Aveanna Healthcare Holdings (AVAH) Risk Factors

Our home health and hospice agencies must comply with the extensive conditions of participation in the Medicare program. These conditions generally require our home health and hospice agencies to meet specified standards relating to personnel, patient rights,patient care, patient records, administrative reporting and legal compliance. If a home health agency or hospice fails to meet any of the Medicare conditions of participation, that home health agency or hospice may receive a notice of deficiency from the applicable surveyor or accreditor. If that home health agency or hospice then fails to institute a plan of correction to correct the deficiency within the time period provided by the surveyor or accreditor, that home health agency or hospice could be terminated from the Medicare program. We respond in the ordinary course to deficiency notices issued by surveyors or accreditors. Any termination of one or more of our home health or hospice agencies from the Medicare program for failure to satisfy the Medicare conditions of participation could adversely affect our revenue and net income.

We are required to comply with all applicable federal, state and local laws and regulations relating to employment, including occupational safety and health requirements, wage and hour and other compensation requirements, employee benefits, providing leave and sick pay, employment insurance, proper classification of workers as employees or independent contractors, immigration and equal employment opportunity laws. These laws and regulations can vary significantly among jurisdictions and can be highly technical. Notably, we are subject to the California Labor Code pursuant to which plaintiffs have filed representative actions under the California Private Attorney General Act seeking statutory penalties for alleged violations related to calculation of overtime pay, errors in wage statements, and meal and rest break violations, among other things. Costs and expenses related to these requirements are a significant operating expense and may increase as a result of, among other things, changes in federal, state or local laws or regulations, or the interpretation thereof, requiring employers to provide specified benefits or rights to employees, increases in the minimum wage and local living wage ordinances, increases in the level of existing benefits or the lengthening of periods for which unemployment benefits are available. We may not be able to offset any increased costs and expenses. Furthermore, any failure to comply with these laws requirements, including even a seemingly minor infraction, can result in significant penalties which could harm our reputation and have a material adverse effect on our business. In addition, certain individuals and entities, known as excluded persons, are prohibited from receiving payment for their services rendered to Medicaid, Medicare and other federal and state healthcare program beneficiaries. If we inadvertently hire or contract with an excluded person, or if any of our current employees or contractors becomes an excluded person in the future without our knowledge, we may be subject to substantial civil penalties, including up to $20,000 for each item or service furnished by the excluded person to a federal or state healthcare program beneficiary, an assessment of up to three times the amount claimed and exclusion from the program. Because we employ an average of at least 50 full-time employees in a calendar year, we are required to offer a minimum level of health coverage for 95% of our full-time employees in 2024 or be subject to an annual penalty.

There are a number of federal and state laws, rules and regulations, as well as contractual obligations, relating to the protection, collection, storage, use, retention, security, disclosure, transfer and other processing of confidential, sensitive and personal information, including certain patient health information, such as patient records. Existing laws and regulations are constantly evolving, and new laws and regulations that apply to our business are being introduced at every level of government in the United States. In many cases, these laws and regulations apply not only to third-party transactions, but also to transfers of information between or among us, our affiliates and other parties with whom we conduct business. These laws and regulations may be interpreted and applied differently over time and from jurisdiction to jurisdiction, and it is possible that they will be interpreted and applied in ways that may have a material adverse effect on our business. We monitor legal developments in data privacy and security regulations at the local, state and federal level, however, the regulatory framework for data privacy and security worldwide is continuously evolving and developing and, as a result, interpretation and implementation standards and enforcement practices are likely to remain uncertain for the foreseeable future. The management of PHI is subject to several regulations at the federal level, including HIPAA and the HITECH Act. The HIPAA privacy and security regulations protect medical records and other personal health information by limiting their use and disclosure, giving individuals the right to access, amend, and seek accounting of their own health information, and limiting most uses and disclosures of health information to the minimum amount reasonably necessary to accomplish the intended purpose. The HITECH Act strengthened HIPAA enforcement provisions and authorized State Attorneys General to bring civil actions for HIPAA violations. It permits the HHS to conduct audits of HIPAA compliance and impose significant civil monetary penalties even if we did not know or reasonably could not have known about the violation. The Omnibus Rule extended certain privacy and security regulations to business associates and their subcontractors that handle protected health information and imposed new requirements on HIPAA business associate contracts. The Omnibus Rule also clarified a covered entity's (which is a healthcare provider, a health plan or healthcare clearinghouse) notification and reporting requirements in the event of a breach of unsecured protected health information. This reporting obligation supplements state laws that also may require notification in the event of a breach of personal information. If we are found to have violated the HIPAA privacy or security regulations or other federal or state laws protecting the confidentiality of patient health or personal information,including but not limited to the HITECH Act and the Omnibus Rule, we could be subject to sanctions, fines, damages and other additional civil or criminal penalties, including litigation with those affected, which could increase our liabilities, harm our reputation and have a material adverse effect on our business, financial position, results of operations and liquidity. The federal government is also promoting the efficient exchange of electronic health information to improve health care. The 21st Century Cures Act prohibits information blocking by health care providers and certain other entities. Information blocking is defined as engaging in activities that are likely to interfere with, prevent or materially discourage access, exchange or use of electronic health information, subject to limited exceptions. Initiatives related to health care technology and interoperability may require changes to our operations, impose new and complex obligations on us, affect our relationships with other providers, vendors and other third parties and require investments in infrastructure. We may be subject to penalties for failure to comply. Numerous other federal and state laws protect the confidentiality, privacy, availability, integrity and security of PHI. For example, various states, such as California, Massachusetts, and Washington have implemented privacy laws and regulations, such as the California Confidentiality of Medical Information Act, that impose restrictive requirements regulating the use and disclosure of personally identifiable information, including PHI. These laws in many cases are more restrictive than, and may not be preempted by, the HIPAA rules and may be subject to varying interpretations by courts and government agencies, creating complex compliance issues and potentially exposing us to additional expense, adverse publicity and liability. We also expect that there will continue to be new laws, regulations and industry standards concerning privacy, data protection and information security proposed and enacted in various jurisdictions. The U.S. Congress has considered, but not yet passed, several comprehensive federal data privacy bills over the past few years, such as the CONSENT Act, which was intended to be similar to the landmark 2018 European Union General Data Protection Regulation. We expect federal data privacy laws to continue to evolve. At the state and local level, there is increased focus on regulating the collection, storage, use, retention, security, disclosure, transfer and other processing of confidential, sensitive and personal information. In recent years, we have seen significant changes to data privacy regulations across the U.S., including the enactment of the CCPA, which went into effect on January 1, 2020. The CCPA creates new consumer rights, and corresponding obligations on covered businesses, relating to the access to, deletion of and sharing of personal information collected by covered businesses, including a consumer's right to opt out of certain sales of the consumer's personal information. The CCPA provides for civil penalties for violations, as well as a private right of action for certain data breaches that result in the loss of personal information. This private right of action may increase the likelihood of, and risks associated with, data breach litigation. It remains unclear how various provisions of the CCPA will be interpreted and enforced. Additionally, California voters approved a new privacy law, the California Privacy Rights Act (the "CPRA"), in the November 3, 2020 election. Beginning on January 1, 2023, the CPRA significantly modified the CCPA, including by expanding consumers' rights with respect to certain sensitive personal information. The CPRA also creates a new state agency that will be vested with authority to implement and enforce the CCPA and the CPRA. New legislation proposed or enacted in various other states will continue to shape the data privacy environment nationally. Certain state laws may be more stringent or broader in scope, or offer greater individual rights, with respect to confidential, sensitive and personal information than federal, international or other state laws, and such laws may differ from each other, which may complicate compliance efforts. In addition, all 50 U.S. states and the District of Columbia have enacted breach notification laws that may require us to notify patients, employees or regulators in the event of unauthorized access to or disclosure of personal or confidential information experienced by us or our service providers. These laws are not consistent, and compliance in the event of a widespread data breach is difficult and may be costly. Moreover, states have been frequently amending existing laws, requiring attention to changing regulatory requirements. We also may be contractually required to notify patients or other counterparties of a security breach. Although we may have contractual protections with our service providers, any actual or perceived security breach could harm our reputation and brand, expose us to potential liability or require us to expend significant resources on data security and in responding to any such actual or perceived breach. Any contractual protections we may have from our service providers may not be sufficient to adequately protect us from any such liabilities and losses, and we may be unable to enforce any such contractual protections. In addition to government regulation, privacy advocates and industry groups have and may in the future propose self-regulatory standards from time to time. These and other industry standards may legally or contractually apply to us, or we may elect to comply with such standards. Complying with these various laws, rules, regulations and standards, and with any new laws or regulations changes to existing laws, could cause us to incur substantial costs that are likely to increase over time, require us to change our business practices in a manner adverse to our business, divert resources from other initiatives and projects, and restrict the way products and services involving data are offered, all of which may have a material adverse effect on our business. For example, we have incurred and expect to continue to incur additional costs to comply with the CCPA and other similar regulations. However, in the future we may be unable to make such changes and modifications to our business practices in a commercially reasonable manner, or at all. Given the rapid development of cybersecurity and data privacy laws, we expect to encounter inconsistent interpretation and enforcement of these laws and regulations, as well as frequent changes to these laws and regulations which may expose us to significant penalties or liability for non-compliance, the possibility of fines, lawsuits (including class action privacy litigation), regulatory investigations, criminal or civil sanctions, audits, adverse media coverage, public censure, other claims, significant costs for remediation and damage to our reputation, or otherwise have a material adverse effect on our business and operations. Any inability to adequately address data privacy or security-related concerns, even if unfounded, or to comply with applicable laws, regulations, standards and other obligations relating to data privacy and security, could result in additional cost and liability to us, damage our relationships with patients and have a material adverse effect on our business. We make public statements about our use and disclosure of personal information through our privacy policies, information provided on our website and press statements. Although we endeavor to comply with our public statements and documentation, we may at times fail to do so or be alleged to have failed to do so. The publication of our privacy policies and other statements that provide promises and assurances about data privacy and security can subject us to potential government or legal action if they are found to be deceptive, unfair or misrepresentative of our actual practices. Moreover, from time to time, concerns may be expressed about whether our products and services compromise the privacy of patients and others. Any concerns about our data privacy and security practices, even if unfounded, could damage the reputation of our businesses, discourage potential patients from our products and services and have a material adverse effect on our business.

The Anti-Kickback Statute, the Stark Law, the FCA and similar state laws materially restrict our relationships with physicians and other referral sources. We have a variety of financial relationships with referral sources who either refer or influence the referral of patients to our healthcare facilities, and these laws govern those relationships. The OIG has enacted safe harbor regulations that outline practices deemed protected from prosecution under the Anti-Kickback Statute. On November 20, 2020, the OIG published its final rule revising the safe harbors to the Anti-Kickback Statute, aiming to reduce the regulatory barriers to care coordination and accelerate the transformation of the health care system into one that better pays for value and promotes care coordination. The OIG final rule implements seven new safe harbors and modifies four existing safe harbors. For example, the final rule clarifies how durable medical equipment companies may participate in protected care coordination arrangements involving digital health technology; modifies the existing safe harbor for personal services and management contracts to add flexibility for certain outcomes-based payments and part-time arrangements; expands and modifies mileage limits for local transportation for rural areas; and broadens the new safe harbor for cybersecurity technology and services to cover remuneration in the form of cybersecurity-related hardware. These revisions to the Anti-Kickback Statute safe harbors went into effect on January 19, 2021. While we endeavor to comply with the safe harbors, most of our current arrangements, including with physicians and other referral sources, may not qualify for safe harbor protection. Failure to qualify for a safe harbor does not mean the arrangement necessarily violates the Anti-Kickback Statute but may subject the arrangement to greater scrutiny. However, we cannot offer assurance that practices outside of a safe harbor will not be found to violate the Anti-Kickback Statute. Any financial relationships with referring physicians and their immediate family members must comply with the Stark Law by meeting an exception. We attempt to structure our relationships to meet an exception to the Stark Law, but the regulations implementing the exceptions are detailed and complex, and we cannot provide assurance that every relationship complies fully with the Stark Law. Unlike the Anti-Kickback Statute, failure to meet an exception under the Stark Law may result in a violation of the Stark Law, even if such violation is technical in nature. Additionally, if we violate the Anti-Kickback Statute or the Stark Law, or if we improperly bill for our services, we may be found to violate the FCA, either under a suit brought by the government or by a private person under a qui tam, or "whistleblower," lawsuit. If we fail to comply with the Anti-Kickback Statute, the Stark Law, the FCA or other applicable laws and regulations, we could be subject to liabilities, including civil penalties (including the loss of our licenses to operate one or more facilities or healthcare activities), exclusion of one or more facilities or healthcare activities from participation in the Medicare, Medicaid, and other federal and state healthcare programs, and, for violations of certain laws and regulations, criminal penalties. We do not always have the benefit of significant regulatory or judicial interpretation of these laws and regulations. In the future, different interpretations or enforcement of these laws and regulations could subject our current or past practices to allegations of impropriety or illegality or could require us to make changes in our facilities, equipment, personnel, services, capital expenditure programs and operating expenses. A determination that we have violated these laws, or the public announcement that we are being investigated for possible violations of these laws, could have a material adverse effect on our business, financial position, results of operations and liquidity, and our business reputation could suffer significantly. In addition, other legislation or regulations at the federal or state level may be adopted that could have a material adverse effect on our business, financial position, results of operations and liquidity.

