XML 86 R30.htm IDEA: XBRL DOCUMENT v3.25.0.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] We maintain strong cybersecurity systems to guard against unauthorized access, malicious software, corruption of data, disruption of our networks and systems and unauthorized release of confidential information. We employ an experienced and dedicated information security team, strive to follow industry best practices, and work with our employees globally to create awareness and mitigate cyber risk. On an ongoing basis, we assess risks (including our exposure from significant information technology suppliers, significant software as a service providers and major vendors with access to our information technology systems) and implement procedures and practices designed to improve the security, confidentiality, integrity and availability of our systems. We voluntarily engage third-party security auditors to test our systems and controls at least annually against the most widely recognized security standards and regulations. We have developed and continue to implement a continuing cyber awareness training program which is designed to increase awareness of cybersecurity threats throughout our company and reduce the risk of human error. We conduct periodic phishing testing on all our employees with e-mail access and emphasize information security in training events and programs we host throughout the year.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] We maintain strong cybersecurity systems to guard against unauthorized access, malicious software, corruption of data, disruption of our networks and systems and unauthorized release of confidential information. We employ an experienced and dedicated information security team, strive to follow industry best practices, and work with our employees globally to create awareness and mitigate cyber risk. On an ongoing basis, we assess risks (including our exposure from significant information technology suppliers, significant software as a service providers and major vendors with access to our information technology systems) and implement procedures and practices designed to improve the security, confidentiality, integrity and availability of our systems.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]

We have established controls and procedures to escalate enterprise-level issues, including cybersecurity matters, to the appropriate management levels within our organization and our Board of Directors, or members or committees thereof, as appropriate. Our Board of Directors provides oversight of our enterprise risk management, including our approach to managing cybersecurity risk, and has delegated responsibility for review of information security risks to its Audit Committee. The Audit Committee regularly reviews information security risks and receives reports from our Chief Information Officer and other members of the Company’s management regarding those risks. Our cybersecurity program is managed by a dedicated Chief Information Officer whose global team, including the Vice President, Information Security, is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture and processes. Our Chief Information Officer has over 29 years of relevant industry experience, including 18 years with Merit. Our Vice President, Information Security, functions as our senior information security officer and has over 18 years of relevant industry experience. Further, team members who support our cybersecurity program have relevant educational and industry experience through various roles involving information technology, security, auditing, compliance, systems and programming, as well as cybersecurity certifications such as Certified Information Systems Security Professional.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Audit Committee
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] Our Board of Directors provides oversight of our enterprise risk management, including our approach to managing cybersecurity risk, and has delegated responsibility for review of information security risks to its Audit Committee.
Cybersecurity Risk Role of Management [Text Block] The Audit Committee regularly reviews information security risks and receives reports from our Chief Information Officer and other members of the Company’s management regarding those risks. Our cybersecurity program is managed by a dedicated Chief Information Officer whose global team, including the Vice President, Information Security, is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture and processes. Our Chief Information Officer has over 29 years of relevant industry experience, including 18 years with Merit. Our Vice President, Information Security, functions as our senior information security officer and has over 18 years of relevant industry experience. Further, team members who support our cybersecurity program have relevant educational and industry experience through various roles involving information technology, security, auditing, compliance, systems and programming, as well as cybersecurity certifications such as Certified Information Systems Security Professional.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Our cybersecurity program is managed by a dedicated Chief Information Officer whose global team, including the Vice President, Information Security, is responsible for leading enterprise-wide cybersecurity strategy, policy, standards, architecture and processes.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Our Chief Information Officer has over 29 years of relevant industry experience, including 18 years with Merit. Our Vice President, Information Security, functions as our senior information security officer and has over 18 years of relevant industry experience. Further, team members who support our cybersecurity program have relevant educational and industry experience through various roles involving information technology, security, auditing, compliance, systems and programming, as well as cybersecurity certifications such as Certified Information Systems Security Professional.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Matters determined to present potential material impacts to the Company’s financial results, operations, and/or reputation are immediately reported by management to our Board of Directors or the Audit Committee, as appropriate, in accordance with our escalation framework.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true