Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We believe that cybersecurity is fundamental in our operations and, as such, we are committed to maintaining robust governance and oversight of cybersecurity risks and to implementing comprehensive processes and procedures for identifying, assessing, and managing material risks from cybersecurity threats as part of our broader risk management system and processes. Our cybersecurity risk management strategy prioritizes detection, analysis and response to known, anticipated or unexpected threats; effective management of security risks; and resiliency against incidents. With the ever-changing cybersecurity landscape and continual emergence of new cybersecurity threats, our senior management team and board of directors ensure that significant resources are devoted to cybersecurity risk management and the technologies, processes and people that support it. We assess the impact of cybersecurity threats on our business, including our strategic direction, operational performance, and financial stability, using insights from any past cybersecurity incidents in the health care industry of which we are aware.

We have implemented risk-based processes for assessing, identifying, and managing material risks from cybersecurity threats. These processes include access controls to organizational systems, data encryption, and cybersecurity training and security awareness campaigns, and are designed to systematically evaluate potential vulnerabilities and cybersecurity threats and minimize their potential impact on our organization’s operations, assets, and stakeholders. If necessary, we will engage a third party that is ISO 27001 certified to provide our IT security services. Accordingly, we also implement processes to oversee and identify material cybersecurity risks associated with our utilization of third-party service providers on whom we have a material dependency, such as conducting due diligence assessments to evaluate their cybersecurity measures, data protection practices, and compliance with relevant regulatory requirements.

As we do not have a dedicated board committee solely focused on cybersecurity, our board of directors has oversight responsibility for risks and incidents relating to cybersecurity threats, including compliance with disclosure requirements, cooperation with law enforcement, and related effects on financial and other risks. Senior management regularly discusses cyber risks and trends and, should they arise, any material incidents with our board of directors. We consult with outside counsel as appropriate, including on materiality analysis and disclosure matters, and in the event of an incident our board of directors will make the final materiality determinations and disclosure and other compliance decisions.

Overall, our approach to cybersecurity risk management includes the following key elements:

	1)	Continuous monitoring of cybersecurity threats, both internal and external, through the use of data analytics and network monitoring systems.
	2)	Engage when necessary third-party consultants and other advisors to provide IT services and to assist in assessing points of vulnerability of our information security systems.
	3)	Overall assessment of cybersecurity incidents materiality and potential impact on the company’s operations and financial condition by our senior management team and our board of directors, in cooperation, if considered necessary, with specialized external consultants.
	4)	Oversight responsibility of cybersecurity risks and compliance with relevant disclosure requirements lies with our board of directors.
	5)	Training and Awareness –We provide employee training that is administered on a periodic basis that reinforces our information technology standards and practices, as well as the expectation that employees identify and report potential cybersecurity risks. We also require employees to sign confidentiality agreements, where appropriate to their role.

We continue to invest in our cybersecurity systems and to enhance our internal controls and processes. Our business strategy, operating results and financial condition have not been materially affected by risks from cybersecurity threats, but we cannot provide assurance that they will not be materially affected in the future by such risks or any future material incidents. While we have dedicated significant resources to identifying, assessing, and managing material risks from cybersecurity threats, our efforts may not be adequate, may fail to accurately assess the severity of an incident, may not be sufficient to prevent or limit harm, or may fail to sufficiently remediate an incident in a timely fashion, any of which could harm our business, reputation, operating results and financial condition. For more information certain risks associated with cybersecurity, see “Item 3.D. Risk Factors—Company-Specific Risk Factors— A cyber-attack or our information systems otherwise not properly working could materially disrupt our business.”

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Board of Directors Oversight [Text Block]

As we do not have a dedicated board committee solely focused on cybersecurity, our board of directors has oversight responsibility for risks and incidents relating to cybersecurity threats, including compliance with disclosure requirements, cooperation with law enforcement, and related effects on financial and other risks. Senior management regularly discusses cyber risks and trends and, should they arise, any material incidents with our board of directors.