Common use of Intellectual Property and Data Security Clause in Contracts

Intellectual Property and Data Security. (a) Section 5.13(a) of the Disclosure Schedules contains a complete and correct list of: (i) all trademarks (whether or not registered) and all domain names owned by SCAN Group and the SCAN Companies; and (ii) all other registered Intellectual Property owned by SCAN Group and the SCAN Companies. SCAN Group and the SCAN Companies own, free and clear of all liens or encumbrances, or have a valid right to use all Intellectual Property used in the SCAN Business as currently conducted or as currently proposed to be conducted. Each item of Intellectual Property owned or used by SCAN Group and the SCAN Companies immediately prior to the Closing Date will be available for use by SCAN Group and the SCAN Companies on identical terms and conditions immediately subsequent to the Closing Date. Except as set forth on Section 5.13(a) of the Disclosure Schedules, to the Knowledge of SCAN Group (i) no other Person (other than licensors, where applicable) has any rights to any of the Intellectual Property owned or used by SCAN Group or the SCAN Companies in the SCAN Business, and (ii) no other Person is infringing, violating or misappropriating any of the Intellectual Property that SCAN Group or the SCAN Companies own or have a valid right to use. (b) To the Knowledge of SCAN Group, none of the activities conducted by SCAN Group, the SCAN Companies or the SCAN Business, or proposed to be conducted by SCAN Group, the SCAN Companies or the SCAN Business, infringes, violates or constitutes a misappropriation of (or in the past infringed, violated or constituted a misappropriation of), any Intellectual Property of any other Person. To the Knowledge of SCAN Group, neither SCAN Group nor any SCAN Company has received any Claim alleging any such infringement, violation or misappropriation, and to the Knowledge of SCAN Group, there is no basis for any such Claim. (c) All IT Systems are in good working condition and are sufficient for the operation of the SCAN Business as currently conducted and are consistent with the standards prevalent in SCAN Group’s industry. In the past six (6) years, there has been no malfunction, failure, continued substandard performance, denial-of-service, or other cyber incident, including any cyberattack, or other impairment of the IT Systems that has resulted or is reasonably likely to result in disruption or damage to the SCAN Business and that has not been remedied. SCAN Group has taken all commercially reasonable steps to safeguard the confidentiality, availability, security, and integrity of the IT Systems, including implementing and maintaining appropriate backup, disaster recovery, and software and hardware support arrangements. (d) In the past six (6) years, SCAN Group and each SCAN Company has complied in all material respects with all applicable Laws and all publicly posted policies, notices, and statements concerning the collection, use, processing, storage, transfer, and security of personal information in the conduct of the SCAN Business. In the past six (6) years, SCAN Group and each SCAN Company has not (i) experienced any actual, alleged, or suspected data breach or other security incident involving personal information in its possession or control or (ii) been subject to or received any written notice of any audit, investigation, complaint, or other Action by any Governmental Entity or other Person concerning SCAN Group’s or any SCAN Company’s collection, use, processing, storage, transfer, or protection of personal information or actual, alleged, or suspected violation of any applicable Law concerning privacy, data security, or data breach notification, and to the Knowledge of SCAN Group, there are no facts or circumstances that could reasonably be expected to give rise to any such Action. (e) Except as set forth in Section 5.13(e) of the Disclosure Schedules, in the past six (6) years, SCAN Group and each SCAN Company have not experienced a reportable breach of protected health information (as such term is defined by HIPAA). None of SCAN Group nor any SCAN Company has materially failed to comply with the privacy, security, and breach notification requirements under HIPAA or any similar applicable Law protecting patient information. Except as set forth in Section 5.13(e) of the Disclosure Schedules, none of SCAN Group nor any SCAN Company is subject to or has received any written notice of audit, investigation, complaint or any other Action by any Governmental Entity with respect to any violation or alleged violation of HIPAA or similar applicable Law protecting patient information, and to the Knowledge of SCAN Group, there are no facts or circumstances that could reasonably be expected to give rise to such Action.