Many states have enacted CON or POA laws that require prior state approval to offer new or expanded healthcare services or open new healthcare facilities or expand services at existing facilities. In such states, expansion by existing providers or entry into the market by new providers is permitted only where a given amount of unmet need exists, resulting either from population increases or a reduction in competing providers. These states ration the entry of new providers or services and the expansion of existing providers or services in their markets through a CON or other approval process, which is periodically evaluated and updated as required by applicable state law. The process is intended to promote comprehensive healthcare planning, assist in providing high-quality healthcare at the lowest possible cost and avoid unnecessary duplication by ensuring that only those healthcare facilities, services and operations that are needed will be built and opened. We operate home health centers and/or hospice services in the following CON states: Alabama, Georgia, North Carolina, South Carolina, Tennessee and Washington. In every state where required, our home health offices, hospice centers and branch locations possess a license and/or CON issued by the state health authority that determines the local service areas for the home health office, hospice office or branch location. In general, the process for opening a home health office, branch location or hospice begins by a provider submitting an application for licensure and certification to the state and federal regulatory bodies, and the completion of both an initial licensure and certification survey, which is followed by a testing period of transmitting data from the applicant to CMS. Once this process is complete, the provider receives a provider agreement and corresponding number and can begin billing for services that it provides unless a CON is required. For those states that require a CON, the provider must also complete a separate application process before billing can commence and receive required approvals for capital expenditures exceeding amounts above prescribed thresholds. Our costs of obtaining a CON in any new CON state in which we seek to operate could be significant, and we cannot assure you that we will be able to obtain the CONs or other required approvals in the future. Our failure or inability to obtain a required CON, license or any necessary approvals could adversely affect our ability to expand into new markets and to expand our services and facilities in existing markets. Furthermore, if a CON or other prior approval upon which we relied to invest in a healthcare center or other facility were to be revoked or lost through an appeal process, we may not be able to recover the value of our investment. CMS and state Medicaid agencies may, for a period of time, impose a moratorium against additional Medicaid enrollment for a particular type of service, upon a determination that a moratorium is necessary to prevent fraud, waste or abuse, or to limit an over-abundance of a type of Medicaid provider within a state. For example, on July 31, 2013, CMS implemented a six-month moratorium on new Medicare (and Medicaid) home health agencies in Florida's Miami-Dade County and Illinois' Cook County. The moratorium on enrollment of additional home health agencies in the Medicare (and Medicaid programs) was a way to combat fraud, waste and abuse, while assuring patient access to care. Over the years, CMS has repeatedly renewed and extended the moratorium to the entire states of Florida, Illinois, Michigan and Texas. The CMS moratoria on new Medicare home health agencies were lifted on January 1, 2019; however, Florida requested that CMS extend the moratorium on new home health agency enrollments into its Medicaid program. Florida's moratorium on Medicaid home health agency provider enrollment ended on August 30, 2021. In addition, we cannot predict whether any other states may adopt a similar Medicaid moratorium. A moratorium in any state in which we seek to, or currently, operate may prevent us from introducing, or disposing of, operations in that state, respectively, which may impair our future expansion or divestiture opportunities in some states.

