Item 1C. Cybersecurity.

 

In the normal course of business, we may collect and store personal information and other sensitive information, including proprietary and confidential business information, trade secrets, intellectual property, patient information, sensitive third-party information and employee information. To protect this information, our existing cybersecurity policies require continuous monitoring and detection programs, network security precautions, encryption of critical data and in-depth security assessments of vendors. We maintain various protections designed to safeguard against cyberattacks, including firewalls and virus detection software. Our information technology (“IT”) team (In-house and outside consultants) s responsible for these ongoing monitoring and detection activities.

 

The governance of our cybersecurity risks involves active and informed participation from our management team, our IT team and our board of directors. This oversight includes briefings by our IT team on the nature of the risks we face and the steps we are taking to mitigate these risks, as well as immediately reporting any significant cybersecurity incident that occurs to management and the board of directors.

 

We have not experienced a cybersecurity incident that had a material impact on our business strategy, results of operations, or financial condition. We continue to monitor potential cybersecurity threats and incorporate findings into our risk management strategies.