Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the Company and its subsidiaries are, and since the Company’s inception have been, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements. Neither the Company nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 4 contracts
Sources: Underwriting Agreement (Healthequity Inc), Underwriting Agreement (Healthequity Inc), Underwriting Agreement (Healthequity Inc)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries areis, and since the Company’s inception have beenat all prior times was, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation limitation, as applicable, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”), except to the extent that any non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To The Company has in place, complies with, and takes reasonable steps to ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means means, as applicable, (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (ivv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries have has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirementsPrivacy Laws, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, have been inaccurate or in violation of any applicable laws and regulatory rules Privacy Laws, except in each case as would not, individually or requirementsin the aggregate, reasonably be expected to have a Material Adverse Effect. Neither the Company nor any subsidiaryThe Company: (i) has not received written notice of any actual or potential liability under or relating to, or actual or potential violation by the Company of, any of the Privacy Laws, Laws and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action required by any governmental entity pursuant to any Privacy Law; or (iii) it has made all notices to all persons, including affected individuals and applicable governmental or regulatory authorities, required under any Privacy Law with respect to the use, disclosure or breaches of Personal Data; or (iv) is not a party to any order, decree, or settlement agreement that imposes any obligation or liability under any Privacy Law.
Appears in 4 contracts
Sources: Underwriting Agreement (Edgewise Therapeutics, Inc.), Underwriting Agreement (Edgewise Therapeutics, Inc.), Underwriting Agreement (Edgewise Therapeutics, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and each of its subsidiaries are, and since the Company’s inception have beenat all prior times was, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation limitation, as applicable, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”), except to the extent that any non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To The Company has in place, complies with, and takes reasonable steps to ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means means, as applicable, (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (ivv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries have have, at all times times, made all disclosures to users or customers required by applicable laws and regulatory rules or requirementsPrivacy Laws, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, have been inaccurate or in violation of any applicable laws Privacy Laws, except in each case as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. The Company and regulatory rules or requirements. Neither the Company nor any subsidiaryeach of its subsidiaries: (i) has not received written notice of any actual or potential liability under or relating to, or actual or potential violation by the Company of, any of the Privacy Laws, Laws and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action required by any governmental entity pursuant to any Privacy Law; or (iii) has made all notices to all persons, including affected individuals and applicable governmental or regulatory authorities, required under any Privacy Law with respect to the use, disclosure or breaches of Personal Data; or (iv) is not a party to any order, decree, or settlement agreement that imposes any obligation or liability under any Privacy Law.
Appears in 3 contracts
Sources: Common Stock Sales Agreement (Edgewise Therapeutics, Inc.), Common Stock Sales Agreement (Edgewise Therapeutics, Inc.), Common Stock Sales Agreement (Edgewise Therapeutics, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries and, to the Company’s knowledge, their respective agents and subcontractors, are, and since the Company’s inception have beenat all prior times were, in compliance in all material respects with all applicable state state, federal, and federal international data privacy and data security laws laws, regulations, and regulationsrelated rules and requirements, including without limitation the Health Insurance Portability and Accountability Act of 1996 and the HITECH Act (collectively “HIPAA”), the European Union General Data Protection Regulation (“GDPR”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”EU 2016/679) (collectively, the “Privacy Laws”). To ensure address compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate commercially reasonable steps reasonably designed to ensure achieve compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis transfer of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of identifies such natural person, person and is defined in or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientationaddressed by Privacy Laws. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the ProspectusAt all times, the Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirementsPrivacy Laws, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirementsPrivacy Laws. Neither the The Company further certifies that (a) neither it nor any subsidiarysubsidiary at any time: (i) has received receive written notice of any actual or potential liability liability, including, but not limited to security or data privacy breaches or other unauthorized or improper access to, use of, or destruction of its Sensitive Data (defined below) owned or controlled by the Company or its subsidiaries, under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) other than pursuant to its ongoing compliance efforts in the ordinary course of business, is currently conducting conducting, subject to, or paying forpaying, in whole or in part, any material investigation, remediation, or other corrective action pursuant to resulting from the Company’s or its subsidiaries’ non-compliance with any Privacy Law; or (iii) is a party to any order, decree, settlement agreement, or agreement judgment from a governmental entity that imposes any obligation or liability under any Privacy Law; and (b) it is not aware of any specific events rendering any of the foregoing reasonably likely to occur.
