Walgreens 2015 Annual Report Download - page 23

Download and view the complete annual report

Please find page 23 of the 2015 Walgreens annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 148

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148

We may experience a significant disruption in our computer systems.
We rely extensively on our computer systems to manage our ordering, pricing, point-of-sale, pharmacy
fulfillment, inventory replenishment, customer loyalty programs, finance and other processes. Our systems are
subject to damage or interruption from power outages, computer and telecommunications failures, computer
viruses, security breaches, vandalism, natural disasters, catastrophic events and human error, and our disaster
recovery planning cannot account for all eventualities. If any of our systems are damaged, fail to function
properly or otherwise become unavailable, we may incur substantial costs to repair or replace them, and may
experience loss or corruption of critical data and interruptions or delays in our ability to perform critical
functions, which could adversely affect our businesses and results of operations. In addition, we are currently
making, and expect to continue to make, substantial investments in our information technology systems and
infrastructure, some of which are significant. Upgrades involve replacing existing systems with successor
systems, making changes to existing systems, or cost-effectively acquiring new systems with new functionality.
Implementing new systems carries significant potential risks, including failure to operate as designed, potential
loss or corruption of data or information, cost overruns, implementation delays, disruption of operations, and the
potential inability to meet business and reporting requirements. While we are aware of inherent risks associated
with replacing these systems and believe we are taking reasonable action to mitigate known risks, there can be no
assurance that these technology initiatives will be deployed as planned or that they will be timely implemented
without disruption to our operations. We also could be adversely affected by any significant disruption in the
systems of key payers or vendors.
If we do not maintain the privacy and security of sensitive customer and business information, we could
damage our reputation, suffer a loss of revenue, incur substantial additional costs and become subject to
litigation.
The protection of customer, employee, and company data is critical to our businesses. Cybersecurity and other
information technology security risks, such as a significant breach of customer, employee, or company data,
could attract a substantial amount of media attention, damage our customer relationships and reputation, and
result in lost sales, fines or lawsuits. Throughout our operations, we receive, retain and transmit certain personal
information that our customers and others provide to purchase products or services, fill prescriptions, enroll in
promotional programs, participate in our customer loyalty programs, register on our websites, or otherwise
communicate and interact with us. In addition, aspects of our operations depend upon the secure transmission of
confidential information over public networks. Although we deploy a layered approach to address information
security threats and vulnerabilities designed to protect confidential information against data security breaches, a
compromise of our data security systems or of those of businesses with whom we interact, which results in
confidential information being accessed, obtained, damaged or used by unauthorized or improper persons, could
harm our reputation and expose us to regulatory actions and claims from customers, financial institutions,
payment card associations and other persons, any of which could materially and adversely affect our business
operations, financial condition and results of operations. In addition, a security breach could require that we
expend substantial additional resources related to the security of information systems and disrupt our businesses.
The regulatory environment surrounding information security and privacy is increasingly demanding, with the
frequent imposition of new and changing requirements across businesses. We are required to comply with
increasingly complex and changing data privacy regulations in the United States and in other countries in which
we operate that regulate the collection, use and transfer of personal data, including the transfer of personal data
between or among countries. Some foreign data privacy regulations are more stringent than those in the United
States. We may also face audits or investigations by one or more domestic or foreign government agencies
relating to our compliance with these regulations. Compliance with changes in privacy and information security
laws and standards may result in significant expense due to increased investment in technology and the
development of new operational processes. If we or those with whom we share information fail to comply with
these laws and regulations or experience a data security breach, our reputation could be damaged and we could
be subject to additional litigation and regulatory risks. Our security measures may be undermined due to the
-19-