Intellectual Property and Data Security. (a) Section 5.13(aSchedule 4.10(a) of the Disclosure Schedules contains a complete and correct list of: sets forth all (i) all trademarks (whether or not registered) and all domain names owned by SCAN Group and the SCAN CompaniesRegistered Intellectual Property; and (ii) all other registered material unregistered Owned Intellectual Property owned (including any material common law trademarks and Software). All Registered Intellectual Property has been maintained by SCAN the Company Group and by the SCAN Companies. SCAN Group and the SCAN Companies own, free and clear filing of all liens or encumbrancesnecessary filings, or have a valid right to use all Intellectual Property used in the SCAN Business as currently conducted or as currently proposed to be conducted. Each item maintenance, and renewals, and timely payment of Intellectual Property owned or used by SCAN Group and the SCAN Companies immediately prior to the Closing Date will be available for use by SCAN Group and the SCAN Companies on identical terms and conditions immediately subsequent to the Closing Daterequisite fees. Except as set forth on Section 5.13(a) Schedule 4.10(a), each member of the Disclosure SchedulesCompany Group owns and possesses all right, to the Knowledge of SCAN Group (i) no other Person (other than licensorstitle and interest in and to, where applicable) or has any rights to any of the Intellectual Property owned or used by SCAN Group or the SCAN Companies in the SCAN Business, and (ii) no other Person is infringing, violating or misappropriating any of the Intellectual Property that SCAN Group or the SCAN Companies own or have a valid and enforceable license or other right to use, all Company Intellectual Property. (b) All Owned Intellectual Property is valid, subsisting, and enforceable. Except as disclosed in Schedule 4.10(b), there are no proceedings, investigations, or Orders pending or threatened in writing against a member of the Company Group which challenges the validity, enforceability, scope of, or ownership of or right to use any Owned Intellectual Property (including any opposition, cancellation, interferences, inter partes review, or re-examination). The Company Group has not, nor has the use of any of their products or services, violated, infringed, or misappropriated, nor is the Company Group currently violating, infringing, or misappropriating the Intellectual Property rights of any Person. To the Knowledge Company’s Knowledge, no Person has violated, infringed, misappropriated, nor is any Person currently violating, infringing, or misappropriating any Owned Intellectual Property. No claim has been asserted or threatened in writing that any member of SCAN the Company Group, none of the activities conducted by SCAN Group, the SCAN Companies or the SCAN Businessuse of any of their respective products or services, has infringed, misappropriated, or proposed violated the Intellectual Property of any Person (including any invitation to be conducted by SCAN Group, the SCAN Companies license or the SCAN Business, infringes, violates request or constitutes a misappropriation of (or in the past infringed, violated or constituted a misappropriation of), demand to refrain from using any Intellectual Property of any other Personthird party). To No member of the Knowledge of SCAN Group, neither SCAN Company Group nor has brought any SCAN Company has received claim or sent any Claim notice alleging any such infringement, misappropriation or violation or misappropriation, and of Intellectual Property to the Knowledge of SCAN Group, there is no basis for any such ClaimPerson. (c) All IT Owned Software (i) materially conforms to all specifications, representations and warranties provided by the Company Group or conveyed thereby to their customers or other transferees, (ii) is operative for its intended purpose and is free of any Malicious Code, and (iii) has been maintained by the Company Group on its own behalf or on behalf of its customers and other transferees to its reasonable satisfaction and in accordance with its contractual obligations to customers and industry standards. There are no programming defects, errors or bugs in such Owned Software that are outside the scope of programming defects, errors and bugs typically corrected in the ordinary course of Software maintenance procedures and programs or that, if such defects, errors or bugs were not corrected, would materially and adversely affect the functionality thereof. (d) The Company Group has not received any written notice, request for indemnification or threat from any Person related to infringement or misappropriation of the Intellectual Property rights of any Person. (e) The Company Group owns, leases, licenses, or otherwise has the legal right to use all Business Systems. The Business Systems are in good working condition all material respects operational and fulfill the material purposes for which they were acquired or developed. Except as set forth on Schedule 4.10(e), since the Reference Date, there has