In the ordinary course of our business, we are regularly subject to inquiries and audits by federal and state agencies that oversee applicable healthcare program participation and payment regulations. We also are subject to government investigations. We believe that the regulatory environment surrounding most segments of the healthcare industry remains intense. The extensive federal and state regulations affecting the healthcare industry include, but are not limited to, regulations relating to licensure, billing, provision of services,conduct of operations, allowable costs, and prices for services, facility staffing requirements, qualifications and licensure of staff, environmental and occupational health and safety, and the confidentiality and security of health-related information. In particular, various laws, including the Stark Law, the Anti-Kickback Statute, anti-fraud, and anti-abuse amendments codified under the Social Security Act prohibit certain business practices and relationships that might affect the provision and cost of healthcare services reimbursable under Medicare and Medicaid, including the payment or receipt of remuneration for the referral of patients whose care will be paid by Medicare or other governmental programs. Sanctions for violating those anti-kickback, anti-fraud, and anti-abuse amendments include criminal penalties, civil sanctions, fines, and possible exclusion from government programs such as Medicare and Medicaid. Federal and state governments continue to pursue intensive enforcement policies resulting in a significant number of investigations, inspections, audits, citations of regulatory deficiencies, and other regulatory sanctions including demands for refund of overpayments, terminations from the Medicare and Medicaid programs, bans on Medicare and Medicaid payments for new admissions, and civil monetary penalties or criminal penalties. We expect audits under the CMS RAC program, the CMS TPE program, the UPIC program and other federal and state audits evaluating the medical necessity of services to further intensify the regulatory environment surrounding the healthcare industry as third-party firms engaged by CMS and others conduct extensive reviews of claims data and medical and other records to identify improper payments to healthcare providers under the Medicare and Medicaid programs. If we fail to comply with the extensive laws, regulations and prohibitions applicable to our businesses, we could become ineligible to receive government program reimbursement, suffer civil or criminal penalties, or be required to make significant changes to our operations. In addition, we could be forced to expend considerable resources responding to investigations, audits or other enforcement actions related to these laws, regulations or prohibitions. Failure of our staff to satisfy applicable licensure requirements, or of our home health and hospice operations to satisfy applicable licensure and certification requirements could have a material adverse effect on our business, financial position, results of operations and liquidity. We are unable to predict the future course of federal and state regulation or legislation, including Medicare and Medicaid statutes and regulations, or the intensity of federal and state enforcement actions. Changes in the regulatory framework, including those associated with healthcare reform, and sanctions from various enforcement actions could have a material adverse effect on our business, financial position, results of operations and liquidity.

Medicare payments to a hospice are subject to an inpatient cap amount and an overall payment cap amount, which are calculated and published by CMS on an annual basis covering the period from November 1 through October 31. If payments received under any of our hospice operations exceeds any of these caps, we may be required to reimburse Medicare for payments received in excess of the caps, which could have a material adverse effect on our business and consolidated financial condition, results of operations, and cash flows.

We receive fixed payments at rates established through federal and state legislation from Medicare and Medicaid, our most significant payers, for our services. Consequently, our profitability largely depends upon our ability to manage the costs of providing these services. We cannot be assured that reimbursement payments under Medicare and Medicaid will remain at levels comparable to present levels or will be sufficient to cover the costs allocable to patients eligible for reimbursement pursuant to these programs. Additionally, non-government payer rates are difficult for us to negotiate as such payers are under pressure to reduce their own costs. As a result, we have sought to manage our costs in order to achieve a desired level of profitability including, but not limited to, centralization of various processes, the use of technology and management of the number of employees utilized. If we are not able to continue to streamline our processes and reduce our costs, our business and consolidated financial condition, results of operations and cash flows could be materially adversely affected.

The healthcare industry in general is facing uncertainty associated with the efforts to identify and implement alternative delivery payment models and workable coordinated care. Many government and commercial payers are transitioning providers to alternative payment models that are designed to promote cost-efficiency, quality and coordination of care. For example, accountable care organizations ("ACOs") incentivize hospitals, physician groups, and other providers to organize and coordinate patient care while reducing unnecessary costs. Conceptually, ACOs receive a portion of any savings generated above a certain threshold from care coordination as long as benchmarks for the quality of care are maintained. Providers are then paid based on the overall value and quality (as determined by outcomes) of the services they provide to a patient rather than the number of services they provide. Pursuant to the ACA, CMS has established several separate ACO programs, the largest of which is the Medicare Shared Savings Program ("MSSP"). CMS established the MSSP to facilitate coordination and cooperation among providers to improve the quality of care for Medicare fee-for-service beneficiaries and to reduce costs. Eligible providers, hospitals and suppliers may participate in the MSSP by creating, participating in or contracting with an ACO. The ACO rules adopted by CMS are extremely complex and remain subject to further refinement by CMS. According to CMS, 480 MSSP ACOs served over 13 million patients as of January 1, 2024. Beginning on January 1, 2023, CMS transitioned to the Accountable Care Organization Realizing Equity, Access and Community Health ("REACH") Model, requiring ACO participants to meet several provisions on promoting health equity, including the creation of a health equity plan. If we are not included in these programs, or if ACOs establish programs that overlap with our services, we are at risk for losing market share, including a loss of our current business. Other alternative payment models may be presented by the government and commercial payers to control costs that subject our company to financial risk. Broad-based implementation of a new delivery payment model would represent a significant transformation for us and the healthcare industry generally. The development of new delivery and payment systems will almost certainly take significant time and expense. We cannot predict at this time what effect alternative payment models may have on our company. We may be similarly impacted by increased enrollment of Medicare and Medicaid beneficiaries in managed care plans, shifting away from traditional fee-for-service models. Under a managed Medicare plan, also known as Medicare Advantage, the federal government contracts with private health insurers to provide Medicare benefits and the insurers may choose to offer supplemental benefits. Approximately 51% of all Medicare beneficiaries were enrolled in a Medicare Advantage plan in 2023, a figure that continues to grow. Beginning in 2019, CMS allowed Medicare Advantage plans to offer certain personal care services as a supplemental benefit. Enrollment in managed Medicaid plans is also growing, as states are increasingly relying on managed care organizations to deliver Medicaid program services as a strategy to control costs and manage resources. We cannot assure you that we will be successful in our efforts to be included in managed plan networks, that we will be able to secure favorable contracts with all or some of the managed care organizations, that our reimbursement under these programs will remain at current levels, that the authorizations for services will remain at current levels or that our profitability will remain at levels consistent with past performance. We may also face increased competition for managed care contracts as a result of state regulation and limitations. In addition, operational processes may not be well-defined as a state transitions Medicaid recipients to managed care. For example, membership, new referrals and the related authorization for services to be provided may be delayed, which may result in delays in service delivery to consumers or in payment for services rendered. Difficulties with operational processes associated with new managed care contracts may negatively affect our revenue growth rates, cash flow and profitability for services provided.

