Delcath Systems (DCTH) Risk Factors

HEPZATO is now approved for the treatment of adult patients with unresectable hepatic-dominant metastatic uveal melanoma. The approval was based primarily on the results of the FOCUS Trial, a Phase 3, single arm, multicenter, open label study. We plan to begin the study of HEPZATO for other indications in the future and failure can occur at any stage of development, for many reasons, including: - any pre-clinical or clinical test may fail to produce results satisfactory to the FDA or foreign regulatory authorities;- we may not be able to establish and maintain the supply of necessary components, including melphalan, bulk drug substances and drug products to maintain sufficient supply to conduct such clinical studies;- pre-clinical or clinical data can be interpreted in different ways, which could delay, limit or prevent regulatory approval;- negative or inconclusive results from a pre-clinical study or clinical trial or adverse medical events during a clinical trial could cause a pre-clinical study or clinical trial to be repeated or a program to be terminated, even if other studies or trials relating to the program are successful;- the FDA or foreign regulatory authorities can place a clinical hold on a trial if, among other reasons, it finds that patients enrolled in the trial are or would be exposed to an unreasonable and significant risk of illness or injury;- we may encounter delays or rejections based on changes in regulatory agency policies during the period in which we are developing a system, or the period required for review of any application for regulatory agency approval;- enrollment in any additional clinical trials may proceed more slowly than expected; and - the FDA or a foreign regulatory authority may change its approval policies or adopt new regulations that may negatively affect or delay our ability to bring a product to market or require additional clinical trials; The failure or delay of clinical trials could cause an increase in the cost of product development, delay filing of an NDA for marketing approval or cause us to cease the development of HEPZATO for other indications. If we are unable to develop HEPZATO for other indications, the future growth of our business could be negatively impacted.

In addition to patent and trademark protection, we also rely on trade secrets, including unpatented know-how, technology, and other proprietary information, to maintain our competitive position. Unlike patents, trade secrets are only recognized under applicable law if they are kept secret by restricting their disclosure to third parties. We protect our trade secrets and proprietary knowledge in part through confidentiality agreements with employees, consultants and other parties. However, certain consultants and third parties with whom we have business relationships, and to whom in some cases we have disclosed trade secrets and other proprietary knowledge, may also provide services to other parties in the medical device/pharmaceutical industry, including companies, universities and research organizations that are developing competing products. In addition, some of our former employees who were exposed to certain of our trade secrets and other proprietary knowledge in the course of their employment may seek employment with, and become employed by, our competitors. We cannot be assured that consultants, employees and other third parties with whom we have entered into confidentiality agreements will not breach the terms of such agreements by improperly using or disclosing our trade secrets or other proprietary knowledge. Monitoring unauthorized uses and disclosures of our intellectual property is difficult, and we do not know whether the steps we have taken to protect our intellectual property will be effective. In addition, we may not be able to obtain adequate remedies for any such breaches. Enforcing a claim that a party illegally disclosed or misappropriated a trade secret is difficult, expensive and time-consuming, and the outcome is unpredictable. In addition, some courts inside and outside the United States are less willing or unwilling to protect trade secrets. Trade secret protection does not prevent independent discovery of the technology or proprietary information or use of the same. Competitors may independently duplicate or exceed our technology in whole or in part. If any of our trade secrets were to be lawfully obtained or independently developed by a competitor, we would have no right to prevent them, or those to whom they communicate it, from using that technology or information to compete with us in countries where we do not have patent protection. Similar considerations apply in foreign countries where we receive approval and do not have issued patents for the current version of CHEMOSAT and HEPZATO. In these countries, our ability to successfully commercialize CHEMOSAT and HEPZATO will depend on our ability to maintain trade secret protection in these markets.

We rely on our trademarks as one means to distinguish for our customers our products from the products of our competitors, and we have registered or applied to register many of these trademarks. The USPTO or foreign trademark offices may deny our trademark applications, however, and even if published or registered, these trademarks may be ineffective in protecting our brand and goodwill and may be successfully opposed or challenged. Third parties may oppose our trademark applications, or otherwise challenge our use of our trademarks. In addition, third parties may use marks that are confusingly similar to our own, which could result in confusion or a likelihood of confusion among our customers, thereby weakening the strength of our brand or allowing such third parties to capitalize on our goodwill. In such an event, or if our trademarks are successfully challenged, we could be forced to rebrand our product, which could result in loss of brand recognition and could require us to devote resources to advertising and marketing new brands. Our competitors may infringe our trademarks and we may not have adequate resources to enforce our trademark rights in the face of any such infringement.