not been any material failure or Security Breach with respect to any of the Business Systems owned or controlled by the Company Group that has not been remedied or replaced, as appropriate, in all respects (including with respect to any necessary notice made to Governmental Bodies, or other actions as required under applicable Data Security Requirements). Except as set forth on Schedule 4.10(e), since the Reference Date, to the Knowledge of the Company, there has not been any material failure or Security Breach with respect to any of the Business Systems owned and controlled by third parties that has not been remedied or replaced, as appropriate, in all respects (including, to the Company’s Knowledge, with respect to any necessary notice made to Governmental Bodies, or other actions as required under applicable Data Security Requirements). All Business Systems are reasonably sufficient for the operation immediate needs of each member of the SCAN Company Group, including as to capacity and ability to process current and anticipated peak volumes in a timely manner, and each member of the Company Group will continue to have the legal rights to the Business Systems immediately after the Closing to the same extent as currently conducted and are consistent with prior to the standards prevalent Closing. To the Company’s Knowledge, the Business Systems owned or controlled by the Company Group do not contain any Malicious Code. To the Knowledge of the Company, the Business Systems (excluding Owned Software, which is addressed in SCAN Group’s industrySection 4.10(c)) do not contain any Malicious Code. In Except as set forth on Schedule 4.10(e), since the past six (6) yearsReference Date, there has been no malfunction, failure, continued substandard performance, denial-of-service, failure or other cyber incident, including substandard performance of or any cyberattack, or other impairment security incident involving any Business System that has caused a material disruption to the Company Group. Each member of the IT Systems that has resulted or is reasonably likely to result in disruption or damage to the SCAN Business and that has not been remedied. SCAN Company Group has taken all maintains commercially reasonable steps to safeguard the confidentiality, availability, security, backup and integrity of the IT Systems, including implementing and maintaining appropriate backupdata recovery, disaster recovery, and software business continuity plans, procedures, and hardware support arrangementsfacilities, and such plans, procedures and facilities are sufficient to protect the security, confidentiality, integrity and availability of its Business Systems and all Protected Data it Processes and are consistent with all Data Security Requirements and written contractual commitments made by the member of the Company Group. Each member of the Company Group tests such plans and procedures on a regular basis, and such testing has not revealed any material defects or deficiencies in such plans and procedures. Each member of the Company Group is not in breach of any of its Contracts relating to Business Systems. Since the Reference Date, no member of the Company Group has cooperated with an audit of any kind in connection with any Contract pursuant to which they use any third-party Business System, nor has any such member received any notice of intent to conduct any such audit. (df) In Except as set forth on Schedule 4.10(f), each member of the past six (6) years, SCAN Company Group and each SCAN Company has complied is in compliance in all material respects with all Data Security Requirements. Each member of the Company Group that is a business associate under HIPAA (or otherwise has access to, or uses or discloses any Personal Information) has (to the extent required under applicable Laws Data Security Requirements and all publicly posted material contractual commitments made by any member of the Company Group): adopted written policies, and procedures, and reasonable and appropriate organizational, physical, administrative and technical safeguards of Business Systems and Protected Data, in material compliance with applicable Data Security Requirements; provided training to applicable members of their workforce reasonably designed to ensure material compliance with such policies and procedures; and has acted in compliance with such notices, and statements concerning the collection, use, processing, storage, transferpolicies, and security of personal information in procedures. Except as set forth on Schedule 4.10(f), since the conduct Reference Date, each such member of the SCAN Business. In Company Group who is a business associate or covered entity under HIPAA has completed a security “risk analysis” (as required by 45 C.F.R. § 164.308(a)(1)(ii)(A)), and the past six (6) yearsCompany Group has not, SCAN and, to the Company’s Knowledge, no third party that Processes Protected Data for or on behalf of the Company Group and each SCAN Company has not (i) has, experienced any actualSecurity Breaches. Except as set forth