things, our clinical research program, as well as our proposed and future sales, marketing, and education programs. In particular, the promotion, sales and marketing of healthcare items and services is subject to extensive laws and regulations designed to prevent fraud, kickbacks, self-dealing, and other abusive practices. These laws and regulations may restrict or prohibit a wide range of pricing, discounting, marketing and promotion, sales commission, customer incentive, and other business arrangements. In addition, we may be subject to federal or comparable foreign consumer protection and unfair competition laws, which broadly regulate marketplace activities and activities that potentially harm consumers.
We may also be subject to state and foreign equivalents of each of the healthcare laws described above, among others, some of which may be broader in scope. For example, we may be subject to the following: state anti-kickback and false claims laws that may apply to sales or marketing arrangements and claims involving healthcare items or services reimbursed by non-governmental, third-party payors, including private insurers, or that apply regardless of payor; state laws that require pharmaceutical companies to comply with the pharmaceutical industry’s voluntary compliance guidelines and the relevant compliance guidance promulgated by the federal government; state laws that require drug manufacturers to report information related to payments and other transfers of value to physicians and other healthcare providers, marketing expenditures, or drug pricing; and state and local laws requiring the registration of pharmaceutical sales and medical representatives.
Outside the United States, interactions between pharmaceutical companies and health care professionals are also governed by strict laws, such as national anti-bribery laws of European countries, national sunshine rules, regulations, industry self-regulation codes of conduct and physicians’ codes of professional conduct. Failure to comply with these requirements could result in reputational risk, public reprimands, administrative penalties, fines or imprisonment.
Because of the breadth of these laws and the narrowness of the statutory exceptions and regulatory safe harbors available, it is possible that some of our business activities, or our arrangements with physicians, some of whom have been granted stock options, could be subject to challenge under one or more of such laws. It is not always possible to identify and deter employee misconduct or business noncompliance, and the precautions we take to detect and prevent inappropriate conduct may not be effective in controlling unknown or unmanaged risks or losses or in protecting us from governmental investigations or other actions or lawsuits stemming from a failure to be in compliance with such laws or regulations. Efforts to ensure that our business arrangements will comply with applicable healthcare laws may involve substantial costs. It is possible that governmental and enforcement authorities will conclude that our business practices may not comply with current or future statutes, regulations or case law interpreting applicable fraud and abuse or other healthcare laws and regulations. If we or our employees, independent contractors, consultants, commercial partners and vendors violate these laws, we may be subject to investigations, enforcement actions and/or significant penalties, including the imposition of significant civil, criminal and administrative penalties, damages, disgorgement, monetary fines, imprisonment, possible exclusion from participation in Medicare, Medicaid and other federal healthcare programs or similar foreign programs, contractual damages, reputational harm, diminished profits and future earnings, additional reporting requirements and/or oversight if we become subject to a corporate integrity agreement or similar agreement to resolve allegations of non-compliance with these laws, and curtailment of our operations, any of which could adversely affect our ability to operate our business and our results of operations. In addition, the approval and commercialization of denifanstat or any of our future drug candidates outside the United States will also likely subject us to foreign equivalents of the healthcare laws mentioned above, among other foreign laws.
Our internal computer systems, or those used by our CROs or other contractors or consultants, may fail or suffer security breaches.
We and the third parties upon which we rely face a variety of evolving threats, which could cause security incidents, such as cyber-attacks, malicious internet-based activity, online and offline fraud, and other similar activities. Such threats are prevalent and continue to rise, are increasingly difficult to detect, and come from a variety of sources.
Despite the implementation of security and back-up measures designed to protect against security incidents, our internal computer, server, and other information technology systems as well as those of our third-party collaborators, consultants, contractors, suppliers, and service providers upon which we rely, may be vulnerable to various threats including, but not limited to, damage from physical or electronic break-ins, computer viruses, malware, ransomware, personnel misconduct or error, supply chain attacks, natural disasters, terrorism, war, telecommunication and electrical failure, denial of service, and other cyberattacks or disruptive incidents that could result in unauthorized access to, use or disclosure of, corruption of, or loss of sensitive, and/or proprietary data, including personal information, and health-related information, and could subject us to significant liabilities and regulatory and enforcement