Patent reform legislation may pass in the future that could lead to additional uncertainties and increased costs surrounding the prosecution, enforcement, and defense of our patents and applications. Furthermore, the U.S. Supreme Court and the U.S. Court of Appeals for the Federal Circuit have made, and will likely continue to make, changes in how the patent laws of the United States are interpreted. Similarly, foreign courts have made, and will likely continue to make, changes in how the patent laws in their respective jurisdictions are interpreted. We cannot predict future changes in the interpretation of patent laws or changes to patent laws that might be enacted into law by United States and foreign legislative bodies. Those changes may materially affect our patents or patent applications and our ability to obtain and enforce or defend additional patent protection in the future.

Competitors may infringe our patents or misappropriate or otherwise violate our intellectual property rights. To stop any such infringement or unauthorized use, litigation may be necessary. Our intellectual property has not been tested in litigation. There is no assurance that any of our issued patents will be upheld if later challenged or will provide significant protection or commercial advantage. A court may declare our patents invalid or unenforceable, may refuse to stop the other party from using the technology at issue on the grounds that our patents do not cover the technology in question, or may interpret the claims of our patents narrowly, thereby substantially narrowing the scope of patent protection they afford. Because of the length of time and expense associated with bringing new medical drugs and devices to the market, the healthcare industry has traditionally placed considerable emphasis on patent and trade secret protection for significant new technologies. Other parties may challenge patents, patent claims or patent applications licensed or issued to us, or may design around technologies we have patented, licensed or developed. In addition, third parties may initiate legal or administrative proceedings against us to challenge the validity or scope of our intellectual property rights, such as inter partes review, post-grant review, re-examination or opposition proceedings before the USPTO, the European Patent Office or other foreign counterparts. Third parties may also allege an ownership right in our patents, as a result of their past employment or consultancy with us. Many of our current and potential competitors have the ability to dedicate substantially greater resources to defend their intellectual property rights than we can. Accordingly, despite our efforts, we may not be able to prevent third parties from infringing upon or misappropriating our intellectual property. Competing products may also be sold in other countries in which our patent coverage might not exist or be as strong. If we lose a foreign patent lawsuit, alleging our infringement of a competitor's patents, we could be prevented from marketing our product in one or more foreign countries. Our competitors or other patent holders may assert that our products and the methods employed in our products are covered by their patents. Although we have performed a search for third-party patents and believe we have adequate defenses available if faced with any allegations that we infringe these third-party patents, it is possible that CHEMOSAT and HEPZATO could be found to infringe these patents. It is also possible that our competitors or potential competitors may have patents, or have applied for, will apply for, or will obtain patents that will prevent, limit or interfere with our ability to make, have made, use, sell, offer for sale, import or export our product. If our products or methods are found to infringe, we could be prevented from manufacturing or marketing our product. Companies in the medical drug/device industry may use intellectual property infringement litigation to gain a competitive advantage. In the United States, patent applications filed in recent years are confidential for 18 months, while older applications are not publicly available until the patent issues. As a result, there may be some uncertainties associated with avoiding patent infringement. Litigation may be necessary to enforce any patents issued or assigned to us or to determine the scope and validity of third-party proprietary rights. Litigation could be costly and could divert our attention from our business. There are no guarantees that we will receive a favorable outcome in any such litigation. If a third-party claims that we infringed its patents, any of the following may occur: - we may become liable for substantial damages for past infringement if a court decides that our technologies infringe upon a competitor's patent;- we may become prohibited from selling or licensing our product without a license from the patent holder, which may not be available on commercially acceptable terms or at all, or which may require us to pay substantial royalties or grant cross-licenses to our patents; and - we may have to redesign our product so that it does not infringe upon others' patent rights, which may not be possible or could require substantial funds or time. Litigation related to infringement and other intellectual property claims such as trade secrets, with or without merit, is unpredictable, can be expensive and time-consuming, and can divert management's attention from our core business. If we lose this kind of litigation, a court could require us to pay substantial damages, treble damages, and attorneys' fees, and could prohibit us from using technologies essential to our product, any of which would have a material adverse effect on our business, results of operations, and financial condition. If relevant third-party patents are upheld as valid and enforceable and we are found to infringe, we could be prevented from selling our product unless we can obtain licenses to use technology covered by such patents. We do not know whether any necessary licenses would be available to us on satisfactory terms, if at all. If we cannot obtain these licenses, we could be forced to design around those patents at additional cost or abandon the product altogether. Furthermore, because of the substantial amount of discovery required in connection with intellectual property litigation, there is a risk that some of our confidential information could be compromised by disclosure during this type of litigation. There could also be public announcements of the results of hearings, motions or other interim proceedings or developments. If securities analysts or investors perceive these results to be negative, it could cause the price of our common stock to decline. If others have filed patent applications with respect to inventions for which we already have patents issued to us or have patent applications pending, we may be forced to participate in interference or derivation proceedings declared by the USPTO to determine priority of invention, which could also be costly and could divert our attention from our business. If the USPTO declares an interference and determines that our patent or application is not entitled to a priority date earlier than that of the other patent application, our ability to maintain or obtain those patent rights will be curtailed. Similarly, if the USPTO declares a derivation proceeding and determines that the invention covered by our patent application was derived from another, we will not be able to obtain patent coverage of that invention. Because of the extensive time required for development, testing and regulatory review of a potential product, it is possible that, before CHEMOSAT and HEPZATO or any other product can be commercialized, any related patent may expire or remain in force for only a short period following commercialization, thereby reducing any advantages of the patent. Not all of our U.S. patent rights have corresponding patent rights effective in European or other foreign jurisdictions. Similar considerations apply in any other country where we are prosecuting patent applications, have been issued patents, or have decided not to pursue patent protection relating to our technology. The laws of foreign countries may not protect our intellectual property rights to the same extent as do laws of the United States.

