Regulatory Matters; Security Breaches Clause Samples

Regulatory Matters; Security Breaches. (a) The Companies are and for the past five years have been in material compliance with all applicable Law relating to information security and data privacy, including but not limited to the Gramm ▇▇▇▇▇ ▇▇▇▇▇▇ Act (“GLBA”) and the Health Insurance Portability and Accountability Act (“HIPAA”). Since January 1, 2005, there has been no material failure by any of the Companies or the Business to comply with the applicable bylaws, operating rules and identification standards manual of, and any other rules, regulations, manuals, service levels, standard and requirements, policies and procedures promulgated or issued by a Card Association, and any interpretations thereof by such Card Association, as the same may be amended from time to time, including those issued by (A) Visa, Inc. and its Subsidiaries and Affiliates, including the Visa Regional Operating Regulations, Latin America and Caribbean, (B) MasterCard Incorporated and its Affiliates, including those that are applicable to the Latin America and the Caribbean Region, (C) or any other applicable bankcard associations or networks, gateway services or other networks (including Visa’s Cardholder Information Security program, MasterCard’s Site Data Protection program and Discover Network’s Debit and Prepaid Operating Regulations) as may be in effect from time to time (collectively, “Network Rules”) that would adversely affect its membership or participation in the applicable network. Since January 1, 2005, there has been no material failure by any of the Companies or the Business to comply with the Payment Card Industry Data Security Standard (“PCI-DSS”). None of the Companies is subject to any Liabilities arising out of any actual or alleged violation of any applicable Law relating to information security and data privacy, the Network Rules or PCI-DSS. (b) The Companies and, in respect of the Business, Stockholder and its Affiliates have implemented, and are in material compliance with, commercially reasonable technical measures and organizational controls to assure the confidentiality, integrity and security of transactions executed through the computer systems of the Business and of all material confidential or proprietary data in any of the Companies’ possession or control and to assure that all material confidential or proprietary data is not processed in ways contradictory to applicable Law relating to information security and privacy. The Companies and, in respect of the Business, Stockholder and its Af...