on Schedule 4.10(f), allegedno member of the Company Group has notified, or suspected data breach has been required by any Data Security Requirement to notify (i.e., assuming such member has the requisite knowledge of a Security Breach to be required to notify under such Data Security Requirement), any Person of any Security Breach. No member of the Company Group has, and, to the Company’s Knowledge, no third party that Processes Protected Data for or other security incident involving personal information in its possession or control or (ii) been subject to or on behalf of any member of the Company Group has, received any written notices or complaints from any Person (including any Governmental Body) regarding a Security Breach (regardless of materiality) or material noncompliance with Data Security Requirements. (g) None of the Company Group members have received any notice of any auditclaims, investigation, complaintinvestigations (including investigations by a Governmental Body), or other Action alleged violations of Data Security Requirements, with respect to Personal Information possessed by any Governmental Entity or other Person concerning SCAN member of the Company Group’s or any SCAN Company’s collection. There have been no investigations by or, use, processing, storage, transfer, or protection of personal information or actual, alleged, or suspected violation of any applicable Law concerning privacy, data security, or data breach notification, and to the Knowledge of SCAN the Company, complaints to the U.S. Department of Health and Human Services, Office for Civil Rights with respect to HIPAA compliance by the Company Group or, to the Company’s Knowledge, the third parties that Process Protected Data for or on behalf of the Company Group. Except as otherwise disclosed on Schedule 4.10(g), there are have been no facts or circumstances that could reasonably be expected investigations by or, to give rise the Knowledge of the Company, complaints to any such Actionstate authorities with respect to the Company Group’s HIPAA compliance. (eh) Except as set forth in Section 5.13(e) on Schedule 4.10(h), each member of the Disclosure SchedulesCompany Group has maintained and currently maintains commercially reasonable practices to protect the confidentiality of any Trade Secrets disclosed to, owned or possessed by them and has not disclosed any of the foregoing to any Person other than pursuant to appropriate agreements that require such Trade Secrets to be kept confidential. Each member of the Company Group is not in the past six (6) years, SCAN Group and each SCAN Company have not experienced a reportable breach of protected health information (as such term is defined by HIPAA). None of SCAN Group nor any SCAN Company has materially failed to comply with the privacy, securityof, and breach notification requirements under HIPAA has not breached, any obligations or undertakings of confidentiality which they owe or have owed to any similar applicable Law protecting patient informationPerson. Except as set forth in Section 5.13(eon Schedule 4.10(h), all Persons (including current and former employees, contractors and consultants) who developed or otherwise created any Intellectual Property for any member of the Company Group have executed written agreements (i) providing for the non-disclosure by such Person of any Trade Secrets, and (ii) providing for the assignment (by way of a present tense grant of assignment) by such Person to the member of the Company Group of such Intellectual Property arising out of such Person’s employment or engagement with the member of the Company Group. (i) The Company Group has entered into, and maintains current and valid Contracts as required by HIPAA and 42 C.F.R. Part 2 with (1) all entities that qualify as “covered entities,” “business associates” or “subcontractors” as these terms are defined by HIPAA, for whom the Company Group provides functions or activities that render the Company Group a (a) business associate (as defined at 45 C.F.R. § 160.103), or (b) subcontractor (as defined at 45 C.F.R. § 160.103), (including with respect to other members of the Company Group); (2) subcontractors (as defined at 45 C.F.R. § 160.103) of the Disclosure SchedulesCompany Group; and (3) “qualified service organizations” as this term is defined by 42 C.F.R. Part 2. Company Group has delivered to Buyer true, none correct and complete copies of SCAN all such Contracts. Company Group nor has not breached any SCAN such Contracts or received notice of any a subcontractor’s breach of any such Contract. (j) The execution, delivery, or performance of this Agreement will not affect the Company Group’s rights relating to their Processing of Protected Data in connection with the business of the Company Group as currently conducted or violate any Data Security Requirements. The Company Group has implemented reasonable physical, technical and administrative safeguards that are reasonably designed to protect Protected Data from unauthorized access by any Person. (k) The consummation of the