Our patent protection for CHEMOSAT and HEPZATO is primarily in the United States and the EU. We currently have patents in the United States and the EU directed to our product, system, components, procedure, and method of treatment, with additional design patent protection in Argentina, Canada, Europe, the UK, and Japan. Our patents provide patent protection for our CHEMOSAT hepatic delivery system, HEPZATO, hemofiltration cartridge apparatus, hemofiltration cartridge design, methods of treatment of a subject with cancer in accordance with various embodiments of our system, embodiments of our system for delivering a high concentration of a small molecule chemotherapeutic agent to a subject while minimizing systemic exposure to the small molecule chemotherapeutic agent, and methods of setting up a filter apparatus for hemofiltration in accordance with our procedures using our proprietary hepatic deliver system. However, patents have a limited lifespan. In the United States and the EU, the ordinary statutory natural expiration of a utility patent is generally 20 years from its filing date. Various extensions may be available; however, the life of a patent, and the protection it affords, is limited.

The patent position of medical drug and device companies is generally highly uncertain. The degree of patent protection we require may be unavailable or severely limited in some cases and may not adequately protect our rights or permit us sufficient exclusivity, or to gain or keep our competitive advantage. For example: - we might not have been the first to invent or the first to file patent applications on the inventions covered by each of our pending patent applications and issued patents;- others may independently develop similar or alternative technologies or duplicate any of our technologies;- the patents of others may have an adverse effect on our business;- any patents we obtain or license from others in the future may not encompass commercially viable products, may not provide us with any competitive advantages or may be challenged by third parties; and - any patents we obtain or license from others in the future may not be valid or enforceable. The process of applying for patent protection itself is time consuming and expensive and we cannot assure you that we have prepared or will be able to prepare, file and prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner. It is possible that innovation over the course of development and commercialization may lead to changes in CHEMOSAT and HEPZATO methods and/or devices that cause such methods and/or devices to fall outside the scope of the patent protection we have obtained and the patent protection we have obtained may become less valuable. It is also possible that we will fail to identify patentable aspects of inventions made in the course of development and commercialization activities before it is too late to obtain patent protection on them. In addition, our patents and applications may not be prosecuted and enforced in a manner consistent with the best interests of our business. It is possible that defects of form in the preparation or filing of our patents or patent applications may exist, or may arise in the future, for example, with respect to proper priority claims, inventorship, claim scope or patent term adjustments. Moreover, we cannot assure you that all of our pending patent applications will issue as patents or that, if issued, they will issue in a form that will be advantageous to us.

The USPTO, and various foreign governmental patent agencies require compliance with a number of procedural, documentary, fee payment and other similar provisions during the patent application process. In addition, periodic maintenance fees on issued patents often must be paid to the USPTO and foreign patent agencies over the lifetime of the patent. While an unintentional lapse can in many cases be cured by payment of a late fee or by other means in accordance with the applicable rules, there are situations in which noncompliance can result in abandonment or lapse of the patent or patent application, resulting in partial or complete loss of patent rights in the relevant jurisdiction. Non-compliance events that could result in abandonment or lapse of a patent or patent application include, but are not limited to, failure to respond to official actions within prescribed time limits, non-payment of fees and failure to properly legalize and submit formal documents. If we fail to maintain the patents and patent applications covering our product or procedures, we may not be able to stop a competitor from marketing products that are the same as or similar to our product and technologies.

