Compliance & Ethics
CODE OF CONDUCT
Every Merit team member is responsible for ensuring that our reputation remains strong. Together we foster a culture in which compliance with the Merit Code of Business Conduct & Ethics and adherence to our core values drives our everyday business activities.
The Merit Code of Business Conduct & Ethics always underpins our approach to operating with the highest integrity. It also provides several avenues for team members to report their concerns without fear of retaliation, encouraging them to speak first to their managers and seek help from Human Resources or our Chief Compliance Officer.
We provide an ethics hotline through the Navex EthicsPoint system, a third-party. Employees and business partners may access the ethics hotline here. This reporting system allows concerned individuals to report any business conduct or ethical concerns they may have, offers 24/7 assistance, with optional anonymous reporting in multiple languages from anywhere in the world. http://www.merit.ethicspoint.com/
In addition, Merit has issued a Code of Conduct for Suppliers, which sets forth company expectations of our business partners on several topics, such as labor and human rights, management systems, ethical business practices, responsible sourcing, and other important topics.
DATA PRIVACY AND PROTECTION
Merit has always respected the privacy rights of those whose information the company has a duty to protect. We have programs and processes in place to ensure adherence to all applicable data privacy regulations globally, including the European Union’s General Data Protection Regulation.
Our company follows industry standard best practices, as defined by the National Institute of Standards and Technology Cybersecurity Framework, that continuously assess and enhance our security posture.
We also use a number of technologies, processes, and practices across our information systems infrastructure, such as digital certificate-based device authentication, Security Event and Information Management, Multi-Factor Authentication, Intrusion Detection and Prevention Systems, and Privacy and Access Controls, as best practices to manage cybersecurity-related risks.
Merit’s compliance and anti-corruption policies are designed to ensure that our interactions with medical or healthcare professionals are intended to benefit patients and to enhance the practice of medicine.
That being said, every Merit employee is responsible for adhering to these policies, including compliance with all laws and regulations, such as U.S. Anti-Kickback Statute, the FCPA, export and import regulations, advertising and promotion laws, and applicable Sunshine/transparency laws.
Merit’s business practices are monitored and subject to control systems, which are overseen by our Chief Compliance Officer, who reports regularly to an established Compliance Committee and the Board of Directors. We frequently communicate our compliance standards and provide periodic training to employees, monitor and conduct risk assessments tailored to the nature of our business operations, promote and enforce our compliance program consistently throughout the company, and publicize a system for confidential reporting of potential or actual misconduct without fear of retaliation.