Xerox 2014 Annual Report Download - page 31

Download and view the complete annual report

Please find page 31 of the 2014 Xerox annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 152

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152

We are subject to laws of the United States and foreign jurisdictions relating to individually identifiable
information, and failure to comply with those laws, whether or not inadvertent, could subject us to legal
actions and negatively impact our operations.
We receive, process, transmit and store information relating to identifiable individuals, both in our role as a service
and technology provider and as an employer. As a result, we are subject to numerous United States (both federal
and state) and foreign jurisdiction laws and regulations designed to protect individually identifiable information,
including the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the HIPAA regulations
governing, among other things, the privacy, security and electronic transmission of individually identifiable health
information, and the European Union Directive on Data Protection (Directive 95/46/EC). Other United States (both
federal and state) and foreign jurisdiction laws apply to our processing of individually identifiable information and
these laws have been subject to frequent changes, and new legislation in this area may be enacted at any time.
Changes to existing laws, introduction of new laws in this area, or failure to comply with existing laws that are
applicable to us may subject us to, among other things, additional costs or changes to our business practices,
liability for monetary damages, fines and/or criminal prosecution, unfavorable publicity, restrictions on our ability to
obtain and process information and allegations by our customers and clients that we have not performed our
contractual obligations, any of which may have a material adverse effect on our profitability and cash flow.
We are subject to breaches of our security systems and service interruptions which could expose us to
liability, impair our reputation or temporarily render us unable to fulfill our service obligations under our
contracts.
We have implemented security systems with the intent of maintaining the physical security of our facilities and
protecting our customers', clients' and suppliers' confidential information and information related to identifiable
individuals against unauthorized access through our information systems or by other electronic transmission or
through the misdirection, theft or loss of physical media. These include, for example, the appropriate encryption of
information. Despite such efforts, we are subject to breach of security systems which may result in unauthorized
access to our facilities and/or the information we are trying to protect. Because the techniques used to obtain
unauthorized access are constantly changing and becoming increasingly more sophisticated and often are not
recognized until launched against a target, we may be unable to anticipate these techniques or implement sufficient
preventative measures. If unauthorized parties gain physical access to one of our facilities or electronic access to
our information systems or such information is misdirected, lost or stolen during transmission or transport, any theft
or misuse of such information could result in, among other things, unfavorable publicity, governmental inquiry and
oversight, difficulty in marketing our services, allegations by our customers and clients that we have not performed
our contractual obligations, litigation by affected parties and possible financial obligations for damages related to the
theft or misuse of such information, any of which could have a material adverse effect on our profitability and cash
flow. We also maintain various systems and data centers for our customers. Often these systems and data centers
must be maintained worldwide and on a 24/7 basis. Although we endeavor to ensure that there is adequate back-
up and maintenance of these systems and centers, we could experience service interruptions that could result in
curtailed operations and loss of customers, which would reduce our revenue and profits in addition to impairing our
reputation.
Our ability to recover capital investments in connection with our contracts is subject to risk.
In order to attract and retain large outsourcing contracts, we sometimes make significant capital investments to
enable us to perform our services under the contracts, such as purchases of information technology equipment and
costs incurred to develop and implement software. The net book value of such assets recorded, including a portion
of our intangible assets, could be impaired, and our earnings and cash flow could be materially adversely affected in
the event of the early termination of all or a part of such a contract or a reduction in volumes and services
thereunder for reasons such as a customer's or client's merger or acquisition, divestiture of assets or businesses,
business failure or deterioration, or a customer's or client's exercise of contract termination rights.
Our services business could be adversely affected if we are unsuccessful in managing the start-up of new
contracts.
In order for our services business to continue its growth, we must successfully manage the start-up of services
related to new contracts. If a client is not satisfied with the quality of work performed by us or a subcontractor, or
with the type of services or solutions delivered, then we could incur additional costs to address the situation, the
profitability of that work might be impaired and the client's dissatisfaction with our services could damage our ability
to obtain additional work from that client or obtain new work from other potential clients. In particular, clients who are
not satisfied might seek to terminate existing contracts prior to their scheduled expiration date, which may result in
Xerox 2014 Annual Report 16