Filing, prosecuting and defending patents on our products and technologies in all countries throughout the world could be prohibitively expensive. The requirements for patentability may differ in certain countries, particularly developing countries, and the breadth of patent claims allowed can be inconsistent. In addition, the laws of some foreign countries may not protect our intellectual property rights to the same extent as laws in the United States. Consequently, we may not be able to prevent third parties from copying our inventions in foreign countries to the extent we can in the United States. Competitors may use our technologies in jurisdictions where we have not obtained patent protection that covers the commercial products to develop their own competing products that are the same or substantially the same as our commercial product and, further, may export otherwise infringing products to territories where we have patent protection, but judicial systems do not adequately enforce patents to cause infringing activities to be ceased. We do not have patent rights in certain foreign countries in which a market for our product and technologies exists or may exist in the future. Moreover, in foreign jurisdictions where we do have patent rights, proceedings to enforce such rights could result in substantial costs and divert our efforts and attention from other aspects of our business, could put our patents at risk of being invalidated or interpreted narrowly, and our patent applications at risk of not issuing, and could provoke third parties to assert claims against us. The complexity and uncertainty of European patent laws have increased in recent years. In Europe, the new unitary patent system that came into effect in June of 2023, would significantly impact European patents, including those granted before the introduction of such a system. Under the unitary patent system, European applications will have the option, upon grant of a patent, of becoming a Unitary Patent which will be subject to the jurisdiction of the Unitary Patent Court (UPC). As the UPC is a new court system, there is no precedent for the court, increasing the uncertainty of any litigation. Patents granted before the implementation of the UPC will have the option of opting out of the jurisdiction of the UPC and remaining as national patents in the UPC countries. Patents that remain under the jurisdiction of the UPC will be potentially vulnerable to a single UPC-based revocation challenge that, if successful, could invalidate the patent in all countries who are signatories to the UPC. We cannot predict with certainty the long-term effects of any potential changes. We may not prevail in any lawsuits that we initiate, and the damages or other remedies awarded, if any, may not be commercially meaningful. Thus, we may not be able to stop a competitor from marketing and selling in foreign countries products that are the same as or similar to our product and technologies.

We received approval by the FDA for HEPZATO in the United States in August 2023 and began generating revenue from product sales during the first quarter of 2024. Our ability to become and remain profitable is heavily dependent on our ability to generate revenue from HEPZATO for the treatment of mUM. The success of our commercialization will depend on a number of factors, including, among others, the continued development of our commercial organization, including our internal sales and marketing team and distribution capabilities, our ability to navigate the significant expenses and risks involved with the development and management of such capabilities, satisfying any post-marketing regulatory requirements, our ability to secure adequate healthcare coverage and the acceptance of HEPZATO by patients and third-party payors. If HEPZATO, or any other future approved product, does not achieve an adequate level of acceptance, coverage, pricing or reimbursement, we may not generate significant revenue from product sales and we may not be profitable. Even if we successfully commercialize HEPZATO in the United States, we may be unable to achieve or maintain profitability, unless HEPZATO is approved in other jurisdictions or for additional indications. Because of the uncertainties and risks associated with these activities, we are unable to accurately and precisely predict the timing and amount of revenues from product sales of HEPZATO, or any future approved products, or if or when we might achieve profitability. If we are unsuccessful in accomplishing our objectives, or if our commercialization efforts do not develop as planned, we may not be able to successfully commercialize HEPZATO or any future approved products, we may require significant additional capital and financial resources, we may not become profitable, and we may not be able to compete against more established companies in our industry. Even if we do achieve profitability, we may not be able to sustain or increase profitability on a quarterly or annual basis.

We are subject to ongoing regulatory obligations and oversight in the countries where HEPZATO and CHEMOSAT have been approved. For example, we may be subject to limitations on the approved indicated uses for which the product may be marketed or to the conditions of approval, or requirements for potentially costly post-marketing testing, including Phase IV clinical trials, and surveillance to monitor the safety and efficacy of the product candidate. With HEPZATO's approval, the manufacturing processes, labeling, packaging, distribution, adverse event reporting, storage, advertising, promotion and recordkeeping for the product are subject to extensive and ongoing regulatory requirements. In addition, post-marketing requirements for HEPZATO include implementation of a REMS program to ensure that the benefits of the product outweigh its risks. We must implement and ensure compliance with the HEPZATO REMS. Later discovery of previously unknown problems with a product, including adverse events of unanticipated severity or frequency, or with our third-party manufacturers or manufacturing processes, or failure to comply with regulatory requirements, may result in, among other things: - restrictions on the marketing or manufacturing of the product, withdrawal of the product from the market or voluntary or mandatory product recalls or seizures;- fines, FDA warning letters or untitled letters, or holds on clinical trials;- import or export restrictions;- injunctions or the imposition of civil or criminal penalties;- restrictions on product administration, requirements for additional clinical trials or changes to product labeling or REMS programs; or - recommendations by regulatory authorities against entering into governmental contracts with us. If we are not able to maintain regulatory compliance, we may lose any marketing approval that we obtained and may not achieve or sustain profitability, which would have a material adverse effect on our business, results of operations, financial condition and prospects.

