Omnicell (OMCL) Risk Factors

We must develop new products or enhance our existing products with improved technologies to meet rapidly evolving customer requirements. We are constantly engaged in the development process for next generation products, and we need to successfully design our next generation and other products for customers who continually require higher performance and functionality at lower costs. The development process for these advancements is lengthy and usually requires us to accurately anticipate technological innovations and market trends. Developing and enhancing these products can be time-consuming, costly, and complex. Our ability to fund product development and enhancements partially depends on our ability to generate revenues from our existing products. There is a risk that these new product developments, such as our XT Series, XR2 Automated Central Pharmacy System and IVX semi-automated workflow solution, or product enhancements, will be late, will have technical problems, will fail to meet customer or market specifications or will not be competitive with other products using alternative technologies that offer comparable performance and functionality. For example, we experienced technical quality issues with respect to early shipments of our XT Series automated dispensing systems to customers. These issues required significant resources to analyze the source of the deficiencies and implement corrective actions. We may discover technical quality issues in the future related to new products, or product enhancements, that require analysis and corrective action, which could damage our reputation and have a material adverse effect on our business, financial condition and results of operations. While our business strategy includes a goal of advancing our platform with new product introductions annually, we may be unable to successfully develop additional next generation products, new products or product enhancements on an annual basis or at all. Our next generation products, such as our XT Series, or any of our newer products, such as our XR2 Automated Central Pharmacy System or IVX Workflow, or product enhancements may not be accepted in new or existing markets. Our ability to execute successfully on our recently-launched vision of a fully digitized and autonomous pharmacy depends on our ability to continue to develop and introduce new products or product enhancements, and integrate new products with existing offerings, in furtherance of this vision in a timely manner and on a cost-effective basis. If we fail to do so, we may be unable to achieve the vision of the autonomous pharmacy, we may not realize the anticipated benefits of our investments in support of this vision, and this could have a material adverse effect on our business, financial condition, and results of operations.

We rely on information technology systems to keep financial records and corporate records, communicate with staff and external parties, and operate other critical functions, including sales and manufacturing processes. In addition, we also utilize third-party cloud services in connection with our operations. Our information technology systems and third-party cloud services are potentially vulnerable to disruption due to breakdown, malicious intrusion and computer viruses, or environmental impact. If we were to experience a prolonged system disruption in our information technology systems or third-party cloud services, it could negatively impact the coordination of our sales, planning, and manufacturing activities, which could adversely affect our business. In addition, in order to maximize our information technology efficiency, we have physically consolidated our primary corporate data and computer operations. This concentration, however, exposes us to a greater risk of disruption to our internal information technology systems. Although we maintain offsite back-ups of our data, if operations at our facilities were disrupted, it may cause a material disruption in our business if we are not capable of restoring function on an acceptable time frame. Our information technology systems and third-party cloud services are potentially vulnerable to cyber-attacks or other data security breaches, whether by employees or others, which may expose sensitive data to unauthorized persons. Such data security breaches could lead to the loss of trade secrets or other intellectual property, or could lead to the public exposure of sensitive and confidential information of our employees, customers, suppliers, and others, any of which could have a material adverse effect on our business, financial condition, and results of operations. Moreover, a security breach or privacy violation that leads to disclosure or modification of, or prevents access to, patient information, including personally identifiable information or protected health information, could harm our reputation, result in litigation, compel us to comply with federal and/or state breach notification laws, subject us to mandatory corrective action, require us to verify the correctness of database contents, and otherwise subject us to liability under laws and regulations that protect personal data, resulting in increased costs or loss of revenues. In addition, we sell certain solutions that receive, store, and process our customers' data. For example, our Performance Center solution combines a cloud-based predictive intelligence platform with expert services designed to monitor pharmacy operations and recommend opportunities to help improve efficiency, regulatory compliance and patient outcomes. In addition, our Omnicell Patient Engagement platform is a private cloud-based solution that supports improving patient adherence goals through a single web-based platform that hosts functionality to guide and track patient notes, interventions and appointments. An effective attack on our solutions could disrupt the proper functioning of our solutions, allow unauthorized access to sensitive and confidential information of our customers (including protected health information), and disrupt our customers' operations. Any of these events could cause our solutions to be perceived as having security vulnerabilities and reduce demand for our solutions, which could have a material adverse effect on our business, financial condition, and results of operations. These risks are likely to increase as we continue to grow our cloud-based offerings, including in support of the autonomous pharmacy vision, and as we receive, store, and process more of our customers' data. We use third-party cloud providers in connection with certain of our cloud-based offerings or third-party providers to host our own data, in which case we rely on the processes, controls, and security such third parties have in place to protect the infrastructure. We also may acquire companies, products, services, and technologies and inherit such risks when we integrate these acquisitions within Omnicell. While we have implemented a number of security measures designed to protect our systems and data, including firewalls, antivirus and malware detection tools, patches, log monitors, routine back-ups, system audits, routine password modifications, and disaster recovery procedures, and have designed certain security features into our solutions, such measures may not be adequate or implemented properly to prevent or fully address the adverse effect of such events, and in some cases we may be unaware of an incident or its magnitude and effects. Any failure to prevent such security breaches or privacy violations, or implement satisfactory remedial measures, could require us to expend significant resources to remediate any damage, disrupt our operations or the operations of our customers, damage our reputation, or expose us to a risk of financial loss, litigation, regulatory penalties, contractual indemnification obligations, or other liability because of lost or misappropriated information, including sensitive patient data. In addition, these breaches and other inappropriate access can be difficult to detect, and any delay in identifying them may lead to increased harm of the type described above.

