promulgated regulations, particularly when the agency or MAC seeking to enforce such sub-regulatory guidance is not the agency or MAC issuing the guidance and therefore not as familiar with the substance and nature of the underlying regulations or even clinical issues involved. On August 6, 2020, CMS issued a proposed rule invoking a rarely used retroactive-rulemaking authority to support CMS's application of a Medicare payment methodology that the U.S. Supreme Court found to be procedurally improper in Azar v. Allina Health Services in 2019. CMS' invocation of its retroactive-rulemaking authority in response to this Supreme Court decision is an unfavorable precedent for providers because it demonstrates a willingness by CMS to revive adverse reimbursement actions after those actions are deemed deficient on administrative procedural grounds. Additionally, the federal government is increasingly turning to statistical sampling and extrapolation to expand claims denials and enforcement efforts and advocate for changes in reimbursement policy. Through sampling and extrapolation, the government takes a review of a small number of reimbursement claims and generalizes the results of that review to a much broader universe of claims, which can result in significant increases in the aggregate number and value of claims at issue. Increasing use of extrapolation can be found in payment review audits, such as those conducted by RACs and UPICs. In addition to payment reviews, government agencies may allege compliance violations, including submission of false claims, based on sampling and extrapolation and seek to change reimbursement policy. For example, the HHS-OIG issued a report in September 2018 purporting to identify a high error rate (approximately 80% of claims) among inpatient rehabilitation hospital admissions in a small sample of 220 claims. Based on its findings, the HHS-OIG extrapolated the error rate to the universe of inpatient rehabilitation claims and, among other things, recommended reevaluation of the IRF-PPS. However, the HHS-OIG report involves an extremely small sample size, is not a random sample of cases, includes incorrect references to coverage requirement regulations, appears to conflate technical documentation requirements with medical necessity determinations, and is at odds with actual MAC reviews of claims during that same timeframe which found substantially lower error rates. Notwithstanding the technical statistical flaws that can arise in sampling small groups of claims and the extremely problematic nature of extrapolation in the context of individualized decisions of medical judgment as some courts have noted, sampling and extrapolation pose a growing risk to healthcare providers in the form of more significant claims of overpayments and increased legal costs to defend against these problematic regulatory practices. In a recent federal court case, the Fifth Circuit Court of Appeals ruled in favor of CMS and affirmed the application of extrapolation errors identified in a sample of claims to support larger claims for overpayment. As discussed under "Reimbursement Risks" above, we are currently challenging, among other things, the use of extrapolation in a 2017 UPIC audit. Any associated loss of revenue or increased legal costs could materially and adversely affect our financial position, results of operations, and cash flows.
Regulation - Risk 4
Efforts to comply with regulatory mandates to increase the use of electronic health data and health system interoperability may lead to enforcement and negative publicity which could adversely affect our business.
For many years, a primary focus of the healthcare industry has been to increase the use of electronic health records, or "EHR," and the sharing of the health data among providers, payors and other members of the industry. The federal government has been a significant driver of that initiative through rules and regulations. In 2009, as part of the Health Information Technology for Economic and Clinical Health ("HITECH") Act, the federal government set aside $27 billion of incentives for acute-care hospitals and other providers, not including IRFs, to adopt EHR systems. In 2020, CMS and HHS's Office of the National Coordinator for Health IT ("ONC") finalized policy changes implementing interoperability, information blocking, and patient access provisions of the 21st Century Cures Act and supporting the MyHealthEData initiative, designed to allow patients to access their health claims information electronically through the application of their choosing. The companion rules will transform the way in which healthcare providers, health information technology developers, health information exchanges/health information networks ("HIEs/HINs"), and health plans share patient information. For example, the ONC rule prohibits healthcare providers, health IT developers, and HIEs/HINs from engaging in practices that are likely to interfere with, prevent, materially discourage, or otherwise inhibit the access, exchange or use of electronic health information, also known as "information blocking." The ONC rule also requires regulated actors to respond to requests for electronic health information in the content and manner requested, with some exceptions. Enforcement of ONC's and CMS' new health information access, exchange, and use standards began in 2021, and noncompliance can result in civil monetary penalties, exclusion from participation in federal health care programs and other appropriate "disincentives," including reductions in Medicare reimbursements. The United States Department of Health and Human Services Office of Civil Rights ("HHS-OCR") patient right of access initiative, which has similar objectives to the new ONC initiative, such as promoting and enforcing patient access to health information, has led to dozens of settlements of enforcement actions. The goals of increased use of electronic health data and interoperability are improved quality of care and lower healthcare costs generally. However, increased use of electronic health data and interoperability inherently magnifies the risk of security breaches involving that data and information systems used to share it, which risk is discussed under "Other Operational Risks" below. Additionally, interoperability and the sharing of health information have received increasingly negative publicity. There is at least one well publicized instance where organizations received significant negative publicity for sharing health data despite having appeared to comply in all respects with privacy law. There can be no assurance that our efforts to improve the care we deliver and to comply with the law through increasing use of electronic data and system interoperability will not receive negative publicity that may materially and adversely affect our ability to get patient referrals or enter into joint ventures with other providers or may lead to greater regulatory scrutiny. Negative publicity may also lead to federal or state regulation that conflicts with current federal policy and interferes with the healthcare industry's efforts to improve care and reduce costs through use of electronic data and interoperability.
Regulation - Risk 5
If any of our hospitals fail to comply with the Medicare enrollment requirements or conditions of participation, that hospital could be terminated from the Medicare program.
Each of our hospitals must comply with extensive enrollment requirements and conditions of participation for the Medicare program. If any of our hospitals fail to meet any of the Medicare enrollment requirements or conditions of participation, we may receive a notice of deficiency from the applicable survey agency or contractor, as applicable. If that hospital then fails to institute an acceptable plan of correction and correct the deficiency within the applicable correction period, it could lose the ability to bill Medicare. A hospital could be terminated from the Medicare program if it fails to address the deficiency within the applicable correction period. If CMS terminates one hospital, it may increase its scrutiny of others under common control. From time to time, we have individual hospitals that receive notices of deficiency. To date, we have addressed those as they have arisen, and we have not experienced a termination. In September 2019, CMS released a final rule adding additional provider enrollment provisions and creating several new revocation and denial authorities in an attempt to bolster CMS' efforts to prevent waste, fraud and abuse. This rule requires Medicare and Medicaid providers and suppliers to disclose any current or previous (in the last five years), direct or indirect affiliation with a provider or supplier that has ever had a disclosable event. A disclosable event is any uncollected debt to Medicare or Medicaid, payment suspension under a federal health care program, denial, revocation or termination of enrollment (even if it is under appeal), or exclusion by the HHS-OIG from participation in a federal health care program. The rule also broadens the definition of an affiliation, including many indirect ownership or control situations such as ownership interests in a publicly traded company. If CMS determines an affiliation with a disclosable event poses an undue risk of fraud, waste or abuse, then the provider reporting that affiliation may be subject to exclusion from Medicare. Currently, information regarding uncollected debt, payment suspensions and enrollment actions are not generally available, so obtaining such information on affiliates could prove difficult or impossible in some situations. Under this new rule, CMS may revoke a provider's Medicare enrollment, including all of the provider's locations, if the provider bills for services performed at, or items furnished from, one location that it knew or should have known did not comply with Medicare enrollment requirements, including making the disclosures discussed above. CMS has the ability to prevent applicants from enrolling in the program for up to three years if a provider is found to have submitted false or misleading information in its initial enrollment application. Additionally, CMS can now block providers and suppliers who are revoked from re-entering the Medicare program for up to 10 years. CMS may also revoke a provider's enrollment if it fails to report on a timely basis any change in ownership or control, revocation or suspension of a federal or state license or certification, or any other change in its enrollment data. Any termination of one or more of our hospitals from the Medicare program for failure to satisfy the enrollment requirements or conditions of participation could materially adversely affect our business, financial position, results of operations, and cash flows.
Regulation - Risk 6
We are subject to federal, state and local laws and regulations that govern our employment practices, including minimum wage, overtime, living wage and paid-time-off requirements. Failure to comply with these laws and regulations, or changes to these laws and regulations that increase our employment-related expenses, could adversely impact our operations.
We are required to comply with all applicable federal, state and locals laws and regulations relating to employment, including occupational safety and health requirements, minimum staffing, wage and hour, overtime and other compensation requirements, employee benefits and other leave and sick pay requirements, proper classification of workers as employee or independent contractors, and immigration and equal employment opportunity laws, among others. These laws and regulations can vary significantly among jurisdictions, can change, and can be highly technical and involve strict liability for noncompliance with a seemingly mundane technical detail. Costs and expenses related to these requirements are a significant operating expense and may increase as laws and regulations change. From time to time, we have been, and expect to continue to be, subject to regulatory proceedings and private litigation, including putative class action lawsuits, concerning our application of various laws, rules and regulations governing employment practices, including wage and hour claims. Some of these actions involve large demands, as well as substantial defense costs. Any failure to comply with these employment-related legal requirements can result in significant penalties or litigation exposure and could have a material adverse effect on our business, financial position, results of operations, and cash flows.
Regulation - Risk 7
The pricing transparency and similar consumer protection rules could adversely affect our business and results of operations.
Effective January 1, 2021, the hospital price transparency rule requires hospitals to publish on the internet in a consumer-friendly format their standard charges based on negotiated rates for all items and services and up to 300 common shoppable services. Shoppable services are those routinely provided in non-urgent situations and include those ancillary services that customarily accompany the primary service being provided. The charges for an individual item or service to be published include: - gross charge (charge as reflected on a hospital's chargemaster, absent any discounts),- payer-specific negotiated charge (charge negotiated with a third party payer for an item or service),- de-identified minimum negotiated charge (lowest charge negotiated with all third-party payers),- de-identified maximum negotiated charge (highest charge negotiated with all third-party payers), and - discounted cash price (charge that applies to an individual who pays cash). Effective July 1, 2024, CMS finalized a requirement for hospitals to display their standard charge information by conforming to a CMS template layout, data specifications, and data dictionary, and to improve accessibility of the data on their websites. The hospital will be required to encode its standard charge information in the CMS templates and conform with other specified technical instructions that will be made available in a data dictionary. This transparency rule imposes significant initial and ongoing burdens on hospitals to track and publish various billing information. In the event a hospital fails to comply with the new requirements and does not complete the prescribed corrective action, CMS may impose a civil monetary penalty of between $300 and $5,500 per day. The maximum penalty for violations is more than $2 million per hospital. Effective January 1, 2022, the federal No Surprises Act imposes additional price transparency requirements, including requiring hospitals to send uninsured or self-pay patients a good faith estimate of the expected charges for treatments, including for attending physicians billing separately, prior to the scheduled stay or upon request. If an uninsured or self-pay patient receives a bill that is substantially greater than the expected charges in the estimate or the provider furnishes an item or service that was not included in the estimate, the patient may initiate a patient-provider dispute resolution process established by regulation. Additionally, HHS may impose penalties of up to $10,000 per violation of the No Surprises Act. Many states have also passed or are debating legislation establishing price transparency websites, mandating that health plans or hospitals make price information available to consumers, or prohibiting practices associated with surprise billing. These requirements and restrictions vary from state to state. We cannot predict what the adverse effects, if any, of new federal or state pricing transparency and other consumer protection laws or regulations, such as the effect on relations with managed care payors and referral sources, may be for us. Our failure to maintain compliance with these rules could adversely affect our financial position, results of operations, and cash flows.
Litigation & Legal Liabilities3 | 9.1%
Litigation & Legal Liabilities - Risk 1
We are a defendant in various lawsuits, and may be subject to liability under qui tam cases, the outcome of which could have a material adverse effect on us.
