Mozarc Medical
Corporate Responsibility Information

Mozarc Medical
Corporate Responsibility Information

Effective Date: June 2024

 

We are building our company upon a foundation of innovation and integrity. That is how we have always gained the trust and confidence of patients, their caregivers, clinicians, and other stakeholders.

— Ven Manda, Chief Executive Officer

Integrity Matters at Mozarc

At Mozarc, one of our core values is that we will lead with integrity and honesty in all aspects of our business. This means that every interaction is an opportunity for us to demonstrate how we lead with the highest standard of integrity and ethics.

Our Code of Conduct outlines our commitment to employees, patients, providers, customers, and the communities in which we operate of how we will engage:

  • In our workplace
  • In our interactions with patients and customers
  • In our business conduct.

View our Code of Conduct in the following languages:

We encourage open, honest, and full discussion on any issue related to compliance with our policies and procedures. We prohibit any retaliation against anyone who reports a concern in good faith. When concerns are raised, we will conduct a prompt and thorough investigation of the issue.

We have a variety of mechanisms for individuals to share concerns:

Distributor Resources

Global Agents and Distributors Code of Conduct

Mozarc Medical is committed to maintaining the highest ethical standards and complying with all applicable laws and regulations in the conduct of its business in all parts of the world, whether such business is carried out through direct sales operations or Distributors. Mozarc Agents and Distributors must observe and adhere to the Global Agents and Distributors Code of Conduct.

View the Global Agents and Distributors Code of Conduct in the following languages:

Supplier Information

Global Supplier Standards

At Mozarc Medical, integrity and honesty matter. Our Code of Conduct details the ethical standards and framework under which we conduct and manage our business, governs the work we do every day. Our Code of Conduct sets forth the foundation for our standards and expectations in the workplace. We hold our Suppliers to the same high standards of business conduct and social and environmental responsibility.

We expect our Suppliers to:

  • Comply with the laws, rules, and regulations of the counties in which they operate
  • Uphold the human rights of their workers
  • Ensure a safe and healthy workplace
  • Practice social and environmental responsibility, and
  • Demonstrate the highest standards of business ethics.

Our Global Supplier Standards outline the minimal requirements and expectations for ethical and sustainable business conduct. They apply to Suppliers, agents and contract manufacturers (collectively referred to as “Suppliers”) involved in the conduct of Mozarc business globally. As Suppliers deliver goods or services to Mozarc, they are certifying their compliance to these standards.

We reserve the right to evaluate, audit, and inspect Suppliers’ facilities, operations, and records at any time to make sure they are in compliance. Mozarc reserves the right to take appropriate action, up to and including the termination of the business relationship, as a result of violations of these standards.

View our Global Supplier Standards in the following languages:

Product Security

Dedication to product security

At Mozarc Medical, we are committed to ensuring the highest level of security and trust in our medical devices and digital health products. We take product security seriously and strive to protect our customers, patients, and partners from potential risks and vulnerabilities. This product security policy outlines our dedication to:

  • safeguard patient and user safety
  • protect user personal data
  • ensure the reliability of our products
  1. Product Security Assurance
    We are committed to designing, developing, and manufacturing medical devices and solutions that meet industry standards for security. Our products undergo rigorous testing and evaluation to identify and mitigate potential vulnerabilities.
  2. Data Protection and Privacy
    We prioritize the protection of user data and adhere to all relevant data protection and privacy laws and regulations, including HIPAA (Health Insurance Portability and Accountability Act). We implement robust data security measures to safeguard patient information and ensure privacy.
  3. Security Updates and Patches
    We regularly monitor our products for security vulnerabilities, analyze them, and release timely updates and patches to address any identified issues.
  4. Vulnerability Reporting
    We encourage responsible disclosure of security vulnerabilities. If you discover a potential security issue in our products, please contact us to report it. Details on how to contact us are provided below. We take all reports seriously and will work to address and resolve any issues promptly.
  5. Compliance and Certification
    We are committed to complying with all applicable laws, regulations, and industry standards related to the security and privacy of medical devices and digital health products. Wherever required, we will seek appropriate certifications to demonstrate our commitment to product security and data privacy.
  6. Continuous Improvement
    We are committed to continuously improving our product security practices. We regularly review and update our security policies and procedures to adapt to evolving threats and technologies.
  7. Transparency
    We are transparent about our product security practices and will communicate openly with our customers and the public regarding any significant security incidents or updates.

At Mozarc Medical, we believe that every patient’s well-being depends on the safety and security of our products. We are dedicated to upholding the highest standards of product security, and we appreciate your trust in us.

Your role in Mozarc Medical product security

We value the contributions of the security research community. If you believe you have identified a potential security vulnerability in one of our products or services, we want to know so we can investigate.

WHO TO CONTACT

Email [email protected] using our PGP public key to encrypt your message. We would prefer that your message be provided in English.

WHAT DETAILS TO PROVIDE
  1. Your contact information, including name(s), organization name, email address and phone number so we can follow up with you. We ask for contact information only to consult Mozarc Medical records when addressing your submission. We never share your contact information with other parties outside of Mozarc Medical.
  2. Technical description of the concern or vulnerability, including
    1. When, where, and how it was discovered
    2. Which products/devices/systems it is impacting, including product numbers
    3. Whether you were able to access any protected health information or other personally identifiable information about any user. Please do NOT include any protected health information or other personally identifiable information about others in your email submission.
    4. Any additional information you think will be helpful to us, including details on the testing environment and tools used to conduct the testing.
  3. Whether you have notified anyone else about the potential vulnerability, such as regulatory agencies, vendors, vulnerability coordinators, etc.
WHAT MOZARC MEDICAL WILL DO
  1. With ten business days, Mozarc Medical will confirm we have received your submission and give you the name of the contact person.
  2. We will notify the appropriate security engineers who may want to follow up with you to better understand what you have found, or to confirm technical details.
  3. We will investigate the potential vulnerability.
  4. We will conduct a risk analysis to determine the appropriate action.
  5. Once determined, we will provide you with a summary of our findings.
  6. We may publicly acknowledge your contribution to improving the security of our product and services, subject to your agreement.
IMPORTANT INFORMATION
  1. We ask that you comply with all laws and regulations when conducting your research, and avoid actions that could harm products or people, such as brute force testing, tests on active devices, tests on software in production settings, actions taken to exploit any vulnerability, and actions that result in a change to a product or system after the test is conducted.
  2. If you have identified a security vulnerability in a Mozarc Medical product and would prefer to disclose the matter directly to the regulatory agency rather than Mozarc Medical, please contact the appropriate regulatory agency.
  3. By submitting information, you agree that your submission will be governed by Mozarc Medical’s Privacy Statement and Terms of Use.
  4. We reserve the right to change any aspect of our coordinated disclosure process at any time without notice, and to make exceptions to it on a case-by-case basis.

Product Stewardship