transactions contemplated hereby will not result in the loss or impairment of any member of the Company Group’s right to own or use the Company Intellectual Property. (l) No member of the Company Group’s Business Systems or any product or service of any member of the Company Group is subject to any IP Contract or has received other Contract that requires a member of the Company Group to divulge to any written notice Person any source code that is part of audit, investigation, complaint such Business Systems or any other Action of the products or services of any Company Group member, including any source code escrow agreements. None of the Owned Intellectual Property is used in a manner that would require any portion of the Owned Intellectual Property to be (i) disclosed, delivered, distributed, licensed or otherwise made available in source code form, (ii) limits any Company Group member’s freedom to seek full compensation in connection with the marketing, licensing or distribution of any of the products or services of any Company Group member, or (iii) allows a third party to decompile, disassemble or otherwise reverse engineer any Owned Intellectual Property. (m) Except as would not be material to the Company Group taken as a whole, for each item of proprietary Software owned or purported to be owned by any Governmental Entity with respect the Company Group, (i) the Company Group has in its possession its source code that will be accessible by their employees, (ii) it has been documented as reasonably necessary to any violation or alleged violation of HIPAA or similar applicable Law protecting patient informationenable competently skilled programmers and engineers to use, update, and enhance the Software by using the existing source code and documentation, and (iii) the Company Group has the right to the Knowledge of SCAN Groupuse all software development tools, there are no facts or circumstances library functions, compilers and other Software that could reasonably be expected is required to give rise to such Actionoperate, modify, distribute and support said Software.

Intellectual Property and Data Security. (a) Section 5.13(aSchedule 3.11(a) of the Parent Disclosure Schedules contains a complete and correct list ofLetter sets forth: as of the date hereof, (i) all trademarks Group Company Registered Intellectual Property, specifying as to each item, as applicable: (whether A) the title of the item, (B) the owner of the item, (C) the jurisdictions in which the item is issued or not registeredregistered or in which an application for issuance or registration has been filed and (D) the issuance, registration or application numbers and dates (if applicable). Schedule 3.11(a) of the Parent Disclosure Letter sets forth all domain names owned by SCAN Intellectual Property licenses, sublicenses and other agreements or permissions that are material to the Group Companies’ main businesses as currently conducted (“Group Company IP Licenses”) (other than (i) “shrink wrap,” “click wrap,” and “off the SCAN Companies; shelf” software agreements and other agreements for Software commercially available to the public generally (collectively, “Off-the-Shelf Software”) and (ii) all licenses, sublicenses and other registered agreements for any Group Company to use Intellectual Property owned by SCAN any third party specified in commercial agreements entered into in the Ordinary Course of Business of the Group Companies), under which a Group Company is a licensee or otherwise is authorized to use or practice any material Intellectual Property. Each item of Registered Intellectual Property that is (i) necessary and material for the SCAN CompaniesGroup Company’s material business or operations as conducted as of the Closing (the “Group Company Business”) and (ii) owned by any Group Company (“Group Company Registered Intellectual Property”) is subsisting. SCAN Each Group and the SCAN Companies ownCompany owns, free and clear of all liens Liens (other than Permitted Liens) all Group Company Registered Intellectual Property, and where applicable, all assignments have been duly recorded with any governmental agencies or encumbrances, or have other Intellectual Property offices reflecting the correct ownership of such Group Company Registered Intellectual Property in the applicable Group Company name(s). Each Group Company has a valid right and enforceable license to use all material Intellectual Property used in that is the SCAN Business subject of the Group Company IP Licenses applicable to such Group Company. To the Knowledge of the Parent, the Group Company IP Licenses include all of the licenses, sublicenses and other agreements or permissions for material Intellectual Property necessary to operate the Group Companies as currently conducted or as currently proposed to be presently conducted. Each item Group Company has performed all material obligations imposed on it in the applicable Group Company IP Licenses, and such Group Company is not in material breach or material default thereunder in any material respect