Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended |
|---|---|
Dec. 31, 2025 | |
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | We have processes for assessing, identifying and managing cybersecurity risks, which are informed by industry standards and built into our overall enterprise risk management function and are designed to help protect our information assets and operations from internal and external cyber threats, and to protect employee, collaborator and patient information from unauthorized access or attack. We maintain a team of internal and external information technology specialists who are responsible for the design, implementation, and operation of our information technology ecosystem and cybersecurity governance processes. We engage with certain external parties, including consultants, computer security firms and risk management advisors, peer companies, and industry groups in an effort to enhance our cybersecurity oversight and risk management strategy. We also use security technologies, including third-party solutions and monitoring tools that are designed to identify and mitigate cybersecurity risks. Further, we regularly engage third parties to conduct penetration testing, security assessments and tabletop exercises. We also engage a virtual chief information security officer (“vCISO”) to support and advise on our cybersecurity program. We have a process to consider the internal risk oversight programs of critical third-party service providers, including through security questionnaires and contractual requirements, as appropriate. In addition, in an effort to deter and detect cyber threats, we have implemented an annual training program to provide employees with data protection, cybersecurity and incident response and prevention training. We have not identified any cybersecurity incidents or threats that have materially affected us or are reasonably likely to materially affect us, including our business strategy, results of operations, or financial condition. However, like other companies in our industry, we and our third-party vendors have from time to time experienced threats and security incidents. For more information, please see the section entitled “Risk Factors.” |
| Cybersecurity Risk Management Processes Integrated [Flag] | true |
| Cybersecurity Risk Management Processes Integrated [Text Block] | We have processes for assessing, identifying and managing cybersecurity risks, which are informed by industry standards and built into our overall enterprise risk management |
| Cybersecurity Risk Management Third Party Engaged [Flag] | true |
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true |
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false |
| Cybersecurity Risk Board of Directors Oversight [Text Block] | We maintain a team of internal and external information technology specialists who are responsible for the design, implementation, and operation of our information technology ecosystem and cybersecurity governance processes. We engage with certain external parties, including consultants, computer security firms and risk management advisors, peer companies, and industry groups in an effort to enhance our cybersecurity oversight and risk management strategy. We also use security technologies, including third-party solutions and monitoring tools that are designed to identify and mitigate cybersecurity risks. Further, we regularly engage third parties to conduct penetration testing, security assessments and tabletop exercises. We also engage a virtual chief information security officer (“vCISO”) to support and advise on our cybersecurity program. We have a process to consider the internal risk oversight programs of critical third-party service providers, including through security questionnaires and contractual requirements, as appropriate. In addition, in an effort to deter and detect cyber threats, we have implemented an annual training program to provide employees with data protection, cybersecurity and incident response and prevention training. |
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | The Audit Committee of our Board of Directors provides direct oversight over cybersecurity risk |
| Cybersecurity Risk Role of Management [Text Block] | The VP of IT leads the operational oversight of company-wide cybersecurity strategy, policies, processes, and support staff. Additionally, the VP of IT works across all relevant departments to assess and help prepare us and our employees to address cybersecurity risks. The VP of IT reports and provides regular updates to the Chief Operations Officer and Chief Financial Officer on the cybersecurity program as well as periodic updates to executive management |
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true |
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | The VP of IT leads the operational oversight of company-wide cybersecurity strategy, policies, processes, and support staff. Additionally, the VP of IT works across all relevant departments to assess and help prepare us and our employees to address cybersecurity risks |
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | VP of IT has worked in the information technology field for over 20 years at biotechnology companies including publicly-traded organizations |
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | The Audit Committee of our Board of Directors provides direct oversight over cybersecurity risk and provides updates to the Board of Directors regarding such oversight. The Audit Committee receives periodic updates from management, including from our Vice President, Information Technology (the “VP of IT”), regarding cybersecurity matters, such as relevant cybersecurity risk assessments, as applicable. We have established a process for the Audit Committee to be notified in the event of significant cybersecurity threats or incidents |
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |