28 added · 14 removed between the two most recent 10-Ks. The risks a company starts — or stops — disclosing are often the story.
Newly disclosed
Despite significant safeguards, including active intrusion protection, firewalls and virus detection software, as discussed in greater detail on Item 1C below, in October of 2025, access to our systems was gained by a threat actor in a cybersecurity attack.
Also, effective marketing and advertising may become more expensive and more difficult as search engines revise algorithms, customers use of artificial intelligence (“AI”) platforms become more prevalent and business models and customers change how they find our services.
The current environment, particularly in 18 healthcare and with the increase in use of AI and other new technologies, has significantly increased our usage of information technology systems and heightened the need for security of those systems with the increase in telehealth.
Additionally, because our service businesses heavily rely on delivering service to customers or patients in their residences, increases in the costs of vehicle acquisition, maintenance, repair, and reimbursement for employees’ use of personal vehicles, could have a significant increase on our expenses.
The threat actor was able to access a significant amount of Protected Health Information (“PHI”); however, despite repeated attempts, was not able to insert a tool often used by threat actors into our system.
Although the cyberattack that led to the breach of PHI was the first to successfully gain access to our systems, it was not an isolated incident.
Additionally, the increasing development and use of AI and other new and evolving technologies create additional system and other risks.
VITAS’ levels of revenue and profitability will be subject to the effect of possible reductions in coverage or payment rates by third-party payors, including payment rates from Medicare and Medicaid. 14 Hospice Medicare reimbursement is subject to certain limitations or “caps” based on the number of inpatient days of care and overall average capitation per admission.
While we have been able to mitigate the damages from the prior successful attack, and did not experience any material operational or financial issues as a result of the attack, a subsequent successful attack on our information technology systems could have even greater consequences to the business including liability for compromised patient information and business interruption.
However, if CMS revises the program or implements a similar program and its implementation identifies any VITAS programs as “poor performers”, such designation could negatively affect VITAS’ brand reputation, and any additional governmental oversight could materially adversely affect the operations profitability of any affected programs.
These additional costs, in the case of VITAS, cannot be passed along to our patients because of the structure of hospice reimbursement, and in the case of Roto-Rooter, may not be able to be fully passed along to our customers.
To the extent that tariffs cause any adverse impacts on global supply chains, it could further materially affect the ability of both businesses to timely source critical supplies, which may affect our delivery of services.
No longer disclosed
We maintain our information technology systems with safeguard protection against cyber-attacks including active intrusion protection, firewalls and virus detection software.
We have developed and tested a response plan in the event of a successful attack and we maintain commercial insurance related to a cyber-attack.
Chemed’s Chief Legal Officer and Chief Financial Officer are alerted to any potential issues and evaluate those issues for cybersecurity materiality A successful attack on our information technology systems could have significant consequences to the business including liability for compromised patient information and business interruption.
However, if CMS revises the program and its reimplementation identifies any VITAS programs as “poor performers”, such designation could negatively affect VITAS’ brand reputation, and any additional governmental oversight could materially adversely affect the operations profitability of any affected programs. 18 VITAS’ headquarters and a significant portion of its operations are in Florida The occurrence of a natural disaster in any region that VITAS has significant operations could have a negative impact on the business.
Increases in working from home and the provision of telehealth services due to the pandemic have significantly increased our usage of information technology systems and heightened the need for security of those systems.
VITAS’ levels of revenue and profitability will be subject to the effect of possible reductions in coverage or payment rates by third-party payors, including payment rates from Medicare and Medicaid.
VITAS’ loss of key management personnel or its inability to hire and retain skilled employees could adversely affect its business, financial condition and results of operations.
Hospice Medicare reimbursement is subject to certain limitations or “caps” based on the number of inpatient days of care and overall average capitation per admission.
We depend on our management team and the loss of their service could have a material adverse effect on our business, financial condition and results of operations.
Credit market conditions may make it difficult for us to obtain new financing or refinance our current debt on terms and conditions acceptable to us.
Moreover, we cannot assure you that awareness or acceptance of hospice care will increase or remain at current levels.
Changes in rates or methods of payment for VITAS’ services could adversely affect its revenues and profits.