In the EU, CHEMOSAT is regulated as a Class III medical device indicated for the intra-arterial administration of a chemotherapeutic agent, melphalan hydrochloride, to the liver with additional extracorporeal filtration of the venous blood return. Our ability to market and promote CHEMOSAT is limited to this approved indication. To the extent that our promotion of CHEMOSAT is found to be outside the scope of its approved indication, we may be subject to fines or other regulatory action, limiting our ability to commercialize CHEMOSAT in the EU. If physicians are unable or unwilling to obtain melphalan separately for use with CHEMOSAT, our ability to commercialize CHEMOSAT in the EU will be significantly limited. Our product instructions and indication reference the chemotherapeutic agent melphalan. However, no melphalan labels in the EU reference our product, and the labels vary from country to country with respect to the approved indication of the drug and its mode of administration. As a result, the delivery of melphalan with our device may not be within the applicable label with respect to some indications in some Member States of the EU where the drugs are authorized for marketing. Physicians intending to use CHEMOSAT must obtain melphalan separately for use with CHEMOSAT and must use melphalan independently at their discretion. If physicians are unable or unwilling to obtain melphalan separately from CHEMOSAT and/or to prescribe the use of melphalan independently, our sales opportunities in the EU will be significantly limited.

In the United States and some foreign jurisdictions, there have been a number of legislative and regulatory changes and proposed changes regarding the health care system and efforts to control health care costs, including drug prices, that could have a significant negative impact on our business, including preventing, limiting or delaying regulatory approval of our drug candidates and reducing the sales and profits derived from our products once they are approved. For example, in the United States, the Patient Protection and Affordable Care Act of 2010, or ACA, substantially changed the way health care is financed by both governmental and private insurers and significantly affects the pharmaceutical industry. The ACA, among other things, subjected manufacturers to new annual fees and taxes for specified branded prescription drugs, increased the minimum Medicaid rebates owed by most manufacturers under the Medicaid Drug Rebate Program, expanded health care fraud and abuse laws, revised the methodology by which rebates owed by manufacturers to the state and federal government for covered outpatient drugs under the Medicaid Drug Rebate Program are calculated, imposed an additional rebate similar to an inflation penalty on new formulations of drugs, extended the Medicaid Drug Rebate Program to Medicaid managed care organizations, expanded the 340B program, which caps the price at which manufacturers can sell covered outpatient pharmaceuticals to specified hospitals, clinics and community health centers, and provided incentives to programs that increase the federal government's comparative effectiveness research. Since its enactment, there have been judicial and Congressional challenges and amendments to certain aspects of ACA. While Congress has not passed comprehensive repeal legislation, several bills affecting the implementation of certain taxes under the ACA have been signed into law. The Tax Cuts and Jobs Act of 2017 (the "Tax Act") includes a provision repealing, effective January 1, 2019, the tax-based shared responsibility payment imposed by the ACA on certain individuals who fail to maintain qualifying health coverage for all or part of a year that is commonly referred to as the "individual mandate." On June 17, 2021, the U.S. Supreme Court dismissed a challenge on procedural grounds that argued the ACA is unconstitutional in its entirety because the "individual mandate" was repealed by Congress. Congressional actions to repeal and replace provisions of the law and litigation and legislation over the ACA is likely to continue with unpredictable and uncertain results. More recently, on August 16, 2022, the Inflation Reduction Act of 2022, or IRA was signed into law by President Biden. The new legislation has implications for Medicare Part D, which is a program available to individuals who are entitled to Medicare Part A or enrolled in Medicare Part B to give them the option of paying a monthly premium for outpatient prescription drug coverage. Among other things, the IRA requires manufacturers of certain drugs to engage in price negotiations with Medicare (and the maximum price as a result of the negotiations becoming effective beginning on January 1, 2026), with prices that can be negotiated subject to a cap; imposes rebates under Medicare Part B and Medicare Part D for price increases that outpace inflation (first due in 2023); and replaces the Part D coverage gap discount program with a new discounting program (beginning in 2025). The IRA permits the Department of Health and Human Services, or HHS, to implement many of these provisions through guidance, as opposed to regulation, for the initial years These provisions take effect progressively starting in fiscal year 2023. On August 29, 2023, HHS announced the list of the first ten drugs that will be subject to price negotiations, although the Medicare drug price negotiation program is currently subject to legal challenges. Further, the legislation subjects drug manufacturers to civil monetary penalties and a potential excise tax for failing to comply with the legislation by offering a price that is not equal to or less than the negotiated "maximum fair price" under the law or for taking price increases that exceed inflation. The legislation also requires manufacturers to pay rebates for drugs in Medicare Part D whose price increases exceed inflation. The new law also caps Medicare out-of-pocket drug costs at an estimated $4,000 a year in 2024 and, thereafter beginning in 2025, at $2,000 a year. In response to the Biden administration's October 2022 executive order, on February 14, 2023, HHS released a report outlining three new models for testing by the CMS Innovation Center which will be evaluated on their ability to lower the cost of drugs, promote accessibility, and improve quality of care. It is unclear whether the models will be utilized in any health reform measures in the future. Further, on December 7, 2023, the Biden administration announced an initiative to control the price of prescription drugs through the use of march-in rights under the Bayh-Dole Act. On December 8, 2023, the National Institute of Standards and Technology published for comment a Draft Interagency Guidance Framework for Considering the Exercise of March-In Rights which for the first time includes the price of a product as one factor an agency can use when deciding to exercise march-in rights. While march-in rights have not previously been exercised, it is uncertain if that will continue under the new framework. At the state level, individual states are increasingly aggressive in passing legislation and implementing regulations designed to control pharmaceutical and biological product pricing, including price or patient reimbursement constraints, discounts, restrictions on certain product access and marketing cost disclosure and transparency measures, and, in some cases, designed to encourage importation from other countries and bulk purchasing.

