ºÚÁÏÍø

Information Security

Policy and Basic Concept

While the use of IT and digital technology is advancing, cyber attacks are becoming more sophisticated and complex year by year, increasing the possibility of shutdowns and other disruptions to business activities such as pharmaceutical research and development, manufacturing, and sales. ºÚÁÏÍø possesses a great deal of important information, including the personal information of patients and the people in the daily living domain, as well as undisclosed management information. Should a data breach result in a leak of sensitive information, it would result in the instant loss of public trust. Moreover, leaks of unreleased structural formulas for projects in the drug discovery phase would have a negative impact on the value of our intellectual property rights. In the event that such information security risks become apparent, the loss of credibility or competitive advantage could have a major impact on business results. However, we recognize that the use of digital technology in building hhc eco (hhc Concept + eco-system) is becoming increasingly important in order to realize the social good that we advocate under our management concept.

We regard information security as an important issue (materiality), and will create opportunities by effectively utilizing information while ensuring its security, as well as fulfilling our social responsibility and providing value to society.

 

Structures and Systems

ºÚÁÏÍø’s Board of Directors has established the “Rules for Preparing Necessary Systems for Ensuring Suitability in the Performance of Duties by Corporate Officers”. The Board appoints a corporate officer in charge of the storage and management of information, establishes the framework, and stipulates the development and application of the necessary rules. In accordance with these rules, the Company has established systems such as a personal information protection system and a confidential information security system. 

In departments that handle personal information on a daily basis, we strive for systems and operations that have received Information Security Management System (ISMS) and PrivacyMark certification and are objectively recognized as having the three components of information security: confidentiality, integrity, and availability.

 

Appropriate Management of Information Assets

ºÚÁÏÍø has put a management system in place for data protection and legal compliance. ºÚÁÏÍø also conducts risk management related to IT security, including those relating to personal information and confidential information.

Click here for Privacy Policy

 

Information Security Framework

To prevent cyberattacks and other threats from interfering with important business, as well as safeguard against leaks of personal or confidential information, etc., in addition to strengthening system infrastructure security, ºÚÁÏÍø establishes regulations on the protection of personal information and the management of confidential information, provides officers and employees with education on management of information in daily work and learning opportunities such as training on cyber security, and is working to continually enhance governance related to global information security and implement related measures.