We operate in a highly regulated industry in which healthcare providers are routinely subject to litigation. As a result, various lawsuits, claims, and legal and regulatory proceedings have been and can be expected to be instituted or asserted against us. We are a defendant in a number of lawsuits, most of which are general and professional liability matters inherent in treating patients with medical conditions. Our more significant lawsuits and investigations, if any, are discussed in Note 18, Contingencies and Other Commitments, to the accompanying consolidated financial statements. Substantial damages, fines, or other remedies assessed against us or agreed to in settlements could have a material adverse effect on our business, financial position, results of operations, and cash flows, including indirectly as a result of the covenant defaults under our credit agreement or debt instruments or other claims such as those in securities actions. Additionally, the costs of defending litigation and investigations, even if frivolous or nonmeritorious, could be significant. The FCA allows private citizens, called "relators," to institute civil proceedings on behalf of the United States alleging violations of the FCA. These lawsuits, also known as "whistleblower" or "qui tam" actions, can involve significant monetary damages, fines, attorneys' fees and the award of bounties to the relators who successfully prosecute or bring these suits to the government. Qui tam cases are sealed at the time of filing, which means knowledge of the information contained in the complaint typically is limited to the relator, the federal government, and the presiding court. The defendant in a qui tam action may remain unaware of the existence of a sealed complaint for years. While the complaint is under seal, the government reviews the merits of the case and may conduct a broad investigation and seek discovery from the defendant and other parties before deciding whether to intervene in the case and take the lead on litigating the claims. The court lifts the seal when the government makes its decision on whether to intervene. If the government decides not to intervene, the relator may elect to continue to pursue the lawsuit individually on behalf of the government. In 2019, we settled with DOJ to conclude an investigation that originated in 2013 based on the allegations made by relators. The seven-year investigation produced no evidence of falsity or fraudulent conduct. Eventually, the court overseeing the qui tam actions refused to give DOJ more time to decide whether to intervene and unsealed the cases. DOJ chose not to intervene and prosecute the matter. We settled the DOJ investigation, together with the related qui tam or "whistleblower" lawsuits, for a payment of $48 million, and we expressly denied any wrongdoing. Even when a matter is without merit, as we believe was the case with this investigation, we may still incur significant costs of defense or settlement costs or both. It is possible that other qui tam lawsuits have been filed against us, which suits remain under seal, or that we are unaware of such filings or precluded by existing law or court order from discussing or disclosing the filing of such suits. We may be subject to liability under one or more undisclosed qui tam cases brought pursuant to the FCA. The healthcare services we provide involve substantial risk of general and professional liability. Inpatient rehabilitative care involves three hours of daily intensive therapy for patients who are usually elderly and come to our hospitals with debilitating medical conditions. Our clinicians must frequently assist patients who have difficulty with mobility. We cannot predict the impact any claims arising out of the care being provided (regardless of their ultimate outcomes) could have on our business or reputation or on our ability to attract and retain patients and employees. We also cannot predict the adequacy of any reserves for such losses or recoveries from any insurance or re-insurance policies. We self-insure a substantial portion of our professional, general, and workers' compensation liability risks, which may not include risks related to regulatory fines and penalties, through our captive insurance subsidiary, as discussed further in Note 11, Self-Insured Risks, to the accompanying consolidated financial statements. Changes in the number of these liability claims and the cost to resolve them impact the reserves for these risks. A variance between our estimated and actual number of claims or average cost per claim could have a material impact, either favorable or unfavorable, on the adequacy of the reserves for these liability risks, which could have an effect on our financial position and results of operations. Additionally, we operate in states in which the litigation environment may pose a significant business risk to us. For instance, we have been involved in lawsuits, including putative class actions, brought under California's Private Attorneys General Act ("PAGA"). Under PAGA, individuals, including aggrieved employees, can bring individual or class-action claims alleging regulatory violations, including alleged violations of employment regulations. Additionally, judges and juries in California have demonstrated a willingness to grant large verdicts to plaintiffs in connection with employment and labor related cases. In 2017, the California Supreme Court held that plaintiffs bringing suit under PAGA are generally entitled to request and receive a significant amount of information from the employer early in the litigation, which creates pressure for employers to settle early to avoid substantial litigation burdens and which has resulted in a significant increase in PAGA claims in recent years.
Litigation & Legal Liabilities - Risk 2
Reimbursement claims are subject to various audits from time to time and such audits may negatively affect our operations and our cash flows from operations.
We receive a substantial portion of our revenues from the Medicare program. Medicare reimbursement claims made by healthcare providers, including inpatient rehabilitation hospitals, are subject to audit from time to time by governmental payors, such as CMS and state Medicaid programs, their agents, such as the Medicare Administrative Contractors ("MACs") that act as fiscal intermediaries for all Medicare billings and other auditors contracted by CMS, and private insurance carriers, as well as the HHS Office of Inspector General (the "HHS-OIG"). As noted above, the clarity and completeness of each patient medical file, some of which is the work product of a physician not employed by us, is essential to successfully challenging any payment denials. If the physicians working with our patients do not adequately document, among other things, their diagnoses and plans of care, our risks related to audits and payment denials in general are greater. Depending on the nature of the conduct found in such audits and whether the underlying conduct could be considered systemic, the resolution of these audits could have a material adverse effect in the aggregate on our financial position, results of operation, cash flows, and liquidity. In the context of our inpatient rehabilitation business, one of the common grounds cited for denying a claim or challenging a previously paid Medicare claim in an audit is that the patient's treatment in a hospital was not medically necessary. The medical record must support that both the documentation and coverage criteria requirements are met for the hospital stay to be considered medically necessary. Medical necessity is an assessment by an independent physician of a patient's ability to tolerate and benefit from intensive multi-disciplinary therapy provided in an IRF setting. A Medicare claim may be denied or challenged based on an opinion of the auditor that the record did not evidence medical necessity for treatment in an IRF or lacked sufficient documentation to support the conclusion. Some MACs have in the past applied and are likely in the future to apply their own unique interpretation of CMS coverage rules or impose otherwise arbitrary conditions not set out in the related rules, which has resulted and may in the future result in payment denials. In some cases, we believe the reviewing party is not merely challenging the sufficiency of the medical record but is substituting its judgment of medical necessity for that of the attending physician or imposing documentation or other requirements that are not set out in the regulations. We argue that doing so is inappropriate and has no basis in law. When the government or its contractors reject the medical judgment of physicians or impose documentation and other requirements beyond the language of the statutes and regulations, patient access to inpatient rehabilitation as well as our Medicare reimbursement from the related claims may be adversely affected. Under CMS's Targeted Probe and Educate ("TPE") program, MACs use data analysis to identify healthcare providers with high claim error rates and items and services that have high national error rates. Once a MAC selects a provider for claims review, the initial volume of claims review is limited to 20 to 40 claims. The TPE program includes up to three rounds of claims review with corresponding provider education and a subsequent period to allow for improvement. If results do not improve sufficiently after three rounds, the MAC may refer the provider to CMS for further action, which may include extrapolation of error rates to a broader universe of claims or referral to a UPIC or RAC (defined below). As of December 31, 2023, none of our hospitals have progressed beyond the third round of reviews, so it is unclear how the review process after TPE would proceed. We cannot predict whether the TPE initiative or similar probes or reviews will materially impact our reimbursement or the timeliness of collections from Medicare in the future. CMS has developed and instituted various audit programs under which CMS contracts with private companies to conduct claims and medical record audits. These audits are in addition to those conducted by existing MACs. Some contractors are paid a percentage of the overpayments recovered. One type of audit contractor, the Recovery Audit Contractors ("RACs"), receive claims data directly from MACs on a monthly or quarterly basis and are authorized to review previously paid claims. RAC audits of IRFs have focused on reviews of patient coding, medical necessity, and billing accuracy. CMS has, however, authorized RACs to conduct complex reviews of the medical records associated with IRF reimbursement claims. CMS has previously operated a demonstration project that expanded the RAC program to include prepayment review of Medicare fee-for-service claims from primarily acute-care hospitals. It is unclear whether CMS intends to conduct RAC prepayment reviews in the future and if so, what providers and claims would be the focus of those reviews. CMS has also established other types of contractors, including the Uniform Program Integrity Contractors ("UPICs") and the Supplemental Medical Review Contractor ("SMRC"). The UPICs conduct audits with a focus on potential fraud and abuse issues. Like the RACs, the UPICs conduct audits and have the ability to refer matters to the HHS-OIG or the United States Department of Justice ("DOJ"). Unlike RACs, however, UPICs do not receive a specific financial incentive based on the amount of the error. In December 2017, we received notice of a UPIC audit at one of our hospitals. The UPIC sampled 100 claims and challenged the propriety of a subset of the sample representing $1.3 million in previously paid claims. The UPIC extrapolated the alleged error rate to all claims from that hospital during a period of approximately four years, resulting in an alleged overpayment of $33.9 million. Our MAC later reduced the determination of overpayment to $30.5 million, which it collected through recoupment of current claims during 2019. We appealed the overpayment determination to an Administrative Law Judge ("ALJ"), who heard the appeal in August 2021. In October 2022, the ALJ overturned $12.5 million of the overpayment determination. We received payment of this amount, plus $3.2 million in interest, in December 2022. We have appealed the remaining $18.0 million of the overpayment determination to the next level of administrative appeal, challenging both the denials and the improper use of extrapolation. It is not possible to predict when this matter will be resolved or the ultimate outcome. The SMRC conducts nationwide medical reviews of Medicare claims to determine compliance with coverage, coding, payment, and billing requirements. During the first quarter of 2023, the SMRC initiated a review of claims from March 2020 through December 2020 totaling approximately $21 million. We have received initial results for the claims under review and, as of December 31, 2023, approximately 87% of these have been approved with approximately $3 million under appeal. Audits may lead to assertions that we have been underpaid or overpaid by Medicare or have submitted improper claims in some instances. Such assertions may require us to incur additional costs to respond to requests for records and defend the validity of payments and claims and may ultimately require us to refund any amounts determined to have been overpaid. In some circumstances auditors have the authority to extrapolate denial rationales to large pools of claims not actually audited, which could greatly increase the impact of the audit. As a result, we may suffer reduced profitability, and we may have to elect not to accept patients and conditions physicians believe can benefit from inpatient rehabilitation. We cannot predict when or how these audit programs will affect us. Our managed care, including Medicare Advantage, and other third-party payors may also, from time to time, request audits of the amounts paid, or to be paid, to us. We could be adversely affected if one or more auditing payors allege substantial overpayments were made to us due to coding errors or lack of documentation to support medical necessity determinations. Similarly, there can be no assurance that our current or future MACs will not make restrictive or otherwise incorrect interpretations of Medicare coverage rules. Because one MAC has jurisdiction over a significant number of our hospitals and our hospitals derive a substantial portion of their revenue from Medicare, the adoption of restrictive or otherwise incorrect interpretations of coverage rules by that MAC could result in a large number of payment denials and materially and adversely affect our financial position, results of operations, and cash flows.
Litigation & Legal Liabilities - Risk 3
Substantive and procedural deficiencies in the administrative appeals process associated with denied Medicare reimbursement claims could delay and reduce our reimbursement for services previously provided.
Ordinary course Medicare pre-payment denials by MACs, as well as denials resulting from post-payment audits, are subject to appeal by providers. HHS provides an initial appeal process through its ALJs. We have historically appealed a majority of our claims denials. Due to the sheer number of appeals by all Medicare providers and various administrative inefficiencies, including a shortage of judges, appeals that are required by statute to be resolved in a matter of months have in the past taken years to complete. In recent years, this protracted appeals process led to a significant backlog of appeals of denials, which a federal judge ultimately ordered HHS to resolve by the end of 2022. By December 31, 2022, substantially all of our backlog awaiting ALJ hearing had been resolved. However, there can be no assurance significant backlogs will not develop in the future in the event the rate of new claims denials exceeds the rate at which those claims are resolved in the appeal process. Providers may appeal adverse ALJ rulings to the Department Appeals Board (the "DAB"). Denials by the DAB may be appealed to United States district courts. As of December 31, 2023, we have approximately $5 million and $31 million in denied claims awaiting review at the ALJ and DAB levels, respectively. In addition, we have approximately $7 million in claims denied by the DAB pending review by United States district courts as of December 31, 2023. Changes implemented by CMS to resolve the prior appeal backlog may have harmed the ability of providers like us to recover on valid Medicare claims. The Medicare appeals adjudication process is administered by the Office of Medicare Hearings and Appeals ("OMHA"). Beginning in March 2020, OMHA increased the frequency of ALJ hearings and the number of claims set at each hearing, which we believe adds to the substantive and procedural deficiencies in the ALJ appeals process. Based on a number of factors, including prior experience in the appeals process, we record our estimates for pre-payment denials and for post-payment audit denials that will ultimately not be collected as a component of Net operating revenues. See Note 1, Summary of Significant Accounting Policies, "Net Operating Revenues," to the accompanying consolidated financial statements. In the fourth quarter of 2023, we recorded an aggregate amount of $21.9 million in additional reserves for estimated uncollectible amounts associated with claims that were part of the prior appeal backlog. The increase in reserves was driven principally by an increase in unfavorable adjudication outcomes experienced at the DAB during the second half of 2023 and largely offset the remaining net carrying value of these claims. We may experience additional decreases in Net operating revenues and decreases in cash flow as a result of greater frequency of unfavorable resolution of denials or increasing unresolved denials and the associated increasing accounts receivable, which may in turn force us to change the patients we admit and conditions we treat. Any of these impacts could have an adverse effect on our financial position, results of operations, and liquidity.
Taxation & Government Incentives1 | 3.0%
Taxation & Government Incentives - Risk 1
If the Spin Off were to fail to qualify as tax-free, including as a result of transactions in our stock or the stock of Enhabit, we could be subject to significant tax liabilities.
We received a private letter ruling from the Internal Revenue Service regarding certain U.S. federal income tax matters relating to the Spin Off and its associated transactions and an opinion of outside counsel regarding the qualification of certain elements of those transactions. Although we intend for the Spin Off to be tax-free for U.S. federal income tax purposes, there can be no assurance that the Spin Off will not trigger a tax event. Even if the Spin Off were to otherwise qualify as a tax-free transaction under Sections 355 and 368(a)(1)(D) of the Internal Revenue Code, it may result in taxable gain to us (but not our stockholders) under Section 355(e) of the Code if it is deemed to be part of a plan (or series of related transactions) pursuant to which one or more persons acquire, directly or indirectly, shares representing a 50% or greater ownership interest (by vote or value) in us or Enhabit. If the IRS were to determine that any post-Spin Off acquisitions of our stock or that of Enhabit, pursuant to such a plan (when aggregated with any pre-Spin Off acquisitions of our stock or that of Enhabit, as applicable, pursuant to such a plan) would represent a 50% or greater ownership interest therein, such determination could result in significant tax liabilities to us. Any such tax liabilities imposed on us may adversely affect an investment in our stock. Under a tax matters agreement we entered into with Enhabit in connection with the Spin Off, Enhabit is required to indemnify us for any taxes we incur resulting from the Spin Off to the extent such amounts result from certain disqualifying actions by, or acquisition of equity securities of, Enhabit. Additionally, Enhabit is generally required to indemnify us for a specified portion of any taxes we incur (a) arising as a result of the failure of the Spin Off and certain related transactions to qualify as a transaction that is generally tax-free or a failure of the Spin Off that is intended to qualify as a transaction that is generally tax-free to so qualify to the extent such amounts did not result from a disqualifying action by, or acquisition of equity securities of, Enhabit or us or (b) arising from certain audit or other adjustments to tax liabilities incurred with respect to the Spin Off that were not intended to qualify as tax-free. The amount of any such taxes for which we would be responsible may be significant, and if we were unable to obtain indemnification payments from Enhabit to which we are entitled under the tax matters agreement or other agreements entered into in connection with the Spin Off, we would incur significant losses.
Environmental / Social2 | 6.1%
Environmental / Social - Risk 1
If we are found to have violated applicable privacy and security laws and regulations or our contractual obligations, we could be subject to sanctions, fines, damages and other civil or criminal penalties, which could increase our liabilities, harm our reputation and have a material adverse effect on our business, financial position, results of operation and liquidity.
There are a number of federal, state and local laws, rules and regulations, as well as contractual obligations, relating to the protection, collection, storage, use, retention, security, disclosure, transfer and other processing of confidential, sensitive and personal information, including protected health information ("PHI"), such as patient medical records. There are also foreign laws, rules and regulations that address these matters and have extraterritorial application. We do not believe we are currently subject to these non-United States regulatory regimes but that could change in the future. Existing laws and regulations are constantly evolving, and new laws and regulations that apply to our business are being enacted at every level of government in the United States. In many cases, these laws and regulations apply not only to third-party transactions, but also to transfers of information between or among us, our affiliates and other parties with whom we conduct business. These laws and regulations may be interpreted and applied differently over time and from jurisdiction to jurisdiction, and it is possible that they will be interpreted and applied in ways that may have a material adverse effect on our business. We monitor legal developments in data privacy and security regulations at the local, state and federal level, however, the regulatory framework for data privacy and security worldwide is continuously evolving and developing and, as a result, interpretation and implementation standards and enforcement practices are likely to remain uncertain for the foreseeable future. The management of PHI is subject to several regulations at the federal level, including the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and the HITECH Act. The HIPAA privacy and security regulations protect medical records and other PHI by limiting their use and disclosure, giving individuals the right to access, amend, and seek accounting of their own health information, and limiting most uses and disclosures of health information to the minimum amount reasonably necessary to accomplish the intended purpose. The HITECH Act strengthened HIPAA enforcement provisions and authorized state attorneys general to bring civil actions for HIPAA violations. It also permits HHS to conduct audits of HIPAA compliance and impose significant civil monetary penalties even if we did not know and could not reasonably have known about a violation. If we are found to have violated the HIPAA privacy or security regulations or other federal or state laws protecting the confidentiality of patient health or personal information, including but not limited to the HITECH Act, we could be subject to litigation, sanctions, fines, damages and other civil or criminal penalties, which could increase our liabilities, harm our reputation, and have a material adverse effect on our business, financial position, results of operations and liquidity. In December 2020, HHS-OCR proposed a new rule that would modify HIPAA regulations. According to HHS-OCR, the proposed rule is intended to promote care coordination and value-based care. The proposed changes to the HIPAA rules also provide for strengthening individuals' rights to access their own health information, including electronic information; improving information sharing for care coordination and case management for individuals; facilitating greater family and caregiver involvement in the care of individuals experiencing emergencies or health crises; enhancing flexibilities for disclosures in emergency or threatening circumstances, such as the opioid and COVID-19 public health emergencies; and reducing administrative burdens on HIPAA covered healthcare providers and health plans, while continuing to protect individuals' health information privacy interests. Although one of the stated purposes of the proposed rules is to reduce healthcare providers burdens, providers would have to engage in a number of activities to come into compliance if the changes are finalized, including changing policies and procedures, changing patient privacy notices and business associate agreements and training workforce members in the new requirements. Numerous other federal and state laws protect the confidentiality, privacy, availability, integrity and security of PHI. In recent years, many states have implemented privacy laws and regulations that impose restrictive requirements regulating the use and disclosure of personally identifiable information, which may include PHI. These laws in many cases are more restrictive or impose more obligations than, and may not be preempted by, the HIPAA rules, apply to employees and business contacts as well as patients, and may be subject to new and varying interpretations by courts and government agencies, creating complex compliance issues and potentially exposing us to additional expense, adverse publicity and liability. We expect that there will continue to be new laws, regulations and industry standards concerning privacy, data protection and information security proposed and enacted in various jurisdictions. The U.S. Congress has considered, but not yet passed, several comprehensive federal data privacy bills over the past few years, such as the CONSENT Act, which was intended to be similar to the landmark 2018 European Union General Data Protection Regulation. We expect federal data privacy laws to continue to evolve. In the absence of a comprehensive federal privacy law, there is increased focus at the state and local level on regulating the collection, storage, use, retention, security, disclosure, transfer and other processing of confidential, sensitive and personal information. In recent years, we have seen significant changes to data privacy regulations across the United States. New legislation proposed or enacted will continue to shape the data privacy environment. Certain state laws may be more stringent or broader in scope, or offer greater individual rights, with respect to confidential, sensitive and personal information than federal, international or other state laws, and such laws may conflict with each other, which significantly complicates compliance efforts. In addition, all 50 U.S. states and the District of Columbia have enacted breach notification laws that may require us to notify patients, employees, third parties, regulators and the general public in the event of unauthorized access to or disclosure of personal or confidential information experienced by us or our service providers. These laws are not consistent, and compliance in the event of a widespread data breach is difficult and may be costly. Moreover, states frequently amend existing laws, requiring attention to changing regulatory requirements. We also may be contractually required to notify patients or other counterparties of a security breach. Although we have contractual protections with many of our service providers, any actual or perceived security breach could harm our reputation and brand, expose us to potential liability or require us to expend significant resources on data security and in responding to any such actual or perceived breach, including defending class action litigation. Any contractual protections we have from our service providers may not be sufficient to adequately protect us from any such liabilities and losses, and we may be unable to enforce any such contractual protections. In addition to government regulation, privacy advocates and industry groups have and may in the future propose self-regulatory standards from time to time. These and other industry standards may legally or contractually apply to us, or we may elect to comply with such standards. Complying with these various laws, rules, regulations and standards could cause us to incur substantial costs that are likely to increase over time, require us to change our business practices in a manner adverse to our business, divert resources from other initiatives and projects, and restrict the way products and services involving data are offered, all of which may have a material adverse effect on our business. Given the rapid development of cybersecurity and data privacy laws, we expect to encounter inconsistent interpretation and enforcement of these laws and regulations, as well as frequent changes to these laws and regulations which may expose us to significant penalties or liability for noncompliance, the possibility of fines, lawsuits (including class action privacy litigation), regulatory investigations, criminal or civil sanctions, audits, adverse media coverage, public censure, other claims, significant costs for remediation and damage to our reputation, or otherwise have a material adverse effect on our business and operations. Any allegations of a failure to adequately address data privacy or security-related concerns, even if unfounded, or to comply with applicable laws, regulations, standards and other obligations relating to data privacy and security, could result in additional cost and liability to us, damage our relationships with patients and business partners and have a material adverse effect on our business. We make public statements about our use and disclosure of personal information through our privacy policies, information provided on our website and press statements. Although we endeavor to comply with our public statements and documentation about patient privacy, we may at times fail to do so or be accused of having failed to do so. The publication of our privacy policies and other statements that provide promises and assurances about data privacy and security can subject us to potential government or legal action if they are found to be deceptive, unfair or misrepresentative of our actual practices. Moreover, from time to time, concerns may be expressed about whether our services or business practices compromise the privacy of patients and others. Any concerns about our data privacy and security practices, even if unfounded, could damage the reputation of our businesses, discourage potential patients from seeking our services and have a material adverse effect on our business.
Environmental / Social - Risk 2
Regulatory and other efforts to promote a transition to a lower-carbon economy may result in significant operational and financial challenges for us.
Legislators and regulators at the international, national, regional and local levels have adopted and are expected to continue to adopt legal requirements ultimately designed to reduce greenhouse gas emissions and to promote a transition to a lower-carbon economy. For instance, a number of recently enacted laws and regulations impose on companies broad climate-related disclosure requirements, such as California's suite of statutes adopted in 2023 known as the "climate accountability package," to track and report matters associated with greenhouse gas emissions, alternative energy usage, energy conservation,and the transition to a lower-carbon economy. These types of laws and regulations have proliferated in recent years and are likely to continue to do so in the future. These climate-related laws and regulations have increased our costs associated with compliance and are likely to continue to do so in the future. Additionally, the costs that other companies incur to comply with these types of laws and regulations are likely to be passed on to us, which would increase the cost of the goods and services that we purchase from vendors and suppliers. These legal requirements, as well as challenges associated with consumer, investor or lender pressure to change business models and practices, may also lead one or more of our vendors or suppliers to alter, disrupt or cease operations, which may adversely affect our operations. Furthermore, we, as well as our vendors and suppliers, may be required to adopt alternative energy sources or technology that may not yet be reliable or cost effective, which may result in disruptions to our operations. In addition to incremental costs and potential disruptions to our energy supply and broader supply chain, subsidies from the federal government to the renewable energy industry and other climate-related costs incurred by the federal government may increase the national deficit and debt, which would increase the reimbursement risks we face. See "Reimbursement Risks" above. There are numerous organizations that provide information to investors on corporate governance and related matters, which have developed rating methodologies for evaluating companies on environmental matters, such as greenhouse gas emissions. Such ratings are used by some investors to inform their investment and voting decisions. Those organizations, however, may base their ratings on assumptions regarding our business that are not accurate or otherwise lack an understanding of the inpatient rehabilitation business, such as conflating our hospitals with typically much larger and energy intensive acute-care hospitals, and their ratings may result in decreased demand for our stock or advocacy campaigns that divert management attention from our core business or, if successful, impose additional costs and burdens on us. The transition to lower greenhouse gas emissions technology; the effects of energy pricing and reliability and changes in public sentiment, regulations, governmental subsidies and deficits, taxes, public mandates or requirements; the increase in climate-related lawsuits and insurance premiums; and the implementation of more robust disaster recovery and business continuity plans are likely to increase the costs to maintain our operations and to divert management attention from our core business, either of which may have an adverse effect on our business, financial position and results of operations.
Finance & Corporate
Total Risks: 8/33 (24%)Below Sector Average
Share Price & Shareholder Rights1 | 3.0%
Share Price & Shareholder Rights - Risk 1
Quality reporting requirements could adversely affect the Medicare reimbursement we receive.
The focus on alternative payment models and value-based purchasing of healthcare services has, in turn, led to more extensive quality of care reporting requirements. In many cases, the new reporting requirements are linked to reimbursement incentives. For example, under the ACA, CMS established new quality data reporting, effective October 1, 2012, for all IRFs. A facility's failure to submit the required quality data results in a two percentage point reduction to that facility's annual market basket increase factor for payments made for discharges in the subsequent Medicare fiscal year. Hospitals began submitting quality data to CMS in October 2012. All of our hospitals have met the reporting deadlines to date resulting in no corresponding reimbursement reductions. The IMPACT Act mandated that CMS adopt several new quality reporting measures for the various post-acute provider types. The adoption of additional quality reporting measures to track and report will require additional time and expense and could affect reimbursement in the future. In healthcare generally, the burdens associated with collecting, recording, and reporting quality data are increasing. There can be no assurance all of our hospitals will meet quality reporting requirements or quality performance in the future which may result in one or more of our hospitals seeing a reduction in its Medicare reimbursements. Regardless, we, like other healthcare providers, are likely to incur additional expenses in an effort to comply with additional and changing quality reporting requirements.
Debt & Financing4 | 12.1%
Debt & Financing - Risk 1
Delays in collection or non-collection of our accounts receivable could adversely affect our business, financial position, results of operations, cash flows, and liquidity.
Reimbursement is typically conditioned on our documenting medical necessity and correctly applying diagnosis codes. Incorrect or incomplete documentation and billing information could result in non-payment for services rendered. Billing and collection of our accounts receivable are further subject to the complex regulations that govern Medicare and Medicaid reimbursement and rules imposed by nongovernment payors. Our inability to bill and collect on a timely basis pursuant to these regulations and rules could subject us to payment delays that could have a material adverse effect on our business, financial position, results of operations, cash flows, and liquidity. In addition, timing delays in billings and collections may increase our working capital burden. Working capital management, including prompt and diligent billing and collection, is an important factor in our financial position and results of operations and in maintaining liquidity. It is possible that Medicare, Medicaid, documentation support, system problems or other provider issues or industry trends, particularly with respect to newly acquired entities for which we have limited operational experience, may extend our collection period, which may materially adversely affect our working capital, and our working capital management procedures may not successfully mitigate this risk. The timing of payments made under the Medicare and Medicaid programs is subject to governmental budgetary constraints, which may result in an increased period of time between submission of claims and subsequent payment under specific programs, most notably under the Medicare and Medicaid managed care programs, which in many cases pay claims significantly slower than traditional Medicare or state Medicaid programs do as a result of more complicated authorization, billing and collecting processes that are required by Medicare and Medicaid managed care programs. In addition, we may experience delays in reimbursement as a result of the failure to receive prompt approvals related to change of ownership applications for acquired or other facilities or from delays caused by our or other third parties' information system failures. Furthermore, the proliferation of Medicare and Medicaid managed care programs could have a material adverse impact on the results of our operations as a result of more complicated authorization, billing and collection requirements implemented by such programs. A change in our estimates of collectability or a delay in collection of accounts receivable could adversely affect our results of operations and liquidity. The estimates are based on a variety of factors, including the length of time receivables are past due, significant one-time events, contractual rights, the nature of the underlying payment denials, and historical experience. In the fourth quarter of 2023, we recorded aggregate amount of $21.9 million in additional reserves for estimated uncollectible amounts associated with claims denied and appealed prior to 2023. The increase in reserves largely offset the accounts receivable associated with these claims. A delay in collecting our accounts receivable, or the non-collection of accounts receivable, including, without limitation, in connection with our transition and integration of acquired companies and the attendant movement of underlying billing and collection operations from legacy systems to future systems, could have a material negative impact on our results of operations and liquidity, and we could be required to record impairment charges on our financial statements.
Debt & Financing - Risk 2
We may not be able to engage in beneficial capital-raising or strategic transactions.
On July 1, 2022, we completed the previously announced separation of our home health and hospice business through the distribution (the "Spin Off") of all of the outstanding shares of common stock, par value $0.01 per share, of Enhabit, Inc. ("Enhabit") to the stockholders of Encompass Health. As a result of the Spin Off, Enhabit is now an independent public company and its common stock is listed under the symbol "EHAB" on the New York Stock Exchange. The Spin Off is intended to be a tax-free transaction. Under current U.S. federal income tax law, a spin off that otherwise qualifies for tax-free treatment can be rendered taxable to the parent corporation and its stockholders as a result of certain post-spin-off transactions, including certain acquisitions of shares or assets of the parent corporation. To preserve the tax-free treatment of the Spin Off, we may be limited, for a period of time, in our ability to pursue certain equity issuances, strategic transactions, repurchases, or other transactions (including certain dispositions of assets) that we may otherwise believe to be in the best interests of our stockholders or that might increase the value of our business.
Debt & Financing - Risk 3
We may make investments or complete transactions that could expose us to unforeseen risks and liabilities.
Investments, acquisitions, joint ventures or other development opportunities identified and completed may involve material cash expenditures, debt incurrence, operating losses, amortization of certain intangible assets of acquired companies, issuances of equity securities, liabilities, and expenses, some of which are unforeseen, that could materially and adversely affect our business, financial position, results of operations and liquidity. Acquisitions, investments, and joint ventures involve numerous risks, including: - limitations, including state CONs as well as anti-trust, Medicare, and other regulatory approval requirements, on our ability to complete such acquisitions, particularly those involving not-for-profit providers, on terms, timetables, and valuations reasonable to us;- limitations in obtaining financing for acquisitions at a cost reasonable to us;- difficulties integrating acquired operations, personnel, and information systems, and in realizing projected revenues, efficiencies and cost savings, or returns on invested capital;- entry into markets, businesses or services in which we may have little or no experience;- diversion of business resources or management's attention from ongoing business operations; and - exposure to undisclosed or unforeseen liabilities of acquired operations, including liabilities for failure to comply with healthcare laws and anti-trust considerations as well as risks and liabilities related to previously compromised information systems. As part of our development activities, we intend to open new, or de novo, inpatient rehabilitation hospitals. The construction of new hospitals involves numerous risks, including the receipt of all zoning and other regulatory approvals, such as a CON where necessary, construction delays and cost over-runs and unforeseen environmental liability exposure. Once built, new hospitals must undergo the state and Medicare certification process, the duration of which may be beyond our control. We may be unable to operate newly constructed hospitals as profitably as expected, and those hospitals may involve significant additional cash expenditures and operating expenses that could, in the aggregate, have an adverse effect on our business, financial position, results of operations, and cash flows.
Debt & Financing - Risk 4
We may incur additional indebtedness in the future, and that debt or the associated increased leverage may have negative consequences for our business. The restrictive covenants included in the terms of our indebtedness could affect our ability to execute aspects of our business plan successfully.
As of December 31, 2023, we have approximately $2.4 billion of long-term debt outstanding (including that portion of long-term debt classified as current and excluding $340.1 million in finance leases). See Note 10, Long-term Debt, to the accompanying consolidated financial statements. Subject to specified limitations, our credit agreement and the indentures governing our debt securities permit us and our subsidiaries to incur material additional debt. If new debt is added to our current debt levels, the risks described here could intensify. Our indebtedness could have important consequences, including: - limiting our ability to borrow additional amounts to fund working capital, capital expenditures, acquisitions, debt service requirements, execution of our business strategy and other general corporate purposes;- making us more vulnerable to adverse changes in general economic, industry and competitive conditions, in government regulation and in our business by limiting our flexibility in planning for, and making it more difficult for us to react quickly to, changing conditions;- placing us at a competitive disadvantage compared with competing providers that have less debt; and - exposing us to risks inherent in interest rate fluctuations for outstanding amounts under our credit facility, which could result in higher interest expense in the event of increases in interest rates, as discussed in Item 7A, Quantitative and Qualitative Disclosures about Market Risk. We are subject to contingent liabilities, prevailing economic conditions, and financial, business, and other factors beyond our control. Although we expect to make scheduled interest payments and principal reductions, we cannot provide assurance that changes in our business or other factors will not occur that may have the effect of preventing us from satisfying obligations under our credit agreement or debt instruments. If we are unable to generate sufficient cash flow from operations in the future to service our debt and meet our other needs or have an unanticipated cash payment obligation, we may have to refinance all or a portion of our debt, obtain additional financing or reduce expenditures or sell assets we deem necessary to our business. We cannot provide assurance these measures would be possible or any additional financing could be obtained. In addition, the terms of our credit agreement and the indentures governing our senior notes do, and our future debt instruments may, impose restrictions on us and our subsidiaries, including restrictions on our ability to, among other things, engage in acquisition and combination transactions, pay dividends on or repurchase our capital stock, engage in transactions with affiliates, or incur or guarantee indebtedness. These covenants could also adversely affect our ability to finance our future operations or capital needs and pursue available business opportunities. For additional discussion of our material debt covenants, see the "Liquidity and Capital Resources" section of Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations, and Note 10, Long-term Debt, to the accompanying consolidated financial statements. In addition, our credit agreement requires us to maintain specified financial ratios and satisfy certain financial condition tests. See the "Liquidity and Capital Resources" section of Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations, and Note 10, Long-term Debt, to the accompanying consolidated financial statements. Although we remained in compliance with the financial ratios and financial condition tests as of December 31, 2023, we cannot provide assurance we will continue to do so. Events beyond our control, including changes in general economic and business conditions, may affect our ability to meet those financial ratios and financial condition tests. A severe downturn in earnings, failure to realize anticipated earnings from acquisitions, or, if we have outstanding borrowings under our credit facility at the time, a rapid increase in interest rates could impair our ability to comply with those financial ratios and financial condition tests and we may need to obtain waivers from the required proportion of the lenders to avoid being in default. If we try to obtain a waiver or other relief from the required lenders, we may not be able to obtain it or such relief might have a material cost to us or be on terms less favorable than those in our existing debt. If a default occurs, the lenders could exercise their rights, including declaring all the funds borrowed (together with accrued and unpaid interest) to be immediately due and payable, terminating their commitments or instituting foreclosure proceedings against our assets, which, in turn, could cause the default and acceleration of the maturity of our other indebtedness. A breach of any other restrictive covenants contained in our credit agreement or the indentures governing our senior notes would also (after giving effect to applicable grace periods, if any) result in an event of default with the same outcome. As of December 31, 2023, approximately 67% of our consolidated Property and equipment, net was held by our Company and its guarantor subsidiaries under its credit agreement. See Note 10, Long-term Debt, to the accompanying consolidated financial statements, the "Liquidity and Capital Resources" section of Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations, and Item 2, Properties.
Corporate Activity and Growth3 | 9.1%
Corporate Activity and Growth - Risk 1
We may not be able to successfully integrate acquisitions or realize the anticipated benefits of any acquisitions.
We may undertake strategic acquisitions from time to time. Prior to consummation of any acquisition, the acquired business will have operated independently of us, with its own procedures, corporate culture, locations, employees and systems. We expect to integrate acquired businesses into our existing business utilizing certain common information systems, operating procedures, administrative functions, financial and internal controls and human resources practices to the extent practicable. There may be substantial difficulties, costs and delays involved in the integration of an acquired business with our business. Additionally, an acquisition could cause disruption to our business and operations and our relationships with customers, employees and other parties. In some cases, the acquired business has itself grown through acquisitions, and there may be legacy systems, operating policies and procedures, and financial and administrative practices yet to be fully integrated. To the extent we are attempting to integrate multiple businesses at the same time, we may not be able to do so as efficiently or effectively as we initially anticipate. The failure to successfully integrate on a timely basis any acquired business with our existing business could have an adverse effect on our business, financial position, results of operations, and cash flows. We anticipate our acquisitions will result in benefits including, among other things, increased revenues. However, acquired businesses may not contribute to our revenues or earnings to the extent anticipated, and any synergies we expect may not be realized after the acquisitions have been completed. If the acquired businesses underperform and any underperformance is other than temporary, we may be required to take an impairment charge. Failure to achieve the anticipated benefits could result in the diversion of management's time and energy and could have an adverse effect on our business, financial position, results of operations, and cash flows.
Corporate Activity and Growth - Risk 2
We may have difficulty completing joint ventures, investments and transactions that increase our capacity consistent with our growth strategy.
We may selectively pursue strategic acquisitions of, and we frequently pursue joint ventures with, other healthcare providers. We may face limitations on our ability to identify sufficient joint venture, acquisition or other development targets and to complete those transactions to meet goals. In the inpatient rehabilitation industry, the costs of constructing new hospitals are increasing faster than reimbursement rates and the general inflation rate. In many states, the need to obtain governmental approvals, such as a CON or an approval of a change in ownership, may represent a significant obstacle to completing transactions. Additionally, in states with CON laws, it is not unusual for third-party providers to challenge the initial awards of CONs, the increase in the number of approved beds in an existing CON, or the expansion of the area served, and the adjudication of those challenges and related appeals may take many years. Changes in federal laws or regulations may also materially adversely impact our ability to acquire hospitals or open de novo hospitals. Under the Biden administration, DOJ has announced its intention to be much more aggressive in challenging mergers and acquisitions it believes present anti-trust concerns. In a speech in January 2022, the head of DOJ's anti-trust enforcement stated that negotiated settlements are frequently inadequate remedies and that DOJ needs to be more aggressive in its litigation to block business combinations. He also stated that litigation is preferable to settlements because it represents a chance to extend legal precedent for what constitutes unlawful anticompetitive activity. Increased DOJ enforcement of antitrust laws will likely increase the time, effort and expense associated with acquisitions and may ultimately make it less likely to consummate acquisitions. These factors and others may delay, or increase the cost to us associated with, any acquisition or de novo development or prevent us from completing one or more acquisitions or de novo developments.
Corporate Activity and Growth - Risk 3
Acute-care hospitals that participate in joint ventures with us may experience operational or financial challenges that, in turn, affect our joint venture inpatient rehabilitation hospitals.
We currently have 63 inpatient rehabilitation hospitals that are owned and operated as joint ventures with acute-care hospitals. In substantially all of these joint ventures, our co-owners are nonprofit hospitals or health systems. The healthcare provider operating environment has become increasingly challenging in recent years because of inflationary pressures, (particularly labor costs), reimbursement pressures, tight credit markets with increasing interest rates, and other operational challenges such as clinical staffing shortages and shifts of some types of care delivery away from the acute-care setting. The continuation of some or all of these conditions together with general weakening economic conditions and increasing federal and state limitations on strategic combinations could subject our joint venture partners to significant operational and financial pressures. The financial and operational strength, access to credit, and general liquidity of a joint venture partner may affect the growth or performance for the associated inpatient rehabilitation hospital, and in a few instances in the past has done so. Our joint venture partners may be, and in the past some have been, unable or unwilling, at the time of our request, to make capital contributions to fund their proportional shares of operating or capital expenditures that we believe are in the best interest of the joint ventures. The delay or inability of a joint venture to undertake a funding expenditure could affect the growth or performance of that hospital. Should a joint venture partner close its acute-care hospital operating in the market with the joint venture inpatient rehabilitation hospital, we would likely suffer a significant referral disruption or decrease in that market, particularly in smaller markets where the acute-care hospital that is closing is the primary or only hospital. We have a small number of inpatient rehabilitation hospitals that are located within our joint venture partner's acute-care hospital. In January 2024, we received notice that one of our joint venture partners intends to close its acute-care hospital in which the joint venture inpatient rehabilitation hospital is located. We closed that joint venture hospital in February and expect to incur a one-time charge of approximately $2-4 million, net of tax and noncontrolling interest, in the first quarter of 2024. Any of these occurrences or similar occurrences affecting a number of our joint ventures could, in the aggregate, have a material adverse impact on our business and consolidated financial condition, results of operations, and cash flows.
Ability to Sell
Total Risks: 7/33 (21%)Above Sector Average
Competition1 | 3.0%
Competition - Risk 1
We face intense competition for patients from other healthcare providers.
We operate in the competitive, fragmented inpatient rehabilitation industry. Although we are the nation's largest owner and operator of inpatient rehabilitation hospitals in terms of patients treated, revenues, and number of hospitals, in any particular market we may encounter competition from local or national entities with longer operating histories or other competitive advantages. For example, acute-care hospitals, including those owned and operated by large public companies, may choose to expand or begin offering post-acute rehabilitation services. Given that approximately 91% of our hospitals' admissions come from acute-care hospitals, that increase in competition could materially and adversely affect our admission referrals in the related markets. There are also large acute-care systems that may have more resources available to compete than we have. Other providers of post-acute care services may attempt to become competitors in the future. For example, nursing homes frequently market themselves as offering certain rehabilitation services, even though nursing homes are not required to offer the same level of care, and are not licensed, as hospitals. Competing companies may offer newer or different services from those we offer or have better relationships with referring physicians and may thereby attract patients who are presently, or would be candidates for, receiving our inpatient rehabilitation services. The other public companies and large health insurance companies expanding into post-acute care have or may obtain significantly greater marketing and financial resources or other advantages of scale than we have or may obtain. Other companies, including hospitals and other healthcare organizations that are not currently providing competing services, may expand their services to include inpatient rehabilitation services. There can be no assurance this competition, or other competition which we may encounter in the future, will not adversely affect our business, financial position, results of operations, or cash flows. In addition, from time to time, there are efforts in states with certificate of need ("CON") laws to weaken those laws, which could potentially increase competition in those states. For example, in 2023, South Carolina enacted legislation to repeal CON regulations for several provider types, including IRFs. Conversely, competition and statutory procedural requirements in some CON states may inhibit our ability to expand our operations in those states. For a breakdown of the CON status of the states and territories in which we have operations, see Item 2, Properties.
Sales & Marketing6 | 18.2%
Sales & Marketing - Risk 1
If we are unable to provide a consistently high quality of care, our business will be adversely impacted.
Providing quality patient care is fundamental to our business. We believe hospitals, physicians and other referral sources refer patients to us in large part because of our reputation for delivering quality care. Clinical quality is becoming increasingly important within our industry. Effective October 2012, Medicare began to impose a financial penalty upon acute-care hospitals that have excessive rates of patient readmissions within 30 days from hospital discharge. We believe this regulation provides a competitive advantage to post-acute providers who can differentiate themselves based upon quality, particularly by achieving low acute-care hospital readmission rates and by implementing disease management programs designed to be responsive to the needs of patients served by referring hospitals. If we should fail to attain our goals regarding acute-care hospital readmission rates and other quality metrics, we expect our ability to generate referrals would be adversely impacted, which could have a material adverse effect upon our business and consolidated financial condition, results of operations, and cash flows.
Sales & Marketing - Risk 2
If we are unable to maintain or develop relationships with patient referral sources, our growth and profitability could be adversely affected.
Our success depends in large part on referrals from physicians, hospitals, case managers and other patient referral sources in the communities we serve. By law, referral sources cannot be contractually obligated to refer patients to any specific provider. However, there can be no assurance that individuals will not attempt to steer patients to competing post-acute providers or otherwise limit our access to potential referrals. The establishment of joint ventures or networks between referral sources, such as acute-care hospitals, and other post-acute providers may hinder patient referrals to us. The growing emphasis on integrated care delivery across the healthcare continuum increases that risk. Our growth and profitability depend on our ability to establish and maintain close working relationships with patient referral sources and to increase awareness and acceptance of the benefits of inpatient rehabilitation care by our referral sources and their patients. We cannot provide assurance that we will be able to maintain our existing referral source relationships or that we will be able to develop and maintain new relationships in existing or new markets. Our loss of, or failure to maintain, existing relationships, including because of closures of referral sources in concentrated markets, or our failure to develop new relationships could adversely affect our ability to grow our business and operate profitably.
Sales & Marketing - Risk 3
Reductions or changes in reimbursement from government or third-party payors could adversely affect our Net operating revenues and other operating results.
We derive a substantial portion of our Net operating revenues from the Medicare program. See Item 1, Business, "Sources of Revenues," for a table identifying the sources and relative payor mix of our revenues. In addition to many ordinary course reimbursement rate changes that The Centers for Medicare & Medicaid Services ("CMS") of the U.S. Department of Health and Human Services ("HHS") adopts each year as part of its annual rulemaking process for various healthcare provider categories, Congress and some state legislatures have periodically proposed significant changes in laws and regulations governing the healthcare system. Many of these changes have resulted in limitations on the increases in and, in some cases, significant roll-backs or reductions in the levels of payments to healthcare providers for services under many government reimbursement programs. There can be no assurance that future governmental initiatives will not result in reimbursement freezes and reductions, or reimbursement increases that are less than the increases we experience in our costs of operation. In March 2010, President Obama signed into law the Patient Protection and Affordable Care Act of 2010 (the "ACA") as a significant healthcare reform. Many provisions within the ACA have impacted or could in the future impact our business, including Medicare reimbursement reductions and promotion of alternative payment models, such as accountable care organizations ("ACOs") and bundled payment initiatives. The nature and substance of state and federal healthcare laws are subject to change, by means of both broad base healthcare reform legislation, like the ACA, and targeted legislative and regulatory action. Any future legislative and regulatory changes may impact the provisions of the ACA discussed below or other laws or regulations that either currently affect, or may in the future affect, our business. For Medicare providers like us, these laws include reductions in CMS's annual adjustments to Medicare reimbursement rates, commonly known as a "market basket update." In accordance with Medicare laws and statutes, CMS makes market basket updates by provider type in an effort to compensate providers for rising operating costs. The ACA required reductions, the last of which ended in 2019, in the annual market basket updates for hospital providers ranging from 10 to 75 basis points. In addition, the ACA requires the market basket updates for hospital providers to be reduced by a productivity adjustment on an annual basis. The productivity adjustment equals the trailing 10-year average of changes in annual economy-wide private nonfarm business multi-factor productivity. To date, the productivity adjustments have typically resulted in decreases to the market basket updates ranging from 30 to 100 basis points. Other federal legislation can also have a significant impact on our Medicare reimbursement. On August 2, 2011, President Obama signed into law the Budget Control Act of 2011, which provided for an automatic 2% reduction of Medicare program payments. This automatic reduction, known as "sequestration," began affecting payments received after April 1, 2013. Under current law, for each year through mid-fiscal year 2032, the reimbursement we receive from Medicare, after first taking into account all annual payment adjustments including the market basket update, will be reduced by sequestration unless it is repealed or modified before then. In response to the public health emergency associated with the COVID-19 pandemic, Congress and the President suspended sequestration from May 1, 2020 through March 31, 2022. Additional Medicare payment reductions are also possible under the Statutory Pay-As-You-Go Act of 2010 ("Statutory PAYGO"). Statutory PAYGO requires, among other things, that mandatory spending and revenue legislation not increase the federal budget deficit over a 5- or 10-year period. If the Office of Management and Budget (the "OMB") finds there is a deficit in the federal budget, Statutory PAYGO requires OMB to order sequestration of Medicare. In March 2021, President Biden signed the American Rescue Plan Act of 2021 (the "American Rescue Plan Act"). The Congressional Budget Office estimated that the American Rescue Plan Act would result in budget deficits necessitating a 4% reduction in Medicare program payments for 2022 under the Statutory PAYGO, but subsequent legislation enacted by Congress suspended until 2025 the Statutory PAYGO reductions that would have gone into effect. Additionally, concerns held by federal policymakers about the federal deficit, national debt levels, or healthcare spending specifically, including solvency of the Medicare trust fund, could result in enactment of further federal spending reductions, further entitlement reform legislation affecting the Medicare program, and further reductions to provider payments. In October 2014, President Obama signed into law the Improving Medicare Post-Acute Care Transformation Act of 2014 (the "IMPACT Act"). The IMPACT Act directs HHS, in consultation with healthcare stakeholders, to implement standardized data collection processes for post-acute quality and outcome measures. Although the IMPACT Act does not specifically call for the implementation of a new post-acute payment system, we believe this act lays the foundation for possible future post-acute payment policies that would be based on patients' medical conditions and other clinical factors rather than the setting where the care is provided, also referred to as "site neutral" reimbursement. CMS has begun changing current post-acute payment systems to improve comparability of patient assessment data and clinical characteristics across settings, which could make it easier to create a unified payment system in the future. For example, CMS recently established new case-mix classification models for both home health and skilled nursing facilities which rely on patient characteristics rather than the amount of therapy received to determine payments. Another example is CMS's implementation of the new patient assessment measures for IRFs discussed below. The IMPACT Act also created additional data reporting requirements for our hospitals in the domains of functional and cognitive status, skin integrity, medication reconciliation, incidence of major falls, and transfer of health information. The precise details of these new reporting requirements, including timing and content, were developed and implemented by CMS through the regulatory process over several years, and CMS may continue to make changes to these quality measures and standardized patient assessment data elements in the future. We cannot quantify the potential effects of the IMPACT Act on us. Each year, the Medicare Payment Advisory Commission ("MedPAC"), an independent agency, advises Congress on issues affecting Medicare and makes payment policy recommendations to Congress for a variety of Medicare payment systems including, among others, the inpatient rehabilitation facility prospective payment system (the "IRF-PPS"). MedPAC also provides comments to CMS on proposed rules, including the prospective payment system rules. Neither Congress nor CMS is obligated to adopt MedPAC recommendations, and, based on outcomes in previous years, there can be no assurance MedPAC's recommendations will be adopted in a given year. However, MedPAC's recommendations have, and could in the future, become the basis for legislative or regulatory action. In connection with CMS's final rulemaking for the IRF-PPS in each year since 2008, MedPAC has recommended either no updates to payments or reductions to payments. For example, in its March 2023 report to Congress, MedPAC recommended, among other things, legislative changes to reduce by 3% the base payment rate under IRF-PPS. MedPAC has also previously called on the HHS Secretary to conduct focused medical record reviews on IRFs. In a June 2018 report mandated by the IMPACT Act, MedPAC reiterated its recommendation that Congress adopt a unified payment system for all post-acute care (a "PAC-PPS") in lieu of separate systems for inpatient rehabilitation facilities ("IRFs"), skilled nursing facilities, long-term acute-care hospitals, and home health agencies. A PAC-PPS would rely on "site neutral" reimbursement based on patients' medical conditions and other clinical factors rather than the care settings. MedPAC found a PAC-PPS to be feasible and desirable but also suggested many existing regulatory requirements, including, for IRFs, the 60% rule discussed below and the requirement for a minimum of three hours of therapy per day, should be waived or modified as part of implementing a PAC-PPS. MedPAC previously estimated, although we cannot verify the methodology or the accuracy of that estimate, a PAC-PPS would result in a 15% reduction in IRF reimbursements. As a precursor to a PAC-PPS, MedPAC discussed in November 2017 a potential recommendation to change the case-mix weights in each post-acute setting for 2019 and 2020 to a blend of the current setting specific weight and the proposed PAC-PPS weight, which MedPAC suggested would shift money from for-profit and freestanding IRFs to non-profit and hospital-based IRFs. MedPAC has also called for aligning Medicare regulatory requirements across post-acute providers, although the agency has acknowledged it could take years to complete this effort. MedPAC issued another report on the PAC-PPS in June 2023. In that report, MedPAC concluded the design of a PAC-PPS is "relatively straight-forward" but noted "developing companion policies could take many years; implementing them would be complex and possibly controversial." Additionally, MedPAC previously has suggested that Medicare should ultimately move from fee-for-service reimbursement to more integrated payment models. We cannot predict what alternative or additional deficit reduction initiatives, Medicare payment reductions, or post-acute care reforms, if any, will be adopted or enacted into law, or the timing or effect of any initiatives or reductions. Those initiatives or reductions would be in addition to many ordinary course reimbursement rate changes that CMS adopts each year as part of the market basket update rulemaking process for various provider categories. While we do not expect the drive toward integrated payment models, value-based purchasing, and post-acute site neutrality in Medicare reimbursement to subside, there will almost certainly be new or alternative healthcare reforms in the future which may change these initiatives and other healthcare laws and regulations. We cannot predict the nature or timing of any changes to the laws or regulations that either currently affect, or may in the future affect, our business. There can be no assurance future governmental action will not result in substantial changes to, or material reductions in, our reimbursements. Similarly, we may experience material increases in our operating costs. For example, in 2022 and 2023, our wage and benefit costs increased at a rate in excess of our aggregate Medicare reimbursement rate increases. In any given year, the net effect of statutory and regulatory changes may result in a decrease in our reimbursement rate, and that decrease may occur at a time when our expenses are increasing. As a result, there could be a material adverse effect on our business, financial position, results of operations, and cash flows. For additional discussion of how we are reimbursed by Medicare, see Item 1, Business, "Regulatory and Reimbursement Challenges" and "Sources of Revenues-Medicare Reimbursement." In addition, there are increasing pressures from managed care, including Medicare Advantage, and other third-party payors to control healthcare costs and to reduce or limit increases in reimbursement rates for medical services. For example, each year, CMS adopts updates to the payments to, and the payment policies for, Medicare Advantage payors, and those updates may result in a net decrease in payments to those payors. Our relationships with managed care and nongovernmental third-party payors, such as health maintenance organizations and preferred provider organizations, are generally governed by negotiated agreements. These agreements set forth the amounts we are entitled to receive for our services. Our Net operating revenues and our ability to grow our business with these payors could be adversely affected if we are unable to negotiate and maintain favorable agreements with these payors.
Sales & Marketing - Risk 4
Changes in our payor mix or the acuity of our patients could adversely affect our Net operating revenues or our profitability.
Many factors affect reimbursement rates for our services and, in turn, our revenues. These factors include the treating facility's urban or rural status, the length of stay, the payor and its applicable rate of reimbursement, and the patient's medical condition and impairment status (acuity). The reimbursement rates we receive from traditional Medicare fee-for-service are generally higher than those received from other payors, although the difference between traditional Medicare and Medicare Advantage payments for inpatient rehabilitation care has decreased in the last several years. Over the same period, we have seen a shift in the payor mix from traditional Medicare to Medicare Advantage and other managed care providers. Not only do Medicare Advantage and managed care payors generally pay us less, but we would expect bad debt to be higher for patients covered by Medicare Advantage and managed care as patients typically retain more payment responsibility under those arrangements. Additionally, the rate at which Medicare Advantage referrals are converted to admissions is lower than the rate for traditional Medicare. We have also experienced a shift in recent years to a slightly larger percentage of Medicaid patients, driven in part by the expansion of coverage consistent with the intent of the ACA and the expansion of coverage resulting from regulatory actions during the COVID-19 public health emergency. Medicaid reimbursement rates are almost always the lowest among those of our payors, and frequently Medicaid patients come to us with other complicating conditions that make treatment more difficult and costly. We cannot predict the growth of, or changes to, Medicaid, but President Biden has stated that he favors extending public health insurance coverage to low income individuals currently ineligible for Medicaid. We could also experience a shift to a lower average patient acuity which typically results in lower reimbursement rates regardless of the payor. Both a shift in our payor mix away from Medicare fee-for-service and a shift to a lower patient acuity would likely adversely affect reimbursement. See the "Results of Operations-Net Operating Revenues" section of Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations. We cannot predict the extent to which our payor mix may shift to lower reimbursement rate payors. We have in recent years experienced, and in the future may, experience shifts in our payor mix or the acuity of our patients that could adversely affect our reimbursement, Net operating revenues, and profitability.
Sales & Marketing - Risk 5
Efforts to reduce payments to healthcare providers undertaken by third-party payors, conveners, and referral sources could adversely affect our revenues and profitability.
Health insurers and managed care companies, including Medicare Advantage plans, may utilize certain third parties, known as conveners, to attempt to control costs. Conveners offer patient placement and care transition services to those payors as well as bundled payment participants, ACOs, and other healthcare providers with the intent of managing post-acute utilization and associated costs. Conveners may influence referral source decisions on which post-acute setting to recommend, as well as how long to remain in a particular setting. Given their focus on perceived financial savings, conveners customarily suggest that patients avoid higher acuity post-acute settings altogether or move as soon as practicable to lower acuity settings as those settings are reimbursed at lower rates due to the lower level of care they are required to provide. Conveners are not healthcare providers and may suggest a post-acute setting or duration of care that may not be appropriate from a clinical perspective potentially resulting in worse patient outcomes and costly acute-care hospital readmissions. We also depend on referrals from physicians, acute-care hospitals, and other healthcare providers in the communities we serve. As a result of various alternative payment models, many referral sources are becoming increasingly focused on reducing post-acute costs by eliminating post-acute care referrals or referring patients to perceived low-cost post-acute settings rather than rehabilitation hospitals, sometimes without understanding the potential impact on patient outcomes over an entire episode of care. Our ability to attract patients could be adversely affected if any of our hospitals fail to provide or maintain a reputation for providing high-quality care on a cost-effective basis as compared to other providers.
Sales & Marketing - Risk 6
The ongoing evolution of the healthcare delivery system, including alternative payment models and value-based purchasing initiatives, in the United States may significantly affect our business and results of operations.
The healthcare industry in general is facing regulatory uncertainty around attempts to improve outcomes and reduce costs, including coordinated care and integrated payment models. In an integrated payment model, hospitals, physicians, and other care providers are reimbursed in a fashion meant to encourage coordinated healthcare on a more efficient, patient-centered basis. These providers are then paid based on the overall value and quality (as determined by outcomes) of the services they provide to a patient rather than the number and nature of services they provide. While this is consistent with our goal and proven track record of being a high-quality, cost-effective provider, broad-based implementation of a new payment model would represent a significant evolution or transformation of the healthcare industry, which may have a significant impact on our business and results of operations. In recent years, HHS has been studying the feasibility of bundling, including conducting a voluntary, multi-year bundling pilot program to test and evaluate alternative payment methodologies. CMS' voluntary Bundled Payments for Care Improvement Advanced ("BPCI Advanced") initiative began October 1, 2018, runs through December 31, 2025, and covers 29 types of inpatient, three types of outpatient clinical episodes, and two multi-setting clinical episodes, including stroke and hip fracture. Providers participating in BPCI Advanced are subject to a semi-annual reconciliation process where CMS compares the aggregate Medicare expenditures for all items and services included in a clinical episode against the target price for that type of episode to determine whether the participant is eligible to receive a portion of the savings, or is required to repay a portion of the payment above target. Accordingly, reimbursement may be increased or decreased, compared to what would otherwise be due, based on whether the total Medicare expenditures and patient outcomes meet, exceed or fall short of the targets. Similarly, CMS has established per the ACA several separate ACO programs, the largest of which is the Medicare Shared Savings Program ("MSSP"), a voluntary ACO program in which hospitals, physicians, and other care providers pursue the delivery of coordinated healthcare on a more efficient, patient-centered basis. Conceptually, ACOs receive a portion of any savings generated above a certain threshold from care coordination as long as benchmarks for the quality of care are maintained. Under the MSSP, there are two ACO tracks from which participants can choose. Each track offers a different degree to which participants share any savings realized or any obligation to repay losses suffered. The ACO rules adopted by CMS are extremely complex and remain subject to further refinement by CMS. Based on CMS data, the number of MSSP ACOs for 2024 is the same as it was in 2017. We continue to evaluate, on a case-by-case basis, appropriate BPCI Advanced and ACO participation opportunities for our hospitals. We are party to 30 participation or preferred provider agreements in connection with these alternative payment models. The associated hospitals have treated only a limited number of patients under these alternative payment models to date. On November 16, 2015, CMS published its final rule establishing the Comprehensive Care for Joint Replacement ("CJR") payment model, which holds acute-care hospitals accountable for the quality of care they deliver to Medicare fee-for-service beneficiaries for lower extremity joint replacements (i.e., knees and hips) from surgery through recovery. The CJR originally was mandatory for the acute-care hospitals in the 67 geographic areas covered. On November 30, 2017, CMS issued a final rule making the CJR voluntary in 33 of those areas. The CJR model's original five-year term ended in December 2020, but CMS extended the model through 2024 for most providers in the 34 geographic areas with mandatory participation. Under CJR, healthcare providers in the mandatory participation areas are paid under existing Medicare payment systems. However, CMS holds the acute-care hospital where a joint replacement takes place accountable for the quality and costs of care for the entire episode of care - from the time of the original admission through 90 days after discharge. Depending on the quality and cost performance during the entire episode, the acute-care hospital may receive an additional payment or be required to repay Medicare a portion of the episode costs. As a result, CMS believes acute-care hospitals are incented to work with physicians and post-acute care providers to ensure beneficiaries receive the coordinated care they need in an efficient manner. Acute-care hospitals participating in the CJR model may enter into risk-sharing financial arrangements with post-acute providers, including IRFs. CJR has not had a material impact on our hospitals. HHS and CMS continue to explore ways to encourage and facilitate increased participation in alternative payment models and value-based purchasing initiatives. For example, the HHS-OIG and CMS finalized rules in 2020 modernizing the Anti-Kickback Statute and Stark law to, in part, promote a more coordinated, value-based system of care. The bundling and ACO initiatives have served as motivating factors for regulators and healthcare industry participants to identify and implement workable coordinated care and integrated payment models. Broad-based implementation of a new payment model would represent a significant transformation for us and the healthcare industry generally. The nature and timing of the evolution or transformation of the current healthcare system to coordinated care delivery and integrated payment models and value-based purchasing remain uncertain. The development of new delivery and payment systems will almost certainly take significant time and expense. Many of the alternative approaches, including those discussed above, being explored may not work or could change substantially prior to any nationwide implementations. While only a small percentage of our business currently is or is anticipated to be subject to the alternative payment models discussed above, we cannot be certain these models will not be expanded or made standard or new models will not be implemented broadly. Additionally, as the number and types of bundling, direct contracting, and ACO models increase, the number of Medicare beneficiaries who are treated in one of the models increases. Our willingness or inability to participate in integrated payment and other alternative payment models and the referral patterns of other providers participating in those models may limit our access to Medicare patients who would benefit from treatment in inpatient rehabilitation hospitals. In an attempt to reduce costs, ACOs may seek to discourage referrals to post-acute care all together. To the extent that acute-care hospitals participating in those models do not perceive our quality of care or cost efficiency favorably compared to alternative post-acute providers, we may experience a decrease in volumes and Net operating revenues, which could adversely affect our financial position, results of operations, and cash flows. For further discussion of coordinated care and integrated payment models and value-based purchasing initiatives, the associated challenges, and our efforts to respond to them, see the "Executive Overview-Key Challenges-Changes in Medicare Reimbursement and Regulatory Requirements for Operating IRFs" section of Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations.
Production
Total Risks: 2/33 (6%)Below Sector Average
Employment / Personnel1 | 3.0%
Employment / Personnel - Risk 1
Competition for staffing, shortages of qualified personnel, union activity or other factors may increase our staffing costs and reduce profitability.
Our operations are dependent on the efforts, abilities, and experience of our medical personnel, such as physical therapists, occupational therapists, speech pathologists, nurses, and other healthcare professionals. We compete with other healthcare providers in recruiting and retaining qualified personnel responsible for the daily operations of each of our locations. The lack of availability of clinical personnel is a significant operating issue facing healthcare providers. The operating conditions associated with the COVID-19 pandemic significantly affected the availability and turnover of clinical staff and, in turn, increased staffing costs. It has been widely reported that the challenging working conditions in healthcare associated with the COVID-19 pandemic have led to prevalent job dissatisfaction among clinicians. Availability of clinical staff, elevated turnover and staffing costs continue to be a challenge for us and other healthcare providers. The availability of staff may be exacerbated if immigration is significantly limited in the future. Staffing shortages or retention concerns in one or more markets in which we operate have required and may again require us to enhance wages and benefits to recruit and retain qualified personnel or to contract for more expensive temporary personnel. We also depend on the available labor pool of semi-skilled and unskilled employees in each of the markets in which we operate. If our staffing costs increase, we may not experience reimbursement rate or pricing increases to offset these additional costs. Because a significant percentage of our revenues consists of fixed, prospective payments, our ability to pass along increased staffing costs is limited. In particular, if staffing costs rise at an annual rate greater than our net annual market basket update from Medicare, as occurred in 2022 and 2023, or we experience a significant shift in our payor mix to lower rate payors such as Medicaid, our results of operations and cash flows will be adversely affected. Conversely, decreases in reimbursement revenues, such as with sequestration, may limit our ability to increase compensation or benefits to the extent necessary to retain key employees, in turn increasing our turnover and associated costs. Union activity is another factor that may contribute to increased staffing costs. We currently have a minimal number of union employees, so an increase in labor union activity could have a significant impact on our staffing costs. Our failure to recruit and retain qualified clinical personnel, or to control our staffing costs, could have a material adverse effect on our business, financial position, results of operations, and cash flows.
Supply Chain1 | 3.0%
Supply Chain - Risk 1
The failure of our business partners and vendors to maintain the proper function, availability, or security of their information systems or to protect against unauthorized access could have a material adverse effect on our business, financial position, results of operations, and cash flows.
Our business involves sharing of protected health information and other sensitive information among employees and with third-parties, including acute-care hospitals, which are typically referral sources, healthcare service and information vendors, and the federal government, our primary payor. In fact, federal laws and regulations require interoperability among healthcare entities in many circumstances. The use by our employees and healthcare partners of portable devices to facilitate patient care increases the risk of loss, theft or inadvertent disclosure of that information. A compromise of the network security measures or other controls of those businesses, vendors, or governmental agencies and their contractors with whom we interact, including our direct and indirect cloud service providers and CMS, which results in confidential information being accessed, obtained, damaged or used by unauthorized persons, or unavailability of systems necessary to the operation of our business, could impact patient care, claims billing and collection, harm our reputation, and expose us to significant remedial costs as well as regulatory actions (fines and penalties) and claims from patients, financial institutions, regulatory and law enforcement agencies, and other persons, any of which could have a material adverse effect on our business, financial position, results of operations and cash flows. ACE-IT, our enterprise-level clinical information system, is subject to a licensing, implementation, technology hosting, and support agreement with Oracle Cerner Corporation. In addition, we have a number of partners and non-software vendors with whom we share data in order to provide patient care and otherwise operate our business. Our inability, or the inability of our partners or vendors, to continue to secure, maintain and upgrade information systems, software, and hardware could disrupt or reduce the efficiency of our operations, including affecting patient care. On February 21, 2024, Change Healthcare, a subsidiary of UnitedHealth Group that acts as an intermediary for processing of our payment claims for all payors, notified us of a cybersecurity incident affecting some of its systems. To date, we have not identified any compromise or unauthorized access of our systems or networks. The Change Healthcare incident has not affected our operations, except the submission of payment claims. In the event the Change Healthcare service is not restored in a timely fashion, we may experience payment collection delays as we turn to alternative channels to submit claims. For additional discussion of potential impacts from the Change Healthcare incident, see the "Liquidity and Capital Resources" section of Item 7, Management's Discussion and Analysis of Financial Condition and Results of Operations. A security breach or other system failure involving Oracle Cerner, Change Healthcare, or another third-party with whom we share data or system connectivity could compromise our patient data or proprietary information or disrupt our ability to operate, including submitting claims for payment, any of which could have a material adverse effect on our business, financial position, results of operations and cash flows.
Macro & Political
Total Risks: 2/33 (6%)Above Sector Average
Natural and Human Disruptions1 | 3.0%
Natural and Human Disruptions - Risk 1
We may be more vulnerable to the effects of a public health emergency than other businesses due to the nature of our patients, and a regional or global socio-political, weather or other catastrophic event could severely disrupt our business.