The markets in which we operate are intensely competitive. We expect continued and increased competition from current and future competitors, many of which have significantly greater financial, technical, marketing and other resources than we do. Our current direct competitors in the medication management automation solutions market include Becton, Dickinson and Company; ARxIUM; Cerner Corporation; Swisslog Healthcare as a division of KUKA; Cardinal Health, Inc.; PAR Excellence Systems, Inc.; TECSYS Inc.; Baxter Healthcare Corporation; Grifols, S.A.; Willach Pharmacy Solutions; DIH Technologies Corporation; Yuyama Co., Ltd; RoboPharma B.V.; Meditech-Pharma; Knapp AG; KLS Steuerungstechnik GmbH; Gollmann Kommissioniersysteme GmbH, and Loccioni. Our current direct competitors in the medication adherence solutions market include Drug Package, Inc.; ARxIUM; Manchac Technologies, LLC; RX Systems, Inc.; McKesson Corporation; Digital Pharmacist Inc.; Tabula Rasa Healthcare, Inc. (through its acquisition of PrescribeWellness); Synergy Medical Systems; Parata Systems; and Medicine-On-Time in the United States, and Jones Packaging Ltd.; Synergy Medical Systems; and WebsterCare outside the United States. The competitive challenges we face in the markets in which we operate include, but are not limited to, the following: - certain competitors may offer or have the ability to offer a broader range of solutions in the marketplace that we are unable to match;- certain competitors may develop alternative solutions to the customer problems our products are designed to solve that may provide a better customer outcome or a lower cost of operation;- certain competitors may develop new features or capabilities for their products not previously offered that could compete directly with our products;- competitive pressures could result in increased price competition for our products and services, fewer customer orders, and reduced gross margins, any of which could harm our business;- current and potential competitors may make strategic acquisitions or establish cooperative relationships among themselves or with third parties, including larger, more established healthcare supply companies, thereby increasing their ability to develop and offer a broader suite of products and services to address the needs of our prospective customers;- our competitive environment has recently experienced a significant degree of consolidation which could lead to competitors developing new business models that require us to adapt how we market, sell, or distribute our products; for example, in 2018, we initiated a company-wide organizational realignment in order to align our organizational infrastructure to centrally manage our business, including the marketing, sale, and distribution of our products, in part to address the continuing consolidation in the healthcare industry;- other established or emerging companies may enter the markets in which we operate with products and services that are preferred by our current and potential customers based on factors such as features, capabilities, or cost;- our competitors may develop, license, or incorporate new or emerging technologies or devote greater resources to the development, promotion, and sale of their products and services than we do;- certain competitors have greater brand name recognition and a more extensive installed base of medication management automation solutions or other products and services than we do, and such advantages could be used to increase their market share;- certain competitors may have existing business relationships with our current and potential customers, which may cause these customers to purchase competing products and services from these competitors; and - our competitors may secure products and services from suppliers on more favorable terms or secure exclusive arrangements with suppliers or buyers that may impede the sales of our products and services. If we fail to compete successfully against new entrants and established companies, it could materially adversely affect our business, financial condition, results of operations, and cash flows.

Our products include medication management automation solutions and medication adherence products and services for healthcare systems and pharmacies. Despite the presence of healthcare and pharmacy professionals as intermediaries between our products and patients, if our products fail to provide accurate and timely information or operate as designed, customers, patients or their family members could assert claims against us for product liability. For example, as further discussed under "Legal Proceedings" in Note 12, Commitments and Contingencies, of the Notes to Consolidated Financial Statements included in this annual report, we are currently subject to certain lawsuits, asserting, among other allegations, claims of product liability. Moreover, failure of health care facility and pharmacy employees to use our products for their intended purposes could result in product liability claims against us. Litigation with respect to product liability claims, regardless of any outcome, could result in substantial cost to us, divert management's attention from operations, and decrease market acceptance of our products. We possess a variety of insurance policies that include coverage for general commercial liability and technology errors and omissions liability. We attempt to mitigate these risks through contractual terms negotiated with our customers. However, these policies and protective contractual terms may not be adequate against product liability claims. A successful claim brought against us, or any claim or product recall that results in negative publicity about us, could harm our competitive position, results of operations, and financial condition. Also, in the event that any of our products is defective, we may be required to recall or redesign those products.

We are subject to taxes in the United States and foreign jurisdictions. Our future effective tax rates could be affected by several factors, many of which are outside of our control, including: changes in the mix of earnings with differing statutory tax rates, changes in the valuation of deferred tax assets and liabilities, changes in federal, state, and international laws or their interpretation, adjustments to income tax expense upon the finalization of tax returns, changes in tax attributes, or changes in accounting principles. We regularly assess the likelihood of adverse outcomes to determine the adequacy of our provision for taxes. We are also subject to examination of our income tax returns by the Internal Revenue Service and other tax authorities. There can be no assurance that the outcomes from these examinations will not materially adversely affect our financial condition and operating results. Forecasting our estimated annual effective tax rate is complex and subject to uncertainty, and there may be a material difference between the forecasted and the accrued effective tax rates, especially due to the volatility and uncertainty of global economic conditions resulting from the COVID-19 pandemic. Any increase in our effective tax rate would reduce our profitability.

