XML 41 R30.htm IDEA: XBRL DOCUMENT v3.25.1
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We prioritize cybersecurity throughout our operations to protect sensitive data, ensure device integrity, and maintain business continuity. Our strategy is built on a layered approach encompassing proactive risk assessments, vulnerability management, data security, device security, employee training, and incident response. We have a documented incident response plan outlining steps for detection, containment, eradication, and recovery from cyberattacks. We conduct regular incident response drills to ensure preparedness. We use threat intelligence feeds and industry reports to stay informed about evolving cyber threats targeting the medical manufacturing industry. We conduct annual comprehensive risk assessments using industry-standard methodologies and tailored questionnaires for medical manufacturing risks. We continuously monitor system logs and security alerts for suspicious activity indicative of potential attacks. We track and prioritize identified risks based on a risk scoring system considering factors like data sensitivity and operational disruption. We implement multi-factor authentication for all remote access and privileged accounts. We segment our network to isolate critical systems holding personal identifying information, corporate data, and operational data. We encrypt sensitive data at rest and in transit using industry-standard algorithms. We regularly patch vulnerabilities in our systems based on severity and potential exploitability. We have strict access controls in place, granting privilege access based on job roles and responsibilities. We continuously monitor network activity for anomalies and suspicious behavior.

Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block] Cybersecurity risks are integrated into our enterprise risk management framework and considered alongside other operational and financial risks during decision-making processes. The Information Security Officer (ISO) reports directly to the Chief Financial Officer (CFO) and regularly briefs the executive team on cybersecurity risks and mitigation strategies. We engage independent cybersecurity firms to conduct penetration testing, vulnerability assessments, and security audits of our IT and OT infrastructure. We also use external expertise for incident response support and regulatory compliance guidance. We conduct thorough cybersecurity risk assessments of all third-party vendors before onboarding, evaluating their security controls, data handling practices, and incident response capabilities. We require vendors to sign contracts that mandate adherence to specific cybersecurity standards and data privacy regulations. We conduct ongoing monitoring of vendor security posture and require them to promptly report any security incidents.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block] The Board of Directors oversees the overall cybersecurity risk management program and holds management accountable for its effectiveness. 
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] The Board of Directors oversees the overall cybersecurity risk management program and holds management accountable for its effectiveness. The Board receives regular briefings on cybersecurity risks and mitigation strategies.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The ISO regularly reports to the Board and executive management on the status of the cybersecurity risk management program, including key risks, mitigation strategies, and incident reports.
Cybersecurity Risk Role of Management [Text Block] Management’s role is to assist the Board in identifying and considering material cybersecurity risks, ensure implementation of management-level and employee-level cybersecurity practices and training, and provide the Board with regular reports regarding any cybersecurity attacks or vulnerabilities.
Cybersecurity Risk Management Positions or Committees Responsible [Flag] true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] The Information Security Officer (ISO) reports directly to the Chief Financial Officer (CFO) and regularly briefs the executive team on cybersecurity risks and mitigation strategies.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] We engage independent cybersecurity firms to conduct penetration testing, vulnerability assessments, and security audits of our IT and OT infrastructure. We also use external expertise for incident response support and regulatory compliance guidance.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Management’s role is to assist the Board in identifying and considering material cybersecurity risks, ensure implementation of management-level and employee-level cybersecurity practices and training, and provide the Board with regular reports regarding any cybersecurity attacks or vulnerabilities.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true