Sanara MedTech Inc. 10-K Cybersecurity GRC - 2024-03-25

Page last updated on April 11, 2024

Sanara MedTech Inc. reported their cybersecurity risk management and governance process in a yearly 10-K filed on 2024-03-25 16:02:58 EDT.

Filings

10-K filed on 2024-03-25

Sanara MedTech Inc. filed an 10-K at 2024-03-25 16:02:58 EDT
Accession Number: 0001493152-24-011128

Note: filing items unformatted. Drop us a note with the above URL to help us prioritize formatting it!

Item 1C. Cybersecurity.

ITEM 1C. CYBERSECURITY We recognize the critical importance of cybersecurity in safeguarding sensitive information and maintaining operational resilience. We have processes for assessing, identifying and managing cybersecurity risks, which are built into our information technology function and are designed to help protect our information assets and operations from internal and external cyber threats, protect employee and customer information from unauthorized access or attack, as well as secure our networks and systems. The Audit Committee of the Board of Directors (the Audit Committee ) is responsible for overseeing cybersecurity risk and periodically updates our Board of Directors on such matters. The Audit Committee receives periodic updates from management regarding cybersecurity matters and is notified between such updates regarding any significant new cybersecurity threats or incidents. We do not believe that there are currently any known risks from cybersecurity threats that are reasonably likely to materially affect us or our business strategy, results of operations or financial condition. As a company, we leverage the National Institute of Standards and Technology (NIST) Cybersecurity Framework to align with industry best practices and to develop policies and procedures, which include a Cybersecurity Response Plan focusing on detection, validation, mitigation, recovery, and refinement. In addition to the Cybersecurity Response Plan, we provide cybersecurity awareness training to our employees, including training on social engineering, phishing, password protection, confidential data protection, mobile security, and incident reporting, to help prevent and reduce the impact of potential cybersecurity events. We have strategically invested resources and tools to combat the ever-changing cyber threat landscape. These investments include growing our internal technology team headcount and bolstering our partnerships with entities with external expertise, resulting in increased protection, monitoring, and response capabilities. We have also made investments to carry cybersecurity insurance that provides additional protection and resources to reduce a cybersecurity event s impact and potential losses. Our technology and management teams meet regularly with key internal and external stakeholders to review cybersecurity concerns and areas for continued focus and improvement. We face risks from cybersecurity threats that could have a material adverse effect on our business, financial condition, results of operations, cash flows or reputation. To date, we have not experienced any cyber incidents that have had a material adverse effect on our business, financial condition, results of operations, or cash flows. See Risk Factors Risks Related to Our Business Security breaches and other disruptions could compromise our information and expose us to liability, which would cause our business and reputation to suffer.

Company Information