Appears in 3 contracts
Sources: Underwriting Agreement (Akero Therapeutics, Inc.), Underwriting Agreement (Akero Therapeutics, Inc.), Underwriting Agreement (Akero Therapeutics, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse EffectEffect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company and its subsidiaries are, and since the Company’s inception have been, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply in all material respects with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements. Neither Except as could not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, neither the Company nor any subsidiaryof its subsidiaries: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 3 contracts
Sources: Underwriting Agreement (Healthequity, Inc.), Underwriting Agreement (Healthequity, Inc.), Underwriting Agreement (Healthequity, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and each of its subsidiaries are, and since the Company’s inception have beenat all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including including, without limitation limitation, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), the California Consumer Privacy Act of 2018 (“CCPA”), and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by the GDPR; (v) “personal information” as defined by the CCPA; and (ivvi) any other piece of information that allows allows, directly or indirectly, the identification of such natural person, or his or her familyfamily or household, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and each of its subsidiaries have at all times has made all disclosures to users or customers individuals required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, ’s policies or notices relating to data privacy and security have been inaccurate or in violation of any applicable laws and regulatory rules or requirementsrequirements in any material respect. Neither the Company nor any subsidiary: of its subsidiaries (i) has have received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is are currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or and (iii) is are a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 3 contracts
Sources: Underwriting Agreement (Verve Therapeutics, Inc.), Underwriting Agreement (Verve Therapeutics, Inc.), Open Market Sale Agreement (Verve Therapeutics, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries arehave taken commercially reasonable actions to prepare to comply with the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) and all other applicable laws and regulations with respect to Personal Data (defined below) that have been announced as of the date hereof as becoming effective within 12 months after the date hereof, and since the Company’s inception have been, in for which any non-compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) same would be reasonably likely to create a material liability (collectively, the “Privacy Laws”). To ensure the Company’s knowledge, since May 25, 2018, the Company and its subsidiaries have been and currently are in material compliance with the GDPR. To support material compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply withtaken, and take appropriate currently take, commercially reasonable steps reasonably designed to ensure compliance in all material respects with their policies and procedures Privacy Laws relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (that the “Policies”)Company has collected, and collects, or is in the Company’s possession. “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information “personal data” as defined by HIPAA; GDPR, and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries since inception have at all times made all disclosures to users or customers required by applicable laws and regulatory rules Privacy Laws, except where the failure to do so would not, individually or requirementsin the aggregate, and none have a Material Adverse Effect. None of such disclosures made or contained in any Policy havehave been inaccurate, to the knowledge of the Companymisleading, been inaccurate deceptive or in violation of any applicable laws Privacy Laws in any material respect. The execution, delivery and regulatory rules performance of this Agreement or requirementsany other agreement referred to in this Agreement will not result in a breach of violation of any Privacy Laws. Neither the The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law, except, in the case of (i), (ii), or (iii), where such violation, investigation, remediation, order, decree or agreement would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect.
Appears in 2 contracts
Sources: Underwriting Agreement (Ncino, Inc.), Underwriting Agreement (Ncino, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries are, and at all prior times since the Company’s inception have beenwere, in material compliance with all applicable state and federal data privacy and data security laws and regulations, including without limitation HIPAA, the Health Insurance Portability and Accountability Act of 1996 HITECH Act, the European Union General Data Protection Regulation (“HIPAAGDPR”) as amended by (EU 2016/679), and the Health Information Technology for Economic and Clinical Health California Consumer Privacy Act (“CCPA”) (and all other applicable laws and regulations with respect to Personal Data (defined below) that have been announced as of the “HITECH Act”date hereof as becoming effective within 12 months after the date hereof, and for which any non-compliance with same would be reasonably likely to create a material liability) (collectively, the “Privacy Laws”). To ensure support compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their with, policies and procedures relating to data privacy and data security and the collection, storage, use, disclosure, handling, and analysis of Personal Sensitive Data (the “Policies”). At all times since inception, the Company has provided accurate notice of its Policies then in effect to its customers, employees, third party vendors and representatives. Each of the Company Policies provides accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Company Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR, and (ivv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientationorientation that is not aggregated with the data of other individuals or otherwise irreversibly anonymized such that a natural person cannot be identified. Except as could not reasonably be expected to have “Sensitive Data” means any Personal Data or any sensitive, proprietary, or trade secret information of the Company or any such information of a Material Adverse Effect or as disclosed third party in the Registration Statement, possession of the Pricing Disclosure Package and the Prospectus, the Company. The Company and its subsidiaries since inception have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none have provided accurate notice of its Policies then in effect to its customers, employees, third party vendors and representatives. None of such disclosures made or contained in any Policy have, to the knowledge of the CompanyPolicies have been inaccurate, been inaccurate misleading, deceptive or in violation of any applicable laws Privacy Laws or Policies in any material respect. The execution, delivery and regulatory rules performance of this Agreement or requirementsany other agreement referred to in this Agreement will not result in a breach of violation of any Privacy Laws or Policies. Neither the The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 2 contracts
Sources: Underwriting Agreement (89bio, Inc.), Underwriting Agreement (89bio, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries are, and at all prior times since the Company’s inception have beenwere, in material compliance with all applicable state and federal data privacy and data security laws and regulations, including without limitation HIPAA, the Health Insurance Portability HITECH Act, and Accountability Act of 1996 the European Union General Data Protection Regulation (“HIPAAGDPR”) (EU 2016/679) (and all other applicable laws and regulations with respect to Personal Data (defined below) that have been announced as amended by of the Health Information Technology date hereof as becoming effective within 12 months after the date hereof, and for Economic and Clinical Health Act (the “HITECH Act”which any non-compliance with same would be reasonably likely to create a material liability) (collectively, the “Privacy Laws”). To ensure support compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their with, policies and procedures relating to data privacy and data security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). At all times since inception, the Company has provided accurate notice of its Policies then in effect to its customers, employees, third party vendors and representatives. Each of the Company Policies provides accurate and sufficient notice of the Company’s then-current privacy practices relating to its subject matter and such Company Policies do not contain any material omissions of the Company’s then-current privacy practices. “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR, and (ivv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientationorientation that is not aggregated with the data of other individuals or otherwise irreversibly anonymized such that a natural person cannot be identified. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries since inception have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none have provided accurate notice of its Policies then in effect to its customers, employees, third party vendors and representatives. None of such disclosures made or contained in any Policy have, to the knowledge of the CompanyPolicies have been inaccurate, been inaccurate misleading, deceptive or in violation of any applicable laws Privacy Laws or Policies in any material respect. The execution, delivery and regulatory rules performance of this Agreement or requirementsany other agreement referred to in this Agreement will not result in a breach of violation of any Privacy Laws or Policies. Neither the The Company further certifies that neither it nor any subsidiary: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 2 contracts
Sources: Underwriting Agreement (89bio, Inc.), Underwriting Agreement (89bio, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries areis, and since the Company’s its inception have has been, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have has in place, comply complies with, and take takes appropriate steps reasonably designed to ensure compliance in all material respects with their its, policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her familyfamily or household, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries have has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirementsrequirements in any material respect. Neither the The Company nor any subsidiaryfurther certifies that: (i) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) it is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or and (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 2 contracts
Sources: Sales Agreement (Passage BIO, Inc.), Underwriting Agreement (Passage BIO, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, Effect or as disclosed in the Pricing Disclosure Package Time of Sale Information and the ProspectusOffering Memorandum, the Company and its subsidiaries are, and since the Company’s inception have been, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply in all material respects with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package Time of Sale Information and the ProspectusOffering Memorandum, the Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements. Neither Except as could not reasonably be expected, individually or in the aggregate, to have a Material Adverse Effect, neither the Company nor any subsidiaryof its subsidiaries: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 2 contracts
Sources: Purchase Agreement (Healthequity, Inc.), Purchase Agreement (Healthequity, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries are, and since the Company’s inception have beenat all prior times were, in compliance in all material respects with all applicable state state, federal, and federal international data privacy and data security laws and regulations, including without limitation HIPAA and the Health Insurance Portability HITECH Act, and Accountability the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679); and the Company and its subsidiaries are currently or have taken commercially reasonable actions to prepare to comply with the California Consumer Protection Act of 1996 2018 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH ActCCPA”) (collectively, the “Privacy Laws”). To ensure address compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate commercially reasonable steps reasonably designed to ensure achieve compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis transfer of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”); (iv) “personal data” as defined by GDPR; and (ivv) any other piece of information that allows the identification of identifies such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the ProspectusAt all times, the Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws Privacy Laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirementsrequirements in any material respect. Neither the The Company further certifies that (a) neither it nor any subsidiarysubsidiary at any time: (i) has received receive written notice of any actual or potential liability liability, including, but not limited to security or data privacy breaches or other unauthorized or improper access to, use of, or destruction of its Personal Data owned or controlled by the Company or its subsidiaries, under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) other than pursuant to its ongoing compliance efforts in the ordinary course of business, is currently conducting conducting, subject to, or paying forpaying, in whole or in part, any material investigation, remediation, or other corrective action pursuant to resulting from the Company’s or its subsidiaries’ non-compliance with any Privacy Law; or (iii) is a party to any order, decree, settlement agreement, or agreement judgment from a governmental entity that imposes any obligation or liability under any Privacy Law; and (b) it is not aware of any specific events rendering any of the foregoing reasonably likely to occur.
Appears in 1 contract
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and each of its subsidiaries areis, and since the Company’s inception have beenat all prior times was, in material compliance with all applicable state and federal data privacy and security laws and regulations, including including, without limitation limitation, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), the California Consumer Privacy Act of 2018 (“CCPA”), and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by the GDPR; (v) “personal information” as defined by the CCPA; and (ivvi) any other piece of information that allows allows, directly or indirectly, the identification of such natural person, or his or her familyfamily or household, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and each of its subsidiaries have at all times has made all disclosures to users or customers individuals required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, have been inaccurate or in violation of any applicable laws and regulatory rules or requirementsrequirements in any material respect. Neither the Company nor any subsidiary: of its subsidiaries (i) has have received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is are currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or and (iii) is are a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Data Privacy and Security Laws. Except as could not reasonably be expected to would not, individually or in the aggregate, have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, (A) the Company and its subsidiaries are, and since at all times in the Company’s inception have beenpast five (5) years were, in compliance with all material respects with all applicable state state, federal and federal international data privacy and data security laws and regulations, including without limitation limitation, as applicable, HIPAA, the Health Insurance Portability HITECH Act, the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) and Accountability the California Consumer Privacy Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) 2018 (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, ; and (B) the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and with respect to the collection, storage, use, disclosure, handling, transfer and analysis of Personal Data (the “Policies”)Data. “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (ivv) any other piece of information that allows the identification of identifies such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to would not, individually or in the aggregate, have a Material Adverse Effect or as disclosed in the Registration StatementEffect, the Pricing Disclosure Package and the Prospectus, the Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements. Neither neither the Company nor any subsidiary: of its subsidiaries (iX) has have at any time in the past five (5) years received written notice of any actual or potential reasonably likely material liability under or relating to, or actual or potential violation of, any of the Company or its subsidiaries relating to any violation of any Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected including, but not limited to result in any such noticeliability relating to any security or data privacy breaches suffered by the Company or its subsidiaries or other unauthorized or improper access to, use of, or destruction of its Personal Data owned or controlled by the Company or its subsidiaries; (iiY) other than pursuant to its compliance efforts in the ordinary course of business, is currently conducting conducting, subject to, or paying for, in whole or in part, any material investigation, remediation, or other corrective action pursuant to resulting from the Company’s or its subsidiaries’ non-compliance with any Privacy Law; or (iiiZ) is has in the past five (5) years been a party to any order, decree, settlement agreement, or agreement judgment from a governmental entity that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Sources: Purchase Agreement (Medallia, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries areis, and since the Company’s inception have beenat all prior times was, in material compliance with all applicable state and federal data privacy and security laws and regulationsregulations in the United States, including including, without limitation the Health Insurance Portability and Accountability Act of 1996 (“limitation, HIPAA”) , as amended by the Health Information Technology for Economic and Clinical Health Act Act, and the Company has taken commercially reasonable actions to prepare to comply with, and have been and currently are in compliance with, the European Union General Data Protection Regulation (the “HITECH ActGDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have has in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (ivv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries have has at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirementsrequirements in any material respect. Neither the The Company nor any subsidiaryfurther certifies: (i) it has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse EffectEffect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company Company, Evolent Health and its the Company’s other subsidiaries are, and since the Company’s, Evolent Health’s or such Company subsidiary’s inception have been, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (, and collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company Company, Evolent Health and its subsidiaries the Company’s other subsidiaries, taken as a whole, have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration StatementThe Company, the Pricing Disclosure Package Evolent Health and the Prospectus, the Company and its Company’s other subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of no such disclosures made or contained in any Policy have, to the knowledge of the Company, have been inaccurate or in violation of any applicable laws and regulatory rules or