We receive, store, and process personal information and other data from and about customers, in addition to our employees and services providers. In addition, our customers use our solutions to obtain and store personal information, including personal health information. For example, our customers use our Omnicell Patient Engagement platform to guide and track patient notes, interventions and appointments, which involves the collection of personal health information of patients. Our handling of data is subject to a variety of laws and regulations by state, local, and foreign agencies, as well as contractual obligations and industry standards. Regulatory focus on data privacy and security concerns continues to increase globally, and laws and regulations concerning the collection, use, and disclosure of personal information are expanding and becoming more complex. In the United States, these include federal health information privacy laws (such as the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), discussed below), security breach notification laws, and consumer protection laws, as well as state laws addressing privacy and data security. For example, The California Consumer Privacy Act of 2018, which became effective in January 2020, imposes additional obligations on companies that process information on California residents. Internationally, various foreign jurisdictions in which we operate have established, or are developing, their own data privacy and security legal framework with which we or our customers must comply. In certain cases, these international laws and regulations are more restrictive than many regulations in the United States. For example, within the European Union, the General Data Protection Regulation ("GDPR"), which became effective in May 2018, imposes more stringent data protection requirements on U.S.-based companies such as ours which receive or process personal information from EU residents, and establishes greater penalties for non-compliance. Violations of the GDPR can result in penalties up to the greater of €20.0 million or 4% of global annual revenues, and may also lead to damages claims by data controllers and data subjects. Such penalties are in addition to any civil litigation claims by data controllers, customers, and data subjects. Further, Brexit (discussed in the risk factor "The United Kingdom's recent withdrawal from the European Union could adversely affect us" below) has created uncertainty regarding the regulation of data protection in the United Kingdom. In particular, although the United Kingdom enacted a Data Protection Act in May 2018 that is designed to be consistent with the GDPR, uncertainty remains regarding how data transfers to and from the United Kingdom will be regulated following the Brexit Transition Period (also discussed below). In addition to government regulation, privacy advocates and industry groups may propose new and different self-regulatory standards that may legally or contractually apply to us. We also expect that there will continue to be new proposed laws, regulations, and industry standards relating to privacy, data protection, and information security. We cannot predict the scope of any such future laws, regulations, and standards that may be applicable to us, or how courts, agencies, or data protection authorities might interpret current ones. It is possible that these laws and other obligations may be interpreted and applied in a manner that is inconsistent with our existing data management practices or the functionality of our solutions, and we cannot predict the impact of such potential, future, inconsistent interpretations. Compliance with privacy, data protection, and information security laws, regulations, and other obligations is costly, and we may encounter difficulties, delays, or significant expenses in connection with our compliance, or because of our customers' need to comply or our customers' interpretation of their own legal requirements. In addition, any failure or perceived failure by us to comply with laws, regulations, policies, legal or contractual obligations, industry standards, or regulatory guidance relating to privacy or data security could result in governmental investigations and enforcement actions, litigation, fines and penalties, exposure to indemnification obligations or other liabilities, and adverse publicity, all of which could have an adverse effect on our reputation, as well as our business, financial condition, and results of operation. For example, as discussed further in the section entitled "Legal Proceedings" in Note 12, Commitments and Contingencies, of the Notes to Consolidated Financial Statements included in this annual report, we are currently and have in the past been subject to certain class action lawsuits asserting, among other allegations, claims of violation of the Illinois Biometric Information Privacy Act.

Our success is highly dependent upon the continuing contributions of our key management, sales, technical, and engineering staff. We believe that our future success will depend upon our ability to attract, train, and retain highly skilled and motivated personnel. As more of our products are installed in increasingly complex environments, greater technical expertise will be required. As our installed base of customers increases, we will also face additional demands on our customer service and support personnel, requiring additional resources to meet these demands. Furthermore, as we execute on the autonomous pharmacy vision and grow our cloud-based software as a service and solution as a service offerings, more specialized expertise will be required. We may experience difficulty in recruiting qualified personnel. Competition for qualified technical, engineering, managerial, sales, marketing, financial reporting, and other personnel can be intense, and we may not be successful in attracting and retaining qualified personnel. Competitors have in the past attempted, and may in the future attempt, to recruit our employees. In addition, we have historically used stock options, restricted stock units, and other forms of equity compensation as key components of our employee compensation program in order to align employees' interests with the interests of our stockholders, encourage employee retention, and provide competitive compensation packages. The effect of managing share-based compensation expense and minimizing shareholder dilution from the issuance of new shares may make it less favorable for us to grant stock options, restricted stock units, or other forms of equity compensation, to employees in the future. In order to continue granting equity compensation at competitive levels, we must seek stockholder approval for any increases to the number of shares reserved for issuance under our equity incentive plans, such as the share increase that was approved at our 2019 Annual Meeting of Stockholders, and we cannot assure you that we will receive such approvals in the future. Any failure to receive approval for future proposed increases could prevent us from granting equity compensation at competitive levels and make it more difficult to attract, retain, and motivate employees. Further, to the extent that we expand our business or product lines through the acquisition of other businesses, any failure to receive any such approvals could prevent us from securing employment commitments from such newly acquired employees. Failure to attract and retain key personnel could harm our competitive position, results of operations, and financial condition.

