XML 34 R10.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

ITEM 1C.

CYBERSECURITY

 

The Company’s Board of Directors is committed to both safeguarding against cybersecurity threats and complying with the SEC Cybersecurity regulations adopted on July 26, 2023. The Board receives an annual cybersecurity update from the Chief Information Officer (CIO) and Chief Information Security Officer (CISO) at one of the Board meetings held throughout the year. Accordingly, they received their customary detailed briefing from the CIO and CISO at the August 8, 2024 meeting.

 

The CIO provides relevant information on cybersecurity threats and risks to the Certification Committee on a quarterly basis. This meeting is chaired by the Chairman of the Audit Committee. The Chairman of the Audit Committee will then escalate any significant matters to the full Audit Committee. If necessary, the Audit Committee can further elevate these matters to the full Board of Directors.

 

The Company has implemented processes and continues to look at improved ways to identify, assess, and manage material risks from cybersecurity threats. Additionally, it has established procedures to evaluate any material effects, or reasonably likely material effects, of risks from cybersecurity threats and past cybersecurity incidents. The Company also has processes in place to assess and determine the necessity of any material disclosures required on Form 8-K.

 

The Company’s CIO brings over 40 years of experience in information technology and cybersecurity within the healthcare sector. The CISO has more than 25 years of expertise in technology and cybersecurity and has served as the Company’s CISO for 7 years. The Company has an Incident Response Planning Committee that convenes quarterly to address, identify, and manage any significant cybersecurity threats. Additionally, the Company has a crisis team, comprising the Compliance Officer, General Counsel, Chief Financial Officer, Human Resources Officer, Facilities Management Administrator, and Network Systems Administrator, which is activated if an event poses a significant risk to the Company.

 

The Company and the Board of Directors are committed to remaining updated on evolving cybersecurity regulations and best practices, as well as the development and amendment of processes to meet these changing demands. 

 
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] The Company’s Board of Directors is committed to both safeguarding against cybersecurity threats and complying with the SEC Cybersecurity regulations adopted on July 26, 2023. The Board receives an annual cybersecurity update from the Chief Information Officer (CIO) and Chief Information Security Officer (CISO) at one of the Board meetings held throughout the year. Accordingly, they received their customary detailed briefing from the CIO and CISO at the August 8, 2024 meeting.
Cybersecurity Risk Management Third Party Engaged [Flag] false
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block] The Company has implemented processes and continues to look at improved ways to identify, assess, and manage material risks from cybersecurity threats. Additionally, it has established procedures to evaluate any material effects, or reasonably likely material effects, of risks from cybersecurity threats and past cybersecurity incidents. The Company also has processes in place to assess and determine the necessity of any material disclosures required on Form 8-K.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] The CIO provides relevant information on cybersecurity threats and risks to the Certification Committee on a quarterly basis. This meeting is chaired by the Chairman of the Audit Committee. The Chairman of the Audit Committee will then escalate any significant matters to the full Audit Committee. If necessary, the Audit Committee can further elevate these matters to the full Board of Directors.
Cybersecurity Risk Role of Management [Text Block] The Company’s CIO brings over 40 years of experience in information technology and cybersecurity within the healthcare sector. The CISO has more than 25 years of expertise in technology and cybersecurity and has served as the Company’s CISO for 7 years. The Company has an Incident Response Planning Committee that convenes quarterly to address, identify, and manage any significant cybersecurity threats. Additionally, the Company has a crisis team, comprising the Compliance Officer, General Counsel, Chief Financial Officer, Human Resources Officer, Facilities Management Administrator, and Network Systems Administrator, which is activated if an event poses a significant risk to the Company.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true