requirements, except as could not reasonably be expected to result in a Material Adverse Effect. Neither None of the Company nor Company, Evolent Health or any subsidiaryof the Company’s other subsidiaries: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries areis, and since the Company’s its inception have been, has been in material compliance with all applicable state and state, federal or foreign data privacy and security laws and regulations, including including, without limitation limitation, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), the California Consumer Privacy Act of 2018 (“CCPA”), and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have has in place, comply complies with, and take takes appropriate steps reasonably designed to ensure compliance in all material respects with their its internal and external policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by the GDPR; (v) “personal information” as defined by the CCPA; and (ivvi) any other piece of information that allows the identification of such natural person, or his or her familyfamily or household, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries have has at all times made all disclosures to users or customers individuals required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate inaccurate, misleading, deceptive or in violation of any applicable laws and regulatory rules or requirementsrequirements in any material respect. Neither the The execution, delivery, and performance of this Agreement, will not result in a breach or violation of any Privacy Law or Policies. The Company nor any subsidiary: (i) has not received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or and (iii) is not a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries are, and since the Company’s inception have been, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (collectively, the “Privacy Laws”)) , except to the extent that any non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take commercially appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries have at all times made all disclosures to users or customers as required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirementsrequirements in any material respect. Neither the The Company further certifies that neither it nor any subsidiary: (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law, other than in the ordinary course; or (iii) is a party to any order, decree, or agreement with any Governmental Entity that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Sources: Open Market Sale Agreement (Eidos Therapeutics, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries are, and since at all times during the Company’s inception have beenpast three (3) years preceding the end of the most recent fiscal year were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) regulations (collectively, the “Privacy Laws”)) except where the noncompliance would not, individually or in the aggregate, have a Material Adverse Effect. To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply in material respects with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” for protection under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAAapplicable Privacy Laws; and (iviii) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirementsrequirements in any material respect. Neither the Company nor any subsidiary: (i) has received written notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries areis, and since the Company’s inception have at all prior times has been, in compliance in all material respects with all applicable state state, federal, and federal international data privacy and data security laws and regulations, including without limitation HIPAA and the Health Insurance Portability HITECH Act, and Accountability Act of 1996 the European Union General Data Protection Regulation (“HIPAAGDPR”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”EU 2016/679) (collectively, the “Privacy Laws”). To ensure address compliance with the Privacy LawsLaws to the extent applicable, the Company and its subsidiaries have has in place, comply complies with, and take appropriate takes commercially reasonable steps reasonably designed to ensure achieve compliance in all material respects with their its policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis transfer of Personal Data (the “Policies”)Data. “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”); (iv) “personal data” as defined by GDPR; and (ivv) any other piece of information that allows the identification of identifies such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the ProspectusAt all times, the Company and its subsidiaries have at all times has made all disclosures to users or customers required by applicable laws Privacy Laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirementsrequirements in any material respect. Neither the The Company further certifies that (a) neither it nor any subsidiarysubsidiary at any time: (i) has received written notice of any actual or potential liability liability, including, but not limited to security or data privacy breaches or other unauthorized or improper access to, use of, or destruction of its Personal Data owned or controlled by the Company, under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) other than pursuant to its ongoing compliance efforts in the ordinary course of business, is currently conducting conducting, subject to, or paying forpaying, in whole or in part, any material investigation, remediation, or other corrective action pursuant to resulting from the Company’s non-compliance with any Privacy Law; or (iii) is a party to any order, decree, settlement agreement, or agreement judgment from a governmental entity that imposes any obligation or liability under any Privacy Law; and (b) it is not aware of any specific events rendering any of the foregoing reasonably likely to occur. The Company is not a “covered entity” or “business associate” as such terms are defined under HIPAA.