by any Group Company thereunder. (b) As of the date hereof, no Group Company is currently infringing, or has, in the past five (5) years received any written notice that the conduct of the Group Company Business violates or infringes any Intellectual Property owned or used by SCAN Group and the SCAN Companies immediately prior to the Closing Date will be available for use by SCAN Group and the SCAN Companies on identical terms and conditions immediately subsequent to the Closing Date. Except as set forth on Section 5.13(a) rights of the Disclosure Schedulesany other Person, nor, to the Knowledge of SCAN Parent, does the conduct of Group (i) no other Person (other than licensors, where applicable) has Company Business violate or infringe any rights to any of the Intellectual Property owned or used by SCAN Group or the SCAN Companies in the SCAN Business, valid and (ii) no other Person is infringing, violating or misappropriating any of the Intellectual Property that SCAN Group or the SCAN Companies own or have a valid right to use. (b) To the Knowledge of SCAN Group, none of the activities conducted by SCAN Group, the SCAN Companies or the SCAN Business, or proposed to be conducted by SCAN Group, the SCAN Companies or the SCAN Business, infringes, violates or constitutes a misappropriation of (or in the past infringed, violated or constituted a misappropriation of), any enforceable Registered Intellectual Property of any other Person. To the Knowledge of SCAN GroupParent, neither SCAN no third party is infringing, in any material respect, any of the Group nor any SCAN Company has received any Claim alleging any such infringementRegistered Intellectual Property. No Legal Proceeding is pending, violation or misappropriationand, and to the Knowledge Parent’s Knowledge, no Legal Proceeding is threatened against a Group Company that challenges the validity, enforceability, ownership, or right to use, sell, license or sublicense any material Intellectual Property currently owned, licensed, used or held for use by the Group Companies for the Group Company Business. There are no Orders to which any Group Company is a party, or is otherwise materially affected thereby, that restrict the rights of SCAN Groupa Group Company to use, there is no basis for transfer, license or enforce any such Claimmaterial Intellectual Property owned by a Group Company or restrict the conduct of the Group Company Business in any material respects. (c) All IT Systems are in good working condition and are sufficient for the operation Each of the SCAN Business as currently conducted and are consistent with employees, consultants or contractors of the standards prevalent Group Companies who have contributed to or participated in SCAN Group’s industry. In the past six discovery, creation or development of any material Group Company Registered Intellectual Property (6“Personnel”) years, there (i) has been no malfunction, failure, continued substandard performance, denial-of-serviceassigned to Parent, or other cyber incidentis under a valid obligation to assign to the Group Companies by contract or otherwise, including any cyberattackall right, title and interest in such Intellectual Property, or other impairment (ii) is a party to a valid “work for hire” agreement under which the Group Companies are deemed to be the original author/owner of all subject matter included in such Group Company Registered Intellectual Property; or (iii) to the extent the Personnel do not have the ability to take any of the IT Systems that actions described in the foregoing clauses (i) or (ii), has resulted or is reasonably likely to result in disruption or damage granted to the SCAN Business and that has not been remedied. SCAN Group has taken all commercially reasonable steps Companies a license or other legally enforceable right granting the Group Companies to safeguard the confidentiality, availability, security, and integrity of the IT Systems, including implementing and maintaining appropriate backup, disaster recovery, and software and hardware support arrangementsuse such Group Company Registered Intellectual Property. (d) In The Group Companies have taken commercially reasonable measures to maintain and protect the past six secrecy, confidentiality and value of the Trade Secrets of Group Company Business. To the Knowledge of the Parent, no unauthorized disclosure of any such Trade Secret has been made as of the date hereof. The Group Companies have taken commercially reasonable efforts to maintain, protect and enforce the Intellectual Property owned or licensed by them. (6e) yearsSubject to any necessary notices and consents, SCAN the execution and delivery of this Agreement and the consummation of the transactions contemplated hereby and thereby shall not result in the forfeiture, cancellation, termination or other material impairment of, or give rise to any right of any Person to cancel, terminate or otherwise impair the right of the Group and each SCAN Companies to own or use or otherwise exercise any other rights that the Group Companies currently