Cybersecurity Risk Management, Strategy, and Governance |
12 Months Ended |
|---|---|
Dec. 31, 2024 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] |
ITEM 1C. CYBERSECURITY. We place a high priority on cybersecurity, information security, and securing confidential business information and personal information that we receive and store related to our customers and employees. Our Audit Committee oversees the cybersecurity risks we face. In connection therewith, a Cybersecurity Steering Committee, which consists of our Chief Financial Officer, Chief Operating Officer, General Counsel, Vice President of Software Development, and Vice President of Regulatory Affairs, was formed to identify material risks and cybersecurity threats arising in our business. Our Audit Committee receives updates from the Cybersecurity Steering Committee at least annually, which cover topics related to information security, privacy, and cyber risks and risk management processes, including the status of significant cybersecurity incidences and projects designed to strengthen our information security posture. Our Audit Committee is also responsible for ensuring that our Board of Directors also receives periodic reports with respect to the status and management of our cybersecurity risks. The Cybersecurity Steering Committee, in collaboration with delegates from our business and functions, is responsible for implementing our enterprise-wide cyber security and information security strategy, employee training and compliance, and managing policies and processes for our information technology standards, product security, and privacy. As a member of the Cybersecurity Steering Committee, our Vice President of Software Development provides experience devising effective cybersecurity management practices in the areas of both software and product development, including risk evaluation, impact assessment, security threat modelling, cybersecurity mitigation strategies, residual risk acceptability and methodologies for security risk verification. He has led the integration of our medical device software into hospital and research institutions in compliance with the extensive cybersecurity requirements of those institutions. In addition to our internal Company resources, the Cybersecurity Steering Committee also regularly consults with external advisors and specialists regarding opportunities and enhancements to strengthen its practices and policies. We also engage with third-party consultants to manage the infrastructure and security of our information technology landscape. Our cybersecurity program includes:
•
Penetration testing of internal information technology systems and review of program maturity based on the National Institute of Standards and Technology cybersecurity framework;
•
Phishing, social engineering, and cyber hygiene training;
•
Continuous security event monitoring, management, and incident response plans;
•
Continuous enhancements to security capabilities based on evolving threats;
•
Information security policies and procedures;
•
Privacy controls and compliance with applicable legislative and regulatory requirements;
•
Assessment of applicable third-party vendors’ cybersecurity and information security practices; and
•
A cross-functional approach to addressing cybersecurity risk with participation from representatives across the business and functions.
As part of our cybersecurity program, we have adopted an incident response plan, under which the Chairs of our Board of Directors and Audit Committee are informed by the Cybersecurity Steering Committee of any cybersecurity incidents that have the potential to materially adversely impact us or our information systems. To date, no attempted cyber-attack or other attempted intrusion on our information technology networks has resulted in a material adverse impact on our operations or financial results, or in any penalties or settlements. Our acquisition of IRRAS in November 2025 did not result in any changes to our cybersecurity governance structure, oversight responsibilities, or risk management framework. We expect to integrate IRRAS into our cybersecurity program during 2026. |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] |
Our Audit Committee oversees the cybersecurity risks we face. In connection therewith, a Cybersecurity Steering Committee, which consists of our Chief Financial Officer, Chief Operating Officer, General Counsel, Vice President of Software Development, and Vice President of Regulatory Affairs, was formed to identify material risks and cybersecurity threats arising in our business. Our Audit Committee receives updates from the Cybersecurity Steering Committee at least annually, which cover topics related to information security, privacy, and cyber risks and risk management processes, including the status of significant cybersecurity incidences and projects designed to strengthen our information security posture. Our Audit Committee is also responsible for ensuring that our Board of Directors also receives periodic reports with respect to the status and management of our cybersecurity risks. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our Audit Committee oversees the cybersecurity risks we face. In connection therewith, a Cybersecurity Steering Committee, which consists of our Chief Financial Officer, Chief Operating Officer, General Counsel, Vice President of Software Development, and Vice President of Regulatory Affairs, was formed to identify material risks and cybersecurity threats arising in our business. Our Audit Committee receives updates from the Cybersecurity Steering Committee at least annually, which cover topics related to information security, privacy, and cyber risks and risk management processes, including the status of significant cybersecurity incidences and projects designed to strengthen our information security posture. Our Audit Committee is also responsible for ensuring that our Board of Directors also receives periodic reports with respect to the status and management of our cybersecurity risks. |
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | Our Audit Committee receives updates from the Cybersecurity Steering Committee at least annually, which cover topics related to information security, privacy, and cyber risks and risk management processes, including the status of significant cybersecurity incidences and projects designed to strengthen our information security posture. |
| Cybersecurity Risk Role of Management [Text Block] |
a Cybersecurity Steering Committee, which consists of our Chief Financial Officer, Chief Operating Officer, General Counsel, Vice President of Software Development, and Vice President of Regulatory Affairs, was formed to identify material risks and cybersecurity threats arising in our business. Our Audit Committee receives updates from the Cybersecurity Steering Committee at least annually, which cover topics related to information security, privacy, and cyber risks and risk management processes, including the status of significant cybersecurity incidences and projects designed to strengthen our information security posture. Our Audit Committee is also responsible for ensuring that our Board of Directors also receives periodic reports with respect to the status and management of our cybersecurity risks. The Cybersecurity Steering Committee, in collaboration with delegates from our business and functions, is responsible for implementing our enterprise-wide cyber security and information security strategy, employee training and compliance, and managing policies and processes for our information technology standards, product security, and privacy. As a member of the Cybersecurity Steering Committee, our Vice President of Software Development provides experience devising effective cybersecurity management practices in the areas of both software and product development, including risk evaluation, impact assessment, security threat modelling, cybersecurity mitigation strategies, residual risk acceptability and methodologies for security risk verification. He has led the integration of our medical device software into hospital and research institutions in compliance with the extensive cybersecurity requirements of those institutions. In addition to our internal Company resources, the Cybersecurity Steering Committee also regularly consults with external advisors and specialists regarding opportunities and enhancements to strengthen its practices and policies. |
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | In connection therewith, a Cybersecurity Steering Committee, which consists of our Chief Financial Officer, Chief Operating Officer, General Counsel, Vice President of Software Development, and Vice President of Regulatory Affairs, was formed to identify material risks and cybersecurity threats arising in our business. |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | As a member of the Cybersecurity Steering Committee, our Vice President of Software Development provides experience devising effective cybersecurity management practices in the areas of both software and product development, including risk evaluation, impact assessment, security threat modelling, cybersecurity mitigation strategies, residual risk acceptability and methodologies for security risk verification. He has led the integration of our medical device software into hospital and research institutions in compliance with the extensive cybersecurity requirements of those institutions. |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | The Cybersecurity Steering Committee, in collaboration with delegates from our business and functions, is responsible for implementing our enterprise-wide cyber security and information security strategy, employee training and compliance, and managing policies and processes for our information technology standards, product security, and privacy. As a member of the Cybersecurity Steering Committee, our Vice President of Software Development provides experience devising effective cybersecurity management practices in the areas of both software and product development, including risk evaluation, impact assessment, security threat modelling, cybersecurity mitigation strategies, residual risk acceptability and methodologies for security risk verification. He has led the integration of our medical device software into hospital and research institutions in compliance with the extensive cybersecurity requirements of those institutions. In addition to our internal Company resources, the Cybersecurity Steering Committee also regularly consults with external advisors and specialists regarding opportunities and enhancements to strengthen its practices and policies. |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |