Rite Aid 2015 Annual Report Download - page 17

Download and view the complete annual report

Please find page 17 of the 2015 Rite Aid annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 131

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131

perform critical functions, which could adversely affect our business and results of operations. Any
compromise or breach of our data security, whether external or internal, or misuse of customer,
associate, supplier or our data could also result in a violation of applicable privacy and other laws,
significant legal and financial exposure, fines or lawsuits, damage to our reputation, loss or misuse of
the information and a loss of confidence in our security measures, which could harm our business.
Although we maintain cyber security insurance, we cannot assure you that the coverage limits under
our insurance program will be adequate to protect us against future claims. In addition, as the
regulatory environment related to information security, data collection and use, and privacy becomes
increasingly rigorous, with new and constantly changing requirements applicable to our business,
compliance with those requirements could also result in additional costs.
We are subject to payment-related risks that could increase our operating costs, expose us to fraud or theft,
subject us to potential liability and potentially disrupt our business.
We accept payments using a variety of methods, including cash, checks, credit and debit cards, and
gift cards, and we may offer new payment options over time. Acceptance of these payment options
subjects us to rules, regulations, contractual obligations and compliance requirements, including
payment network rules and operating guidelines, data security standards and certification requirements,
and rules governing electronic funds transfers. These requirements may change over time or be
reinterpreted, making compliance more difficult or costly. For certain payment methods, including
credit and debit cards, we pay interchange and other fees, which may increase over time and raise our
operating costs. We rely on third parties to provide payment processing services, including the
processing of credit cards, debit cards, and other forms of electronic payment. If these companies
become unable to provide these services to us, or if their systems are compromised, it could potentially
disrupt our business. The payment methods that we offer also subject us to potential fraud and theft by
criminals, who are becoming increasingly more sophisticated, seeking to obtain unauthorized access to
or exploit weaknesses that may exist in the payment systems. If we fail to comply with applicable rules
or requirements for the payment methods we accept, or if payment-related data is compromised due to
a breach or misuse of data, we may be liable for costs incurred by payment card issuing banks and
other third parties or subject to fines and higher transaction fees, or our ability to accept or facilitate
certain types of payments may be impaired. In addition, our customers could lose confidence in certain
payment types, which may result in a shift to other payment types or potential changes to our payment
systems that may result in higher costs. As a result, our business and operating results could be
adversely affected.
If we fail to protect the security of personal information about our customers and associates, we could be
subject to costly government enforcement actions or private litigation.
Through our sales and marketing activities, we collect and store certain personal information that
our customers provide to purchase products or services, enroll in promotional programs, register on our
web site, or otherwise communicate and interact with us. We also gather and retain information about
our associates in the normal course of business. We may share information about such persons with
vendors that assist with certain aspects of our business. Despite instituted safeguards for the protection
of such information, security could be compromised and confidential customer or business information
misappropriated, for which we have paid related penalties in the past. Loss of customer or business
information could disrupt our operations, damage our reputation, and expose us to claims from
customers, financial institutions, payment card associations and other persons, any of which could have
an adverse effect on our business, financial condition and results of operations. In addition, compliance
with more rigorous privacy and information security laws and standards may result in significant
expense due to increased investment in technology and the development of new operational processes.
17