Appears in 1 contract
Sources: Securities Purchase Agreement (Kura Oncology, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse EffectEffect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company and its subsidiaries Evolent Health are, and since the Company’s and Evolent Health’s inception have been, in compliance with all applicable state and federal data privacy and security laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”) (, and collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries Evolent Health have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; and (iv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its Evolent Health and their respective subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of no such disclosures made or contained in any Policy have, to the knowledge of the Company, have been inaccurate or in violation of any applicable laws and regulatory rules or requirements, except as could not reasonably be expected to result in a Material Adverse Effect. Neither the Company nor any subsidiaryEvolent Health: (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries are, and since the Company’s inception have beenat all prior times were, in compliance in all material respects with all applicable state state, federal and federal international data privacy, security and, with respect to data privacy and security security, consumer protection laws and regulations, including without limitation the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act Act, and since May 25, 2018, the European Union General Data Protection Regulation (the “HITECH ActGDPR”) (EU 2016/679) (collectively, the “Privacy Laws”), except to the extent that any non-compliance would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect. To ensure compliance with the Privacy LawsExcept as would not reasonably be expected to have a Material Adverse Effect, the Company and its subsidiaries (i) have in place, comply complies with, and take appropriate takes reasonable steps reasonably designed to ensure compliance in all material respects with their its policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”), and (ii) implement and maintain (I) information technology and equipment, computer systems, networks, software, websites, applications, and databases (collectively, “IT Systems”) commercially reasonable for the operation of the business of the Company as currently conducted and (II) commercially reasonable controls and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data within its operational control used in connection with its businesses. “Personal Data” means means, as applicable, (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by GDPR; and (ivv) any other piece of information that allows the identification of such natural person, or his or her family, or permits the collection or analysis of any data related relates to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirementsPrivacy Laws, and none of such disclosures made or contained in any Policy have, to the knowledge privacy policy of the Company, Company have been inaccurate or in violation of any applicable laws and regulatory rules Privacy Laws, except in each case as would not, individually or requirementsin the aggregate, reasonably be expected to have a Material Adverse Effect. Neither Except as would not, individually or in the aggregate, reasonably be expected to have a Material Adverse Effect, the Company nor any subsidiaryand its subsidiaries: (i) has have not received written notice of any actual or potential liability of the Company relating to, security or data privacy breaches or other unauthorized or improper access to, use of or destruction of its confidential information or Personal Data, or under or relating to, or to any actual or potential violation by the Company of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is are not currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action required by any governmental entity pursuant to any Privacy Law, other than in the ordinary course of business; or (iii) is are not a party to any order, decree, or agreement with any governmental entity that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Sources: Open Market Sale Agreement (Oric Pharmaceuticals, Inc.)
Data Privacy and Security Laws. Except as could not reasonably be expected to have a Material Adverse Effect, the Pricing Disclosure Package and the Prospectus, the The Company and its subsidiaries are, and since the Company’s inception have beenat all prior times were, in material compliance with all applicable state and federal data privacy and security laws and regulations, including including, without limitation limitation, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), the California Consumer Privacy Act of 2018 (“CCPA”), and the European Union General Data Protection Regulation (“GDPR”) (EU 2016/679) (collectively, the “Privacy Laws”). To ensure compliance with the Privacy Laws, the Company and its subsidiaries have in place, comply with, and take appropriate steps reasonably designed to ensure compliance in all material respects with their policies and procedures relating to data privacy and security and the collection, storage, use, disclosure, handling, and analysis of Personal Data (the “Policies”). “Personal Data” means (i) a natural person’s name, street address, telephone number, e-mail address, photograph, social security number or tax identification number, driver’s license number, passport number, credit card number, bank information, or customer or account number; (ii) any information which would qualify as “personally identifying information” under the Federal Trade Commission Act, as amended; (iii) Protected Health Information as defined by HIPAA; (iv) “personal data” as defined by the GDPR; (v) “personal information” as defined by the CCPA; and (ivvi) any other piece of information that allows allows, directly or indirectly, the identification of such natural person, or his or her familyfamily or household, or permits the collection or analysis of any data related to an identified person’s health or sexual orientation. Except as could not reasonably be expected to have a Material Adverse Effect or as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company and its subsidiaries have at all times made all disclosures to users or customers required by applicable laws and regulatory rules or requirements, and none of such disclosures made or contained in any Policy have, to the knowledge of the Company, been inaccurate or in violation of any applicable laws and regulatory rules or requirements. Neither the Company nor any subsidiary: of its subsidiaries (i) has received notice of any actual or potential liability under or relating to, or actual or potential violation of, any of the Privacy Laws, and has no knowledge of any event or condition that would reasonably be expected to result in any such notice; (ii) is currently conducting or paying for, in whole or in part, any investigation, remediation, or other corrective action pursuant to any Privacy Law; or and (iii) is a party to any order, decree, or agreement that imposes any obligation or liability under any Privacy Law.
Appears in 1 contract
Sources: Open Market Sale Agreement (Dyne Therapeutics, Inc.)