Managing our inventory of components and finished products is a complex task. A number of factors, including, but not limited to, the need to maintain a significant inventory of certain components that are in short supply or that must be purchased in bulk to obtain favorable pricing, the general unpredictability of demand for specific products and customer requests for quick delivery schedules, may result in us maintaining large amounts of inventory. Other factors, including changes in market demand, customer requirements, and technology, may cause our inventory to become obsolete. Any excess or obsolete inventory could result in inventory write-downs, which in turn could harm our business and results of operations.

We currently have operations outside of the United States, including sales efforts centered in Canada, Europe, the Middle East, and Asia-Pacific regions, and supply chain efforts in Asia. We intend to continue to expand our international operations, particularly in certain markets that we view as strategic, including the Middle East. Our international operations subject us to a variety of risks, including: - our reliance on distributors for the sale and post-sale support of our medication management automation solutions outside the United States and Canada;- the difficulty of managing an organization operating in various countries;- political sentiment against international outsourcing of production;- reduced protection for intellectual property rights, particularly in jurisdictions that have less developed intellectual property regimes, which could make it more costly for us to enforce, and more difficult for us to stop the infringement or misappropriation of, our intellectual property rights in these jurisdictions;- changes in foreign regulatory requirements;- the requirement to comply with a variety of international laws and regulations, including privacy and security, labor, import, export, trade, environmental standards, product compliance, tax, anti-bribery, and employment laws;- fluctuations in currency exchange rates and difficulties in repatriating funds from certain countries;- additional investment, coordination, and lead-time necessary to successfully interface our automation solutions with the existing information systems of our customers or potential customers outside of the United States; and - political unrest, terrorism, and the potential for other hostilities in areas in which we have facilities or operations; and - natural disasters. If we are unable to anticipate and address these risks properly, our business or operating results will be harmed. Furthermore, we face risks related to outbreaks of contagious diseases or other adverse public health epidemics, which could cause us or our suppliers and/or customers to temporarily suspend operations in the affected city or country. For example, following the outbreak of the coronavirus first identified in Wuhan, China in December 2019, the Chinese government has taken certain emergency measures to combat the spread of the virus, including implementation of travel bans and closure of factories and businesses. We import certain critical components from suppliers located in China. While we are closely monitoring developments in China and evaluating mitigation strategies, the full impact of this outbreak is uncertain at this time and any prolonged disruption to our China-based suppliers could significantly disrupt our supply chain and negatively impact our sales and operating results. In addition, changes in export or import regulation and other trade barriers and uncertainties may have an adverse effect on our business. For example, the current U.S. administration has advocated greater restrictions on trade generally and tariff increases on certain goods imported into the United States, particularly from China. We cannot predict what actions may ultimately be taken with respect to tariffs or trade relations between the United States and other countries (including China), what products may be subject to such actions, or what actions may be taken by the other countries in retaliation. The adoption and expansion of trade restrictions, the occurrence of a trade war, other governmental action related to tariffs or trade agreements or policies, or the related uncertainties, has the potential to adversely impact our supply chain and costs, which could in turn adversely affect our business, financial condition, and results of operation.

We rely on our network infrastructure, data centers, enterprise applications, and technology systems for the development, marketing, support, and sales of our products, and for the internal operation of our business. These systems are susceptible to disruption or failure in the event of a major earthquake, fire, flood, ice and snow storms, cyber-attack, terrorist attack, telecommunications failure, epidemic or pandemic (such as the ongoing COVID-19 pandemic), or other catastrophic event. Many of these systems are housed or supported in or around our corporate headquarters located in Northern California, near major earthquake faults, and where a significant portion of our research and development activities and other critical business operations take place. Other critical systems, including our manufacturing facilities for our consumable medication packages, are housed in St. Petersburg, Florida, in communities that have been subject to significant tropical storms. Disruptions to or the failure of any of these systems, and the resulting loss of critical data, which is not quickly recoverable by the effective execution of disaster recovery plans designed to reduce such disruption, could cause delays in our product development, prevent us from fulfilling our customers' orders, and could severely affect our ability to conduct normal business operations, the result of which would adversely affect our operating results.