In the ordinary course of business, we collect, receive, store, process, generate, use, transfer, disclose, make accessible, protect, secure, dispose of, transmit, and share (collectively, "process") personal data and other sensitive information, including proprietary and confidential business data, trade secrets, intellectual property and data. Our data processing is subject to numerous domestic and foreign information privacy and security obligations such as various laws, regulations, guidance, industry standards, external and internal information privacy and security policies, contractual requirements, and other obligations relating to information privacy and security. The confidentiality, collection, use and disclosure of personal data, including clinical trial patient-specific information, are subject to governmental regulation generally in the country where the personal data were collected or used. In the United States we are subject to various state and federal information privacy and security regulations, including but not limited to, HIPAA as amended by HITECH, which mandates, among other things, the adoption of uniform standards for the electronic exchange of information in common health care transactions, as well as standards relating to the privacy and security of individually identifiable health information, which require the adoption of administrative, physical and technical safeguards to protect such information. For more information regarding risks associated with HIPAA, please refer to the section above that discusses risks associated with federal and state healthcare laws and regulations. Moreover, in the United States, federal, state, and local governments have enacted numerous information privacy and security laws, including data breach notification laws, personal data privacy laws, consumer protection laws (e.g., Section 5 of the Federal Trade Commission Act), and other similar laws (e.g., wiretapping laws). In the past few years, numerous U.S. states - including California, Virginia, Colorado, Connecticut, and Utah - have enacted comprehensive information privacy laws that impose certain obligations on covered businesses, including providing specific disclosures in privacy notices and affording residents with certain rights concerning their personal data. These state laws allow for statutory fines for noncompliance. For example, the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020, (collectively, "CCPA") applies to personal data of consumers, business representatives, and employees who are California residents, and requires businesses to provide specific disclosures in privacy notices and honor requests of such individuals to exercise certain privacy rights. The CCPA provides for fines of up to $7,500 per intentional violation and allows private litigants affected by certain data breaches to recover significant statutory damages. Similar laws are being considered in several other states, as well as at the federal and local levels, and we expect more states to pass similar laws in the future. These developments further complicate compliance efforts, and increase legal risk and compliance costs for us, and the third parties upon whom we rely. Outside the United States, an increasing number of laws, regulations, and industry standards govern information privacy and security. For example, both the European Union's General Data Protection Regulation ("EU GDPR") and the United Kingdom's GDPR ("UK GDPR") define personal data to include any information that relates to an identified or identifiable natural person with identifiable health information carrying additional obligations, including obtaining the explicit consent from the individual for collection, use or disclosure of their information. Under the GDPR, companies may face temporary or definitive bans on data processing and other corrective actions; fines of up to 20 million Euros under the EU GDPR, 17.5 million pounds sterling under the UK GDPR or, in each case, 4% of annual global revenue, whichever is greater; or private litigation related to processing of personal data brought by classes of data subjects or consumer protection organizations authorized at law to represent their interests. In addition, we may transfer personal data from Europe and other jurisdictions to the United States or other countries and may be subject to EU regulation with respect to limiting the cross-border transfers of such data out of the European Economic Area ("EEA") to the United States or other countries. Although there are currently various mechanisms that may be used to transfer personal data from the EEA and UK to the United States in compliance with law, such as the EEA standard contractual clauses, the UK's International Data Transfer Agreement / Addendum, and the EU-U.S. Data Privacy Framework and the UK extension thereto (which allows for transfers to relevant U.S.-based organizations who self-certify compliance and participate in the Framework), these mechanisms are subject to legal challenges, and there is no assurance that we can satisfy or rely on these measures to lawfully transfer personal data to the United States. If there is no lawful manner for us to transfer personal data from the EEA, the UK or other jurisdictions to the United States, or if the requirements for a legally-compliant transfer are too onerous, we could face significant adverse consequences, including the interruption or degradation of our operations, the need to relocate part of or all of our business or data processing activities to other jurisdictions (such as Europe) at significant expense, increased exposure to regulatory actions, substantial fines and penalties, the inability to transfer data and work with partners, vendors and other third parties, and injunctions against our processing or transferring of personal data necessary to operate our business. We are also bound by contractual obligations related to information privacy and security, and our efforts to comply with such obligations may not be successful. We publish privacy policies, marketing materials and other statements, such as compliance with certain certifications or self-regulatory principles, regarding information privacy and security. If these policies, materials or statements are found to be deficient, lacking in transparency, deceptive, unfair, or misrepresentative of our practices, we may be subject to investigation, enforcement actions by regulators or other adverse consequences. Furthermore, the legislative and regulatory landscape for information privacy and security continues to evolve, and there has been an increasing amount of focus on privacy and security issues. The United States and the European Union and its member states continue to issue new privacy and data protection rules and regulations that relate to personal data. Obligations related to information privacy and security (and consumers' data privacy expectations) are quickly changing, becoming increasingly stringent, and creating uncertainty. Additionally, these obligations may be subject to differing applications and interpretations, which may be inconsistent or conflict among jurisdictions. Compliance with information privacy and security laws may be time consuming, difficult and/or require us to devote significant resources. If we or the third parties on which we rely fail, or are perceived to have failed, to comply with applicable laws, regulations or duties relating to the use, privacy or security of personal data we could be subject to significant consequences including: government enforcement actions (e.g., investigations, fines, penalties, audits, inspections, and similar); litigation (including class-action claims) and mass arbitration demands; additional reporting requirements and/or oversight; bans on processing personal data; orders to destroy or not use personal data; reputational harm; or be forced to alter our business practices or change our business model. Any of these events could have a material adverse effect on our reputation, business, or financial condition, including but not limited to: loss of customers; interruptions or stoppages in our business operations; inability to process personal data or to operate in certain jurisdictions; limited ability to develop or commercialize our products; expenditure of time and resources to defend any claim or inquiry; adverse publicity; or substantial changes to our business model or operations.