have with respect to any Intellectual Property that is, individually or in the aggregate, material to the Group Companies. (f) The Group Company has complied Registered Intellectual Property is sufficient for the Group Companies to carry on the business in all material respects from and after the Effective Date as presently carried on by the Group Companies, consistent with past practice. After the Effective time, the Group Companies shall continue to have the right to use all applicable Laws Group Company IP Licenses on identical terms and all publicly posted policiesconditions as the Group Companies enjoyed immediately prior to the Closing. To the Knowledge of the Parent, noticesno funding, facilities, material, information, Intellectual Property or personnel of a university, college, other educational institution or research center or Governmental Entity were used, directly or indirectly, in the development or commercialization, in whole or in part, of any Group Company Registered Intellectual Property and no such entity has any right, title or interest in or to any Group Company Registered Intellectual Property. (g) To the Knowledge of the Parent, each of the Group Companies, and statements concerning any Processor, to the collectionextent that such Processor was Processing Personal Information on behalf of any Group Company, use, processing, storage, transfer, and security of personal information in the conduct of the SCAN Business. In has at all times during the past six two (62) years, SCAN Group and each SCAN Company has not years materially complied with: (i) experienced any actual, alleged, or suspected data breach or other security incident involving personal information in its possession or control or all applicable Privacy Laws; and (ii) been subject all of the Group Companies’ obligations regarding Personal Information under any contracts; in each case other than any non-compliance that, individually or in the aggregate, would not reasonably be expected to or have a Parent Material Adverse Effect. To the Knowledge of the Parent, none of the Group Companies has received in the two (2) years prior to the date of this Agreement any written notice of any auditinvestigations or claims relating to, or been charged with, any violation of, any Privacy Laws, other than any such investigation, complaintclaims or charges that, individually or other Action by any Governmental Entity or other Person concerning SCAN Group’s or any SCAN Company’s collectionin the aggregate, use, processing, storage, transfer, or protection of personal information or actual, alleged, or suspected violation of any applicable Law concerning privacy, data security, or data breach notification, and to the Knowledge of SCAN Group, there are no facts or circumstances that could would not reasonably be expected to give rise to any such Action. (e) Except as set forth in Section 5.13(e) have a Material Adverse Effect. To the Knowledge of the Disclosure SchedulesParent, each of the Group Companies has implemented and maintained commercially reasonable business continuity and security, including back-ups, disaster recovery and security plans, procedures and facilities, regarding the confidentiality, integrity and availability of Parent IT Systems and Personal Information, in its possession, custody, or under its control, including against loss, theft, misuse or unauthorized Processing, access, use, modification or disclosure. To the Knowledge of the Parent during the past six two (62) years, SCAN (i) there have been no material breaches, security incidents, misuse of, or unauthorized Processing of, access to, or disclosure of, any Personal Information in the possession, custody, or control of any of the Group and each SCAN Company Companies, Processed by the Group Companies (each, a “Personal Information Breach”); (ii) none of the Group Companies have not experienced a reportable breach of protected health any material information (as such term is defined by HIPAA). None of SCAN Group nor any SCAN Company security incident that has materially failed to comply with compromised the privacy, security, and breach notification requirements under HIPAA integrity or any similar applicable Law protecting patient information. Except as set forth in Section 5.13(e) availability of the Disclosure Schedules, Parent IT Systems or the data thereon; and (iii) none of SCAN the Group nor Companies have provided or been legally required to provide any SCAN Company is subject to or has received any written notice of audit, investigation, complaint or any other Action by any Governmental Entity with respect notices to any violation Person in connection with any Personal Information Breach; in each case, other than any Personal Information Breaches that, individually or alleged violation of HIPAA or similar applicable Law protecting patient informationin the aggregate, and to the Knowledge of SCAN Group, there are no facts or circumstances that could would not reasonably be expected to give rise to such Actionhave a Material Adverse Effect.