prevent this activity may not be effective in controlling unknown or unmanaged risks or losses or in protecting us from governmental investigations or other actions or lawsuits stemming from a failure to comply with such laws or regulations. Additionally, we are subject to the risk that a person or government could allege such fraud or other misconduct, even if none occurred. If any such actions are instituted against us, and we are not successful in defending ourselves or asserting our rights, those actions could have a significant impact on our business and results of operations, including the imposition of significant civil, criminal and administrative penalties, damages, monetary fines, disgorgements, possible exclusion from participation in Medicare, Medicaid, other U.S. federal healthcare programs or healthcare programs in other jurisdictions, integrity oversight and reporting obligations to resolve allegations ofnon-compliance, individual imprisonment, other sanctions, contractual damages, reputational harm, diminished profits and future earnings, and curtailment of our operations.
Our business and operations would suffer in the event of system failures.
Our computer systems, as well as those of our CROs and other contractors, vendors, suppliers and consultants, are vulnerable to damage from computer viruses, unauthorized access, natural disasters (including hurricanes), terrorism, war and telecommunication and electrical failures. If such an event were to occur and cause interruptions in our operations, it could result in a material disruption of our product candidate development programs and our business. For example, the loss ofpre-clinical studies or clinical trial data from completed, ongoing or planned trials could result in delays in our regulatory approval efforts and significantly increase our costs to recover or reproduce the data. To the extent that any disruption or security breach were to result in a loss of or damage to our data or applications, or inappropriate disclosure of personal, confidential or proprietary information, we could incur liability and the further development ofLYR-210, LYR-220 or any other product candidate could be delayed.
In the ordinary course of our business, we directly or indirectly collect and store sensitive data, including intellectual property, confidential information,pre-clinical and clinical trial data, proprietary business information, personal data and personally identifiable health information of our clinical trial subjects and employees, in our data centers and on our networks, or on those of third parties. The secure processing, maintenance and transmission of this information is critical to our operations. Despite our security measures, our information technology and infrastructure has been and, from time to time, may be vulnerable to attacks by hackers or internal bad actors, or breached due to employee error, a technical vulnerability, malfeasance or other disruptions. For example, companies have experienced an increase in phishing and social engineering attacks from third parties in connection with the COVID-19 global pandemic. Although, to our knowledge, we have not experienced any material security breach to date, any such breach could compromise our networks and the information stored there could be accessed, publicly disclosed, lost or stolen. Any such access, disclosure or other loss of information could result in legal claims or proceedings, liability under laws that protect the privacy of personal information, significant regulatory penalties, and such an event could disrupt our operations, damage our reputation, and cause a loss of confidence in us and our ability to conduct clinical trials, which could adversely affect our business reputation and delay our clinical development of our product candidates.
Risks Related to Healthcare Laws and Other Legal Compliance Matters
We will be subject to extensive and costly government regulation.
Product candidates employing our technology will be subject to extensive and rigorous domestic government regulation including regulation by the FDA, the Centers for Medicare and Medicaid Services, or CMS, other divisions of the United States Department of Health and Human Services, the United States Department of Justice, state and local governments, and their respective equivalents outside of the United States. The FDA regulates the research, development,pre-clinical and clinical testing, manufacture, safety, effectiveness, record-keeping, reporting, labeling, packaging, storage, approval, advertising, promotion, sale, distribution, import, and export of pharmaceutical products. If products employing our technologies are marketed abroad, they will also be subject to extensive regulation by foreign governments, whether or not they have
31