We have obtained the right to affix the CE Mark for CHEMOSAT, and we intend to seek third-party or government reimbursement within those countries in Europe where we expect to market and sell CHEMOSAT. In Germany, we had received a ZE diagnostic-related group code ("ZE Code") which, beginning in 2016, permits hospitals in Germany to obtain reimbursement for CHEMOSAT procedures. Negotiations on the amount of reimbursement to be received under the ZE Code were concluded in 2016 and the procedure was reimbursed under the ZE Code in 2017. Reimbursement negotiations under the ZE system are conducted annually. Consequently, reimbursement obtained may not be for the full amount sought. In countries where we are able to obtain reimbursement, local policy could limit our ability to obtain adequate and consistent reimbursement and limit other sales opportunities in those countries. In other countries, until we obtain government reimbursement, we will rely on private payors or local pre-approved funds where available. There are also no assurances that third-party payors or government health agencies in Europe will reimburse use of CHEMOSAT in the long term or at all. Further, each country has its own protocols regarding reimbursement, so successfully obtaining third party or government health agency reimbursement in one country does not necessarily translate to similar reimbursement in another European country. Physicians, hospitals and other health care providers may be reluctant to purchase CHEMOSAT if they do not receive substantial reimbursement for the cost of using the product from third-party payors or government entities. The lack of adequate reimbursement may significantly limit sales opportunities in Europe.

The cost of healthcare has risen significantly over the past decade and numerous initiatives and reforms initiated by legislators, regulators and third-party payors to curb these costs have resulted in a consolidation trend in the medical device industry. Group purchasing organizations, independent delivery networks and large single accounts in the United States and foreign markets may result in a consolidation of purchasing decisions for potential healthcare provider customers. We expect that market demand, government regulation, third-party reimbursement policies and societal pressures will continue to change the worldwide healthcare industry, resulting in further business consolidations and alliances which may exert further downward pressure on the price of CHEMOSAT and HEPZATO and adversely impact our business, financial condition and results of operations.

