XML 56 R32.htm IDEA: XBRL DOCUMENT v3.25.4
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
We maintain a cybersecurity risk management program designed to identify, assess, manage, mitigate and respond to cybersecurity threats. This program incorporates policies, processes, and activities over domains such as access control, facility and data protection, IT systems and data transmission security, threat intelligence and incident response, third-party risk management, disaster recovery, and vulnerability management. We have a comprehensive cybersecurity policy in place that includes robust measures to protect our data and systems from cyber threats, ensuring the integrity and confidentiality of our information.
We have implemented a risk-based approach to identify and assess the cybersecurity threats that could affect our business and information systems. We base our program on multiple security frameworks including the National Institute of Standards and Technology ("NIST"), HIPAA, and privacy laws such as the E.U.’s GDPR. We also require that third-party service providers with access to personal or proprietary information implement and maintain cybersecurity practices consistent with applicable legal standards.
Cybersecurity is complex and subject to constantly evolving threats. Accordingly, we engage a range of external experts, including cybersecurity consultants and auditors in evaluating and testing our risk management systems. These partnerships enable us to leverage specialized knowledge and insights. Our collaboration with these third-party experts includes regular audits, threat assessments, and consultation on security enhancements.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] Cybersecurity risk management is integrated into our broader risk management framework.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
Cybersecurity risk management is integrated into our broader risk management framework. Our audit committee of our board of directors, which has responsibility for oversight of risk management, also has responsibility for oversight of our program, policies and procedures related to information security and data protection. On a regular basis, the Audit Committee of our Board of Directors receives reports on cybersecurity risks as well as mitigation strategies and the status of initiatives to strengthen our information security systems. We also mandate a rigorous cybersecurity training program for all employees, which includes regular updates and assessments to ensure they are equipped to recognize and respond to potential cyber threats.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our audit committee of our board of directors, which has responsibility for oversight of risk management, also has responsibility for oversight of our program, policies and procedures related to information security and data protection.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] Our audit committee of our board of directors, which has responsibility for oversight of risk management, also has responsibility for oversight of our program, policies and procedures related to information security and data protection. On a regular basis, the Audit Committee of our Board of Directors receives reports on cybersecurity risks as well as mitigation strategies and the status of initiatives to strengthen our information security systems. We also mandate a rigorous cybersecurity training program for all employees, which includes regular updates and assessments to ensure they are equipped to recognize and respond to potential cyber threats.
Cybersecurity Risk Role of Management [Text Block]
The head of our IT department is tasked with ensuring that the highest levels of management and our board of directors are informed about the cybersecurity posture and potential risks facing the Company. Our IT team regularly briefs our CEO about cybersecurity risk management. The IT staff regularly informs the Head of IT about the latest developments in cybersecurity, including potential threats and risk management techniques. In the event of a cybersecurity incident, the Head of IT is informed promptly following its detection, and our response is governed by a detailed incident response plan that includes prompt actions to mitigate the impact of the incident and longer-term strategies for remediation and prevention of future incidents. The Head of IT has also chartered an Information Security Steering Committee made up of cross-functional executive leaders that meets quarterly on topics such as the current cybersecurity landscape and emerging threats, status of ongoing cybersecurity initiatives and strategies, incident reports and learnings from any cybersecurity events, and compliance with regulatory requirements and industry standards.
Cybersecurity risk management is integrated into our broader risk management framework. Our audit committee of our board of directors, which has responsibility for oversight of risk management, also has responsibility for oversight of our program, policies and procedures related to information security and data protection. On a regular basis, the Audit Committee of our Board of Directors receives reports on cybersecurity risks as well as mitigation strategies and the status of initiatives to strengthen our information security systems. We also mandate a rigorous cybersecurity training program for all employees, which includes regular updates and assessments to ensure they are equipped to recognize and respond to potential cyber threats.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The head of our IT department is tasked with ensuring that the highest levels of management and our board of directors are informed about the cybersecurity posture and potential risks facing the Company. Our IT team regularly briefs our CEO about cybersecurity risk management. The IT staff regularly informs the Head of IT about the latest developments in cybersecurity, including potential threats and risk management techniques. In the event of a cybersecurity incident, the Head of IT is informed promptly following its detection, and our response is governed by a detailed incident response plan that includes prompt actions to mitigate the impact of the incident and longer-term strategies for remediation and prevention of future incidents.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] we engage a range of external experts, including cybersecurity consultants and auditors in evaluating and testing our risk management systems. These partnerships enable us to leverage specialized knowledge and insights. Our collaboration with these third-party experts includes regular audits, threat assessments, and consultation on security enhancements.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]
The head of our IT department is tasked with ensuring that the highest levels of management and our board of directors are informed about the cybersecurity posture and potential risks facing the Company. Our IT team regularly briefs our CEO about cybersecurity risk management. The IT staff regularly informs the Head of IT about the latest developments in cybersecurity, including potential threats and risk management techniques. In the event of a cybersecurity incident, the Head of IT is informed promptly following its detection, and our response is governed by a detailed incident response plan that includes prompt actions to mitigate the impact of the incident and longer-term strategies for remediation and prevention of future incidents. The Head of IT has also chartered an Information Security Steering Committee made up of cross-functional executive leaders that meets quarterly on topics such as the current cybersecurity landscape and emerging threats, status of ongoing cybersecurity initiatives and strategies, incident reports and learnings from any cybersecurity events, and compliance with regulatory requirements and industry standards.
Cybersecurity risk management is integrated into our broader risk management framework. Our audit committee of our board of directors, which has responsibility for oversight of risk management, also has responsibility for oversight of our program, policies and procedures related to information security and data protection. On a regular basis, the Audit Committee of our Board of Directors receives reports on cybersecurity risks as well as mitigation strategies and the status of initiatives to strengthen our information security systems. We also mandate a rigorous cybersecurity training program for all employees, which includes regular updates and assessments to ensure they are equipped to recognize and respond to potential cyber threats.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true