A public health emergency can significantly affect healthcare providers because of the direct impacts on patients, capacity to accept patients, employees, necessary supplies to treat patients, and regulatory requirements related to the emergency. The COVID-19 pandemic and actions taken by local, state and federal authorities in response to the pandemic significantly affected our operations, business and financial condition. Future outbreaks of contagious diseases and associated governmental actions could adversely affect our operations, business and financial condition, including potentially our liquidity, particularly if the provision of healthcare services and the supplies for those services are disrupted for a lengthy period of time. The impact on our operations and financial performance depends on numerous factors, including the rate of spread, duration and geographic coverage of an outbreak; the rate and extent to which the disease mutates and the severity of the symptoms of the disease; the status of testing capabilities; the rates of vaccination and therapeutic remedies for the disease and any variant strains; the legal, regulatory and administrative developments related to the pandemic at federal, state, and local levels, such as vaccine mandates, anti-mandate laws and orders, shelter-in-place orders, facility closures and quarantines; and the infectious disease prevention and control efforts of the Company, governments and third parties. The majority of our patients are elderly individuals with complex medical challenges, many of whom may be more vulnerable than the general public during a contagious disease outbreak or other public health catastrophe. Our employees are also at greater risk of contracting contagious diseases due to their increased exposure to vulnerable patients. For example, if another pandemic were to occur, we could suffer significant losses to our consumer population or a reduction in the availability of our employees and, at a high cost, be required to replace affected workers. Local, regional or national governments might limit or ban public interactions to halt or delay the spread of diseases causing business disruptions and the temporary suspension of our services. Accordingly, certain public health catastrophes could have a material adverse effect on our financial condition and results of operations. Other unforeseen events, including acts of violence, war, terrorism and other international, regional or local instability or conflicts (including labor issues), embargoes, short-term and long-term weather-related events, natural disasters such as earthquakes and floods, whether occurring in the United States or abroad, could restrict or disrupt our operations and negatively affect our results of operations and cash flows. This risk is more acute in regions where we have a large number of hospitals, such as Texas and Florida. For a list of the states in which we have hospital locations, see Item 2, Properties.
Capital Markets1 | 3.0%
Capital Markets - Risk 1
Uncertainty in the credit markets could adversely affect our financial condition or our growth opportunities.
In recent years, high yield, investment grade, and sovereign credit markets were affected by geopolitical turmoil, inflationary pressures, and changing central bank policies. These conditions resulted in unsettled credit markets for much of the year. Future market shocks, such as the status of deliberations and legislation to increase the debt ceiling in the United States, could result in reductions in the availability of certain types of debt financing, including access to revolving lines of credit. Future business needs combined with market conditions at the time may cause us to seek alternative sources of potentially less attractive financing and may require us to adjust our business plan accordingly. Tight credit markets, such as might result from further turmoil in the sovereign debt markets, would likely make additional financing more expensive and difficult to obtain. Actions by the United States Federal Reserve system, such as increasing the discount rate, may also increase the interest expense associated with our current or future borrowings. The inability to obtain additional financing at a reasonable cost could have a material adverse effect on our financial condition or our growth opportunities. As a result of credit market uncertainty, we also face potential exposure to counterparties who may be unable to adequately service our needs, including the ability of the lenders under our credit agreement to provide liquidity when needed. We monitor the financial strength of our depositories, creditors, and insurance carriers using publicly available information, as well as qualitative inputs.
Tech & Innovation
Total Risks: 1/33 (3%)Below Sector Average
Cyber Security1 | 3.0%
Cyber Security - Risk 1
The proper function, availability, and security of our information systems are critical to our business and failure to maintain proper function, availability, or security of our information systems or protect our data against unauthorized access could have a material adverse effect on our business, financial position, results of operations, and cash flows.
We are and will remain dependent on the proper function, availability and security of our and third-party information systems, including our electronic clinical information system, referred to as ACE-IT, which plays a substantial role in the operations of the hospitals, and the cloud service providers we directly and indirectly use. We undertake measures to protect the safety and security of our information systems and the data maintained within those systems, and we periodically test the adequacy of our security, business continuity, and disaster recovery measures. We have implemented administrative, technical and physical controls on our systems and devices in an attempt to prevent unauthorized access to that data, which includes patient information subject to the protections of HIPAA and the HITECH Act and other sensitive information. For additional discussion of these laws see Item 1, Business, "Regulation" and our cybersecurity program see Item 1C, Cybersecurity. We expend significant capital to protect against the threat of security breaches, including cyber attacks, email phishing schemes, malware and ransomware. Substantial additional expenditures may be required to respond to and remediate any problems caused by breaches, including the unauthorized access to or theft of patient data and protected health information stored in our information systems and the introduction of computer malware or ransomware to our systems. We also provide our employees annual training and regular reminders on important measures they can take to prevent breaches and other cyber threats, including phishing schemes. We routinely identify attempts to gain unauthorized access to our systems. However, given the rapidly evolving nature and proliferation of cyber threats, there can be no assurance our training and network security measures or other controls will detect, prevent or remediate security or data breaches in a timely manner or otherwise prevent unauthorized access to, damage to, or interruption of our systems and operations. For example, it has been widely reported that many well-organized international interests, in certain cases with the backing of sovereign governments, are targeting the theft of patient information and the disruption of healthcare services through the use of advanced persistent threats and ransomware attacks. In recent years, a number of hospitals and hospital systems have reported being victims of ransomware attacks in which they lost access to their systems, including clinical systems, during the course of the attacks. Large, national healthcare systems have reported ransomware attacks that forced their facilities to operate without access to information systems for some time and, to some extent, inhibited their ability to admit patients. We are likely to face attempted attacks in the future. Accordingly, we may be vulnerable to losses associated with the improper functioning, breach or unavailability of our and our vendors' information systems, including systems used in acquired operations, and third-party systems we use. Threat actors continue to attempt to exploit commonly used software and services to gain remote access to a large number of the information systems of the businesses using the software and services. For example, in December 2021, widespread exploitation of a vulnerable logging software installed within commonly used applications, services, and websites gave threat actors the ability to execute code remotely and potentially take control of affected systems. In May 2023, an international ransomware group began exploiting a vulnerability in a prevalent enterprise file transfer tool allowing the group to steal data from thousands of government, public, and business organizations worldwide. Generally, we, working with our cybersecurity vendors, attempt to monitor various channels and sources to identify vulnerabilities and threats in both third-party vendor software and services as well as our own systems and to mitigate the risks promptly. We also routinely work with industry and governmental cybersecurity partners to identify and combat cyber threats, which are particularly acute in the healthcare industry. When we become aware of threats, we undertake forensic investigations of our systems using all the indicators of compromise identified by leading security experts. Our forensic analysis to date has discovered no indicators of compromise. There can be no assurance that we will identify or adequately mitigate all threats to our systems, particularly in light of the number of well-funded and organized threat actors working to attack healthcare providers and the possibility of zero-day vulnerabilities and exploits yet to be identified. To date, we are not aware of having experienced a material compromise from a cyber breach or attack. However, given the increasing cybersecurity threats in the healthcare industry, there can be no assurance we will not experience business interruptions; data loss, ransom, misappropriation or corruption, theft, or misuse of proprietary data, patient or other personally identifiable information; or litigation, investigation, or regulatory action related to any of those, any of which could have a material adverse effect on our patient care, ability to admit patients, financial position, and results of operations and harm our business reputation. Moreover, a security breach, or threat thereof, could require that we expend significant resources to repair or improve our information systems and infrastructure and could distract management and other key personnel from performing their primary operational duties. In the case of a material breach or cyber attack, the associated expenses and losses may exceed our current insurance coverage for such events. Some adverse consequences are not insurable, such as reputational harm and third-party business interruption. Failure to maintain proper function, security, or availability of our information systems or protect our data against unauthorized access could have a material adverse effect on our business, financial position, results of operations, and cash flows. In addition, costs, unexpected problems, and interruptions associated with the implementation or transition to new systems or technology or with adequate support of those systems or technology across numerous hospitals could have a material adverse effect on our business, financial position, results of operations, and cash flows.
See a full breakdown of risk according to category and subcategory. The list starts with the category with the most risk. Click on subcategories to read relevant extracts from the most recent report.

FAQ

What are “Risk Factors”?
Risk factors are any situations or occurrences that could make investing in a company risky.
    The Securities and Exchange Commission (SEC) requires that publicly traded companies disclose their most significant risk factors. This is so that potential investors can consider any risks before they make an investment.
      They also offer companies protection, as a company can use risk factors as liability protection. This could happen if a company underperforms and investors take legal action as a result.
        It is worth noting that smaller companies, that is those with a public float of under $75 million on the last business day, do not have to include risk factors in their 10-K and 10-Q forms, although some may choose to do so.
          How do companies disclose their risk factors?
          Publicly traded companies initially disclose their risk factors to the SEC through their S-1 filings as part of the IPO process.
            Additionally, companies must provide a complete list of risk factors in their Annual Reports (Form 10-K) or (Form 20-F) for “foreign private issuers”.
              Quarterly Reports also include a section on risk factors (Form 10-Q) where companies are only required to update any changes since the previous report.
                According to the SEC, risk factors should be reported concisely, logically and in “plain English” so investors can understand them.
                  How can I use TipRanks risk factors in my stock research?
                  Use the Risk Factors tab to get data about the risk factors of any company in which you are considering investing.
                    You can easily see the most significant risks a company is facing. Additionally, you can find out which risk factors a company has added, removed or adjusted since its previous disclosure. You can also see how a company’s risk factors compare to others in its sector.
                      Without reading company reports or participating in conference calls, you would most likely not have access to this sort of information, which is usually not included in press releases or other public announcements.
                        A simplified analysis of risk factors is unique to TipRanks.
                          What are all the risk factor categories?
                          TipRanks has identified 6 major categories of risk factors and a number of subcategories for each. You can see how these categories are broken down in the list below.
                          1. Financial & Corporate
                          • Accounting & Financial Operations - risks related to accounting loss, value of intangible assets, financial statements, value of intangible assets, financial reporting, estimates, guidance, company profitability, dividends, fluctuating results.
                          • Share Price & Shareholder Rights – risks related to things that impact share prices and the rights of shareholders, including analyst ratings, major shareholder activity, trade volatility, liquidity of shares, anti-takeover provisions, international listing, dual listing.
                          • Debt & Financing – risks related to debt, funding, financing and interest rates, financial investments.
                          • Corporate Activity and Growth – risks related to restructuring, M&As, joint ventures, execution of corporate strategy, strategic alliances.
                          2. Legal & Regulatory
                          • Litigation and Legal Liabilities – risks related to litigation/ lawsuits against the company.
                          • Regulation – risks related to compliance, GDPR, and new legislation.
                          • Environmental / Social – risks related to environmental regulation and to data privacy.
                          • Taxation & Government Incentives – risks related to taxation and changes in government incentives.
                          3. Production
                          • Costs – risks related to costs of production including commodity prices, future contracts, inventory.
                          • Supply Chain – risks related to the company’s suppliers.
                          • Manufacturing – risks related to the company’s manufacturing process including product quality and product recalls.
                          • Human Capital – risks related to recruitment, training and retention of key employees, employee relationships & unions labor disputes, pension, and post retirement benefits, medical, health and welfare benefits, employee misconduct, employee litigation.
                          4. Technology & Innovation
                          • Innovation / R&D – risks related to innovation and new product development.
                          • Technology – risks related to the company’s reliance on technology.
                          • Cyber Security – risks related to securing the company’s digital assets and from cyber attacks.
                          • Trade Secrets & Patents – risks related to the company’s ability to protect its intellectual property and to infringement claims against the company as well as piracy and unlicensed copying.
                          5. Ability to Sell
                          • Demand – risks related to the demand of the company’s goods and services including seasonality, reliance on key customers.
                          • Competition – risks related to the company’s competition including substitutes.
                          • Sales & Marketing – risks related to sales, marketing, and distribution channels, pricing, and market penetration.
                          • Brand & Reputation – risks related to the company’s brand and reputation.
                          6. Macro & Political
                          • Economy & Political Environment – risks related to changes in economic and political conditions.
                          • Natural and Human Disruptions – risks related to catastrophes, floods, storms, terror, earthquakes, coronavirus pandemic/COVID-19.
                          • International Operations – risks related to the global nature of the company.
                          • Capital Markets – risks related to exchange rates and trade, cryptocurrency.
                          What am I Missing?
                          Make informed decisions based on Top Analysts' activity
                          Know what industry insiders are buying
                          Get actionable alerts from top Wall Street Analysts
                          Find out before anyone else which stock is going to shoot up
                          Get powerful stock screeners & detailed portfolio analysis