Our entire focus has been on developing, commercializing, and obtaining regulatory authorizations and approvals of CHEMOSAT and HEPZATO. We may fail to gain sufficient market acceptance by physicians, patients, third-party payors and others in the medical community necessary for the commercial success of CHEMOSAT and HEPZATO. Physicians are often reluctant to switch their patients from existing therapies even when new and potentially more effective or convenient treatments enter the market. Further, patients often acclimate to the therapy that they are currently taking and do not want to switch unless their physicians recommend switching products or they are required to switch therapies due to lack of reimbursement for existing therapies. In addition, since CHEMOSAT currently is approved for commercialization solely in the EU and limited other jurisdictions (including the United Kingdom), and HEPZATO is approved only in the United States, if we are unsuccessful in commercializing the products in the EU and the United States, we will have no means of generating revenue. In addition, the potential market opportunity for CHEMOSAT and HEPZATO is difficult to precisely estimate. Our estimates of the potential market opportunity for CHEMOSAT and HEPZATO for their approved indications, or in other indications include several key assumptions based on our industry knowledge, industry publications, third-party research reports and other surveys. However, no independent source has verified such assumptions. If any of these assumptions proves to be inaccurate, then the actual market for CHEMOSAT and HEPZATO could be smaller than our estimates of potential market opportunity. If the actual market for CHEMOSAT and HEPZATO is smaller than we expect, our product revenue may be limited, and it may be more difficult for us to achieve or maintain profitability.

We have limited experience in the sale, marketing and distribution of pharmaceutical products in the United States. To achieve commercial success for HEPZATO and any other product candidates, if approved, for which we retain sales and marketing responsibilities, we must either develop a sales and marketing organization or outsource these functions to other third parties. We have established sales and marketing capabilities to support our commercial launch of HEPZATO for the treatment of adult patients with unresectable hepatic-dominant metastatic uveal melanoma in the United States. We may need to further build our sales and marketing infrastructure, either directly or with third-party partners, to maintain our ongoing commercialization efforts and to commercialize HEPZATO in other indications or to commercialize any of our other product candidates for which we obtain marketing approval. There are risks involved with both establishing our own sales and marketing capabilities and entering into arrangements with third parties to perform these services. For example, recruiting and training a sales force is expensive and time consuming. If the commercial launch of a product candidate for which we recruit a sales force and establish marketing capabilities is delayed or does not occur for any reason, we would have prematurely or unnecessarily incurred these commercialization expenses. This may be costly, and our investment would be lost if we cannot retain or reposition our sales and marketing personnel. Factors that may inhibit our efforts to commercialize HEPZATO and other product candidates on our own include: - our inability to recruit and retain adequate numbers of effective sales and marketing personnel;- the inability of sales personnel to obtain access to physicians or educate physicians on the benefits of our products;- the lack of complementary products to be offered by sales personnel, which may put us at a competitive disadvantage relative to companies with more extensive or integrated product offerings; and - unforeseen costs and expenses associated with creating an independent sales and marketing organization. If we enter into arrangements with third parties to perform sales, marketing and distribution services, our product revenue or the profitability of product revenue to us is likely to be lower than if we were to market and sell any products that we develop ourselves. In addition, we may not be successful in entering into arrangements with third parties to sell and market our product candidates or may be unable to do so on terms that are favorable to us. We likely will have little control over such third parties and any of them may fail to devote the necessary resources and attention to sell and market our products effectively. If we do not establish sales and marketing capabilities successfully, either on our own or in collaboration with third parties, we will not be successful in commercializing HEPZATO in the United States or any of our product candidates for which we obtain marketing approval.

We design the clinical trials for our products, but rely on academic institutions, corporate partners, contract research organizations and other third parties to assist in managing, monitoring and otherwise carrying out these trials. We also plan on relying heavily on these parties for the execution of our clinical studies and control only certain aspects of their activities. Accordingly, we may have less control over the timing and other aspects of these clinical trials than if we conducted them entirely on our own. We intend to rely on third parties to conduct monitoring and data collection of our future clinical trials, however, we are ultimately responsible for confirming that each of our clinical trials is conducted in accordance with our general investigational plan and protocol. Moreover, the FDA and foreign regulatory agencies require us to comply with GCPs for conducting, recording and reporting the results of clinical trials to assure that the data and results are credible and accurate and that the trial participants are adequately protected. The FDA enforces these GCP regulations through periodic inspections of trial sponsors, principal investigators and trial sites. Our reliance on third parties does not relieve us of these responsibilities and requirements and if we or the third parties upon whom we rely for our clinical trials fail to comply with the applicable GCPs, the data generated in our clinical trials may be deemed unreliable and the FDA or other foreign regulatory agencies may require us to perform additional trials before approving our marketing application. We cannot assure you that, upon inspection, the FDA will determine that any of our clinical trials comply or complied with GCPs. In addition, our clinical trials must be conducted with product that complies with the FDA's cGMP requirements and we are dependent on third-party manufacturing and supply of critical components necessary for such clinical trial supply. To the extent a critical component relies on a single-sourced manufacture/supplier our ability to mitigate this risk decreases. Our failure, or any failure by such third-party partners, to comply with these regulations may require us to repeat clinical trials, which would delay the regulatory approval process, and may result in a failure to obtain regulatory approval for product candidates then being studied.