XML 21 R10.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management, Strategy and Governance
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

1C. Cybersecurity.

Risk Management and Strategy

Our business depends on the secure and continuous processing of information, supported by a resilient IT infrastructure and trusted critical vendors. Cybersecurity is a fundamental pillar of our risk management framework, seamlessly integrated into our decision-making at every level. Our IT department proactively identifies, evaluates, and mitigates cybersecurity risks to ensure alignment with our business objectives and operational needs. We maintain robust security policies and procedures, including comprehensive security and data privacy training for staff, stringent physical security measures, and advanced electronic data protection. Our cybersecurity program strictly adheres to HIPAA, GDPR, and SEC guidelines, incorporating strong data access controls, privacy safeguards, password protocols, encryption, and a structured incident response process with a thorough materiality assessment.

Beyond policies, our network is fortified with a multi-layered defense strategy, including firewalls and advanced cyber-threat monitoring. We employ 24/7 vulnerability scanning and extended detection and response (XDR) to continuously detect, analyze, and neutralize potential threats in real time. We recognize the importance of securing our extended digital ecosystem, including third-party service providers. To mitigate associated risks, we conduct rigorous security assessments before onboarding any third-party vendors and enforce ongoing monitoring to ensure continuous compliance with our cybersecurity standards.

To further strengthen our security posture, we collaborate with top-tier external experts who conduct rigorous evaluations and stress tests of our cybersecurity infrastructure. Through audits, threat assessments, and strategic consultations, we ensure that our security measures remain at the forefront of industry best practices. Our unwavering commitment to cybersecurity safeguards the integrity, confidentiality, and availability of our critical information assets, ensuring operational resilience and trust in our business.

Current Cybersecurity Risks

As of the date of this Annual Report on Form 10-K, the Company has not experienced any cybersecurity threats or incidents that have materially affected or are reasonably likely to materially affect the Company. In the event of a cybersecurity incident, the Company is equipped with a well-defined incident response plan. This plan includes immediate actions to mitigate the impact and long-term strategies for remediation and prevention of future incidents. See "Risk Factors— We may face additional costs, loss of revenue, significant liabilities, harm to our brand, decreased use of our products or services and business disruption if there are any security or data privacy breaches or other unauthorized or improper access."

Management and Board Oversight

Our management is responsible for day-to-day risk management activities. Our Board of Directors, acting directly and through its committees, is responsible for the oversight of our risk management. The Nominating and Governance Committee monitors our cybersecurity risk profile, receives periodic updates from management on all matters related to cybersecurity and reports to our full Board of Directors on an annual basis or as necessary. The Nominating and Governance Committee is composed of members with diverse expertise that allows them to oversee cybersecurity risks effectively.

Management is involved in assessing and managing material cybersecurity risks and incidents through dialogue with our Information Security Officer. Our Information Security Officer brings expertise to this role through his in-depth knowledge and experience in technology management and cybersecurity. Our Information Security Officer is continually informed about the latest developments in cybersecurity. This is crucial for the effective prevention, detection, mitigation and remediation of cybersecurity incidents, and allows him to regularly inform our Chief Executive Officer and Chief Financial Officer of any and all aspects of our business related to cybersecurity and information technology.

Our Chief Executive Officer, Chief Financial Officer and Information Security Officer regularly report to the Nominating and Governance Committee to ensure effective and efficient oversight of our cybersecurity threats and material risks, and to assist in proper risk management. Significant cybersecurity matters and strategic risk management decisions will be escalated from the Nominating and Governance Committee to the Board of Directors, ensuring that there is comprehensive oversight and the full Board of Directors can provide guidance on critical cybersecurity issues.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] Cybersecurity is a fundamental pillar of our risk management framework, seamlessly integrated into our decision-making at every level.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

Our management is responsible for day-to-day risk management activities. Our Board of Directors, acting directly and through its committees, is responsible for the oversight of our risk management. The Nominating and Governance Committee monitors our cybersecurity risk profile, receives periodic updates from management on all matters related to cybersecurity and reports to our full Board of Directors on an annual basis or as necessary. The Nominating and Governance Committee is composed of members with diverse expertise that allows them to oversee cybersecurity risks effectively.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our management is responsible for day-to-day risk management activities. Our Board of Directors, acting directly and through its committees, is responsible for the oversight of our risk management. The Nominating and Governance Committee monitors our cybersecurity risk profile, receives periodic updates from management on all matters related to cybersecurity and reports to our full Board of Directors on an annual basis or as necessary.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The Nominating and Governance Committee monitors our cybersecurity risk profile, receives periodic updates from management on all matters related to cybersecurity and reports to our full Board of Directors on an annual basis or as necessary.
Cybersecurity Risk Role of Management [Text Block]

Management is involved in assessing and managing material cybersecurity risks and incidents through dialogue with our Information Security Officer. Our Information Security Officer brings expertise to this role through his in-depth knowledge and experience in technology management and cybersecurity. Our Information Security Officer is continually informed about the latest developments in cybersecurity. This is crucial for the effective prevention, detection, mitigation and remediation of cybersecurity incidents, and allows him to regularly inform our Chief Executive Officer and Chief Financial Officer of any and all aspects of our business related to cybersecurity and information technology.

Our Chief Executive Officer, Chief Financial Officer and Information Security Officer regularly report to the Nominating and Governance Committee to ensure effective and efficient oversight of our cybersecurity threats and material risks, and to assist in proper risk management. Significant cybersecurity matters and strategic risk management decisions will be escalated from the Nominating and Governance Committee to the Board of Directors, ensuring that there is comprehensive oversight and the full Board of Directors can provide guidance on critical cybersecurity issues.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Our Chief Executive Officer, Chief Financial Officer and Information Security Officer regularly report to the Nominating and Governance Committee to ensure effective and efficient oversight of our cybersecurity threats and material risks, and to assist in proper risk management.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] The Nominating and Governance Committee is composed of members with diverse expertise that allows them to oversee cybersecurity risks effectively.Management is involved in assessing and managing material cybersecurity risks and incidents through dialogue with our Information Security Officer. Our Information Security Officer brings expertise to this role through his in-depth knowledge and experience in technology management and cybersecurity.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Our Information Security Officer is continually informed about the latest developments in cybersecurity. This is crucial for the effective prevention, detection, mitigation and remediation of cybersecurity incidents, and allows him to regularly inform our Chief Executive Officer and Chief Financial Officer of any and all aspects of our business related to cybersecurity and information technology.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true