ability to realize the full market potential of DNTH103 or other product candidates will be harmed, and our business will be adversely affected. Moreover, even if we obtain approval of DNTH103 or other product candidates and ultimately commercialize such product candidates in foreign markets, we would be subject to the risks and uncertainties, including the burden of complying with complex and changing foreign regulatory, tax, accounting and legal requirements and reduced protection of intellectual property rights in some foreign countries.
Our employees, independent contractors, consultants, commercial collaborators, principal investigators, CROs, CDMOs, suppliers and vendors may engage in misconduct or other improper activities, including noncompliance with regulatory standards and requirements.
We are exposed to the risk that our employees, independent contractors, consultants, commercial collaborators, principal investigators, CROs, CDMOs, suppliers and vendors acting for or on our behalf may engage in misconduct or other improper activities. It is not always possible to identify and deter misconduct by these parties and the precautions we take to detect and prevent this activity may not be effective in controlling unknown or unmanaged risks or losses or in protecting us from governmental investigations or other actions or lawsuits stemming from a failure to comply with these laws or regulations.
Our internal computer systems, or those of any of our CROs, CDMOs, other contractors, third party service providers or consultants or potential future collaborators, may fail or suffer security or data privacy breaches or other unauthorized or improper access to, use of, or destruction of proprietary or confidential data, employee data or personal data, which could result in additional costs, loss of revenue, significant liabilities, harm to our brand and material disruption of our operations.
Despite the implementation of security measures in an effort to protect systems that store our information, given their size and complexity and the increasing amounts of information maintained on our internal information technology systems and those of our third-party CROs, CDMOs, other contractors (including sites performing our clinical trials), third party service providers and supply chain companies, and consultants, as well as other partners, these systems are potentially vulnerable to breakdown or other damage or interruption from service interruptions, system malfunction, natural disasters, terrorism, war and telecommunication and electrical failures, as well as security breaches from inadvertent or intentional actions by employees, contractors, consultants, business partners and/or other third parties, or from cyber-attacks by malicious third parties, which may compromise system infrastructure or lead to the loss, destruction, alteration or dissemination of, or damage to, data. To the extent that any disruption or security breach were to result in a loss, destruction, unavailability, alteration or dissemination of, or damage to, our data or applications, or for it to be believed or reported that any of these occurred, we could incur liability and reputational damage and the development and commercialization of DNTH103, or other product candidates could be delayed.
As our employees work remotely and utilize network connections, computers, and devices outside our premises or network, including working at home, while in transit and in public locations, there are risks to our information technology systems and data. Additionally, business transactions (such as acquisitions or integrations) could expose us to additional cybersecurity risks and vulnerabilities, as our systems could be negatively affected by vulnerabilities present in acquired or integrated entities’ systems and technologies.
While we have implemented security measures designed to protect against security incidents, there can be no assurance that these measures will be effective. We may be unable in the future to detect vulnerabilities in our information technology systems because such threats and techniques change frequently, are often sophisticated in nature, and may not be detected until after a security incident has occurred. Further, we may experience delays in developing and deploying remedial measures designed to address any such identified vulnerabilities. Applicable data privacy and security obligations may require us to notify relevant stakeholders of security incidents. Such disclosures are costly, and the disclosure or the failure to comply with such requirements could lead to adverse consequences.
24