ISMS - Information Security

Basic Information Security Policy

1. Purpose of the Basic Information Security Policy

This security policy is the basic policy for information security of Global Health Consulting Japan Co., Ltd., in order to ensure the implementation of information security measures as the responsibility of operators handling medical information. It is set for the purpose of complying with laws, regulations and contractual obligations related to the implementation of appropriate protection measures for information assets and information security.

2. Information security management system

Global Health Consulting Japan will establish an Information Security Committee, Information Management Department (Information Security Operations Department), and Information Security Audit Team in order to promote information security.

3. Formulation of information security management measures

Global Health Consulting Japan makes no guarantees about the safety, accuracy, certainty, or usefulness of the contents of this site and the information obtained by users.
Global Health Consulting Japan shall not be liable for any damages arising from the use of this site, or for damages resulting from delays, interruptions or cancellations of operations.
In the event that a user causes damage to a third party using this site, the user shall resolve it at his / her own responsibility and expense, and shall not cause any damage to Global Health Consulting Japan.

4. Implementation of information security management measures

The Information Management Department implements and evaluates information security management measures in accordance with the instructions of the Information Security Committee.

5. Compliance with laws and regulations

All employees who handle information assets owned by Global Health Consulting Japan will comply with information security laws, regulations and contractual obligations.

6. Information security education and training

Global Health Consulting Japan regularly provides necessary information security education to all employees who handle information assets held by Global Health Consulting Japan according to their duties.

7. Obligations of employees

Employees will act in compliance with the rules established by Global Health Consulting Japan. Applicable penal regulations will be applied if employees violate.

8. Information security internal audit

The information security audit team regularly conducts information security internal audits to verify that security policies are being followed, effectively implemented and maintained.

9. Review

This security policy will be reviewed periodically and in the event of significant changes in the business environment, revisions to laws and regulations, and changes in the social environment to ensure their validity and effectiveness.

ISMS authentication

GHC has obtained certification for the international standard “ISO / IEC27001: 2013” of the information security management system (ISMS) and the domestic standard “JIS Q 27001: 2014”.

ISMS authentication

ISMS certification Certification standard: ISO / IEC 27001: 2013 / JIS Q 27001: 2014
Certification registration number: IS 97223
Scope of registration: Management consulting based on benchmark analysis for customers including medical institutions, insurers and pharmaceutical companies.
 
Initial registration date: August 18, 2005
Expiration date: August 11, 2020
Certification registration organization: BSI Group Japan Co., Ltd.