(ss) Compliance with Health Care Laws. The Company and its subsidiaries are, and at all times have been, in compliance with all Health Care Laws, except as could not be expected, individually or in the aggregate, to have a Material Adverse Effect. For purposes of this Agreement, “Health Care Laws” means: (i) the Federal Food, Drug, and Cosmetic Act (21 U.S.C. Section 301 et seq.) and the regulations promulgated thereunder; (ii) all applicable federal, state, local and foreign health care laws, including, without limitation, the U.S. Anti-Kickback Statute (42 U.S.C. Section 1320a-7b(b)), the Civil Monetary Penalties Law (42 U.S.C. Section 1320a-7a), the U.S. civil False Claims Act (31 U.S.C. Section 3729 et seq.), all applicable federal, state, local and foreign criminal laws relating to health care fraud and abuse, including but not limited to the U.S. False Statements Law (42 U.S.C. Section 1320a-7b(a)), 18 U.S.C. Sections 286 and 287, and the health care fraud criminal provisions under the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) (42 U.S.C. Section 1320d et seq.), the exclusion laws (42 U.S.C. Section 1320a-7), the statutes, regulations and directives of applicable government funded or sponsored healthcare programs; (iii) HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act (42 U.S.C. Section 17921 et seq.), and the regulations promulgated thereunder, including the Standards for Privacy of Individually Identifiable Health Information (the “Privacy Rule”), the Security Standards for the Protection of Electronic Protected Health Information (the “Security Rule”), and the Standards for Electronic Transactions and Code Sets, and any state or non-U.S. counterpart thereof or other law or regulation the purpose of which is to protect the privacy of individuals or prescribers; (iv) the Patient Protection and Affordable Care Act of 2010 (Public Law 111-148), as amended by the Health Care and Education Reconciliation Act of 2010 (Public Law 111-152), and the regulations promulgated thereunder; (v) the U.S. Controlled Substances Act (21 U.S.C. Section 801 et seq.); (vi) licensure, quality, safety and accreditation requirements under applicable federal, state, local or foreign laws or regulatory bodies; and (vii) all other local, state, federal, national, supranational and foreign laws, relating to the regulation of the Company or its subsidiaries. Neither the Company nor its subsidiaries have received written notice of any claim, action, suit, proceeding, hearing, enforcement, investigation, arbitration or other action from any court or arbitrator or governmental or regulatory authority or third party alleging that any product operation or activity is in violation of any Health Care Laws nor, to the Company’s knowledge, is any such claim, action, suit, proceeding, hearing, enforcement, investigation, arbitration or other action threatened. The Company and its subsidiaries have filed, obtained, maintained or submitted all material reports, documents, forms, notices, applications, records, claims, submissions and supplements or amendments as required by any Health Care Laws, and all such reports, documents, forms, notices, applications, records, claims, submissions and supplements or amendments were timely, complete, accurate and not misleading on the date filed in all material respects (or were corrected or supplemented by a subsequent submission). Neither the Company nor its subsidiaries are a party to any corporate integrity agreements, monitoring agreements, consent decrees, settlement orders, or similar agreements with or imposed by any governmental or regulatory authority. Additionally, neither the Company, its subsidiaries nor any of their respective employees, officers or directors has been excluded, suspended or debarred from participation in any U.S. federal health care program or human clinical research or, to the knowledge of the Company, is subject to a governmental inquiry, investigation, proceeding, or other similar action that could reasonably be expected to result in debarment, suspension, or exclusion.
(tt) Cybersecurity; Data Protection. Except as could not be expected, individually or in the aggregate, to have a Material Adverse Effect, the Company’s and its subsidiaries’ information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) operate and perform as required in connection with the operation of the business of the Company and its subsidiaries as currently conducted, free and clear of, to the knowledge of the Company, all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. Except as could not be expected, individually or in the aggregate, to have a Material Adverse Effect, (i) the Company and its subsidiaries have implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect their material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and all personal data and sensitive, confidential or regulated data maintained or processed by the Company and its
14