GNPX 2017 Annual Report

55 • HIPAA, as amended by the Health Information Technology for Economic and Clinical Health Act of 2009, or HITECH, and their respective implementing regulations, which impose requirements on certain covered healthcare providers, health plans, and healthcare clearinghouses, as well as their respective business associates that perform services for them that involve the creation, use, maintenance or disclosure of, individually identifiable health information, relating to the privacy, security and transmission of individually identifiable health information without appropriate authorization; • the federal physician payment transparency requirements, sometimes referred to as the “Physician Payments Sunshine Act,” created under the Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act, collectively the Affordable Care Act, and its implementing regulations, which require certain manufacturers of drugs, devices, biologics and medical supplies for which payment is available under Medicare, Medicaid or the Children’s Health Insurance Program (with certain exceptions) to report annually to the United States Department of Health and Human Services information related to payments or other transfers of value made to physicians (defined to include doctors, dentists, optometrists, podiatrists and chiropractors) and teaching hospitals, as well as ownership and investment interests held by physicians and their immediate family members; • the U.S. Federal Food, Drug and Cosmetic Act, or FDCA, which prohibits, among other things, the adulteration or misbranding of drugs and medical devices; and • federal consumer protection and unfair competition laws, which broadly regulate marketplace activities and activities that potentially harm consumers. Additionally, we are subject to state and foreign equivalents of each of the healthcare laws described above, among others, some of which may be broader in scope and may apply regardless of the payor. It is not always possible to identify and deter employee misconduct, and the precautions we take to detect and prevent inappropriate conduct may not be effective in controlling unknown or unmanaged risks or losses or in protecting us from governmental investigations or other actions or lawsuits stemming from a failure to be in compliance with such laws or regulations. Efforts to ensure that our business arrangements will comply with applicable healthcare laws and regulations will involve substantial costs. It is possible that governmental and enforcement authorities will conclude that our business practices may not comply with current or future statutes, regulations or case law interpreting applicable fraud and abuse or other healthcare laws and regulations. If any such actions are instituted against us, and we are not successful in defending ourselves or asserting our rights, those actions could have a significant impact on our business, including the imposition of civil, criminal and administrative penalties, damages, disgorgement, monetary fines, possible exclusion from participation in Medicare, Medicaid and other federal healthcare programs, contractual damages, reputational harm, diminished profits and future earnings, and curtailment or restructuring of our operations, any of which could adversely affect our ability to operate our business and our results of operations. In addition, the approval and commercialization of any of our current and potential product candidates outside the United States will also likely subject us to foreign equivalents of the healthcare laws mentioned above, among other foreign laws. Coverage and reimbursement may be limited or unavailable in certain market segments for our current and potential product candidates, if approved, which could make it difficult for us to sell our current and potential product candidates profitably. The commercial success of any current or future product candidate will depend upon the degree of market acceptance by physicians, patients, insurance companies and other third party payors, and others in the medical community. Even if we obtain approval to commercialize our current and potential product candidates outside of the United States, a variety of risks associated with international operations could materially affect our business. Due to the novel nature of our technology, we face uncertainty related to pricing and reimbursement for our current and potential product candidates. The insurance coverage and reimbursement status of newly approved products is uncertain. Failure to obtain or maintain adequate coverage and reimbursement for new or current products could limit our ability to market those products and decrease our ability to generate revenue. If market opportunities for our current and potential product candidates are smaller than we believe they are, our revenues may be adversely affected and our business may suffer. Successful sales of our products, if our current and potential product candidates are approved, depend on the availability of coverage and adequate reimbursement from third-party payors. In addition, because our current and potential product candidates represent new approaches to the treatment of cancer, we cannot be sure that coverage and reimbursement will be available for, or accurately estimate the potential revenue from, our current and potential product candidates. Patients who are provided medical treatment for their conditions generally rely on third-party payors to reimburse all or part of the costs associated with their treatment. Coverage and adequate reimbursement from governmental healthcare programs, such as Medicare and Medicaid, and commercial payors are critical to new product acceptance.