Our success depends on referrals from physicians, hospitals and other sources in the communities we serve and on our ability to maintain good relationships with existing referral sources. Our referral sources are not contractually obligated to refer patients to us and may refer their patients to other providers. In addition, our relationships with referral sources are subject to compliance with federal and state healthcare laws, such as the federal Anti-Kickback Statute, the federal Stark Law, and similar state laws. Our growth and profitability depend, in part, on our ability to establish and maintain close working relationships with these patient referral sources, comply with applicable laws with respect to such relationships, and to increase awareness and acceptance of the benefits of home health and hospice services by our referral sources and their patients. There can also be no assurance that other market participants will not attempt to steer patients to competing health services providers. Our loss of, or failure to maintain, existing relationships or our failure to develop new referral relationships could have a material adverse effect on our business.

We believe that there is a growing trend of patient utilization of managed care. Accordingly, we seek to diversify our payer sources by increasing the business we already do with managed care companies, such as HMOs and PPOs. However, we may not be successful in these efforts. There is also a risk that any favorable managed care contracts that we have may be terminated on short notice, because managed care contracts typically permit the payer to terminate the contract without cause, typically upon 90 days' notice, but in some cases upon a shorter notice period. The ability to terminate on short notice without cause can provide such companies with leverage to reduce volume or obtain favorable pricing to the detriment of our business strategy, and managed care contracts are subject to frequent change as a result of renegotiations and renewals. Our failure to negotiate, secure, and maintain favorable managed care contracts could have a material adverse effect on our business and consolidated financial condition, results of operations and cash flows. Furthermore, managed care contracts typically have complicated authorization, billing and collection provisions. Our inability to properly obtain authorizations from managed care programs or accurately bill managed care programs could result in material denied claims, or expose us to material repayment obligations, thereby materially adversely impacting our results of operations.

Our operations are directly affected in the short-term by the weather conditions in certain of our regions of operation, particularly along coastal areas in the United States, which may be subject to hurricanes. Weather conditions, including tornadoes, significant rain, snow, sleet, freezing rain or ice, or other factors beyond our control, such as wildfires, could disrupt patient scheduling, displace our patients and caregivers or force certain of our facilities to close temporarily or for an extended period of time, thereby reducing patient volumes. Therefore, our business is sensitive to the weather conditions of these regions. Moreover, physical effects of climate change such as increases in temperature, sea levels, the severity of weather events and the frequency of natural disasters, such as hurricanes, tropical storms, tornadoes, wildfires, floods and earthquakes, among other effects, could disrupt our operations. While we have disaster recovery systems and business continuity plans in place, any disruptions in our disaster recovery systems or the failure of these systems to operate as expected could, depending on the magnitude of the problem, adversely affect our operating results by limiting our capacity to effectively monitor and control our operations. Although we maintain insurance coverage, we cannot guarantee that our insurance coverage will be adequate to cover any losses or that we will be able to maintain insurance at a reasonable cost in the future. Accordingly, our operating results may vary from quarter to quarter, depending on the impact of these weather conditions, and if our losses from business interruption or property damage that result from such weather conditions exceed the amount for which we are insured, our results of operations and financial condition would be adversely affected.