Privacy and information security

Measures to ensure privacy

In order to accomplish our mission of “Creating the future of medical and healthcare” we provide services such as CLINICS telemedicine system, CLINICS EMR system for clinics, Pharms cloud-based pharmacy support system, Dentis cloud-based dental clinic support system and JobMedley recruitment system in medical healthcare field to solve a wide range of social problems. Through these services, we handle specific information including personal information (as defined in the Act on the Protection of Personal Information; hereinafter referred to as "Personal Information".)

In addition to strictly managing Personal Information and ensuring information security, we have created and published a privacy policy. We manage Personal Information as appropriate based on our privacy policy and we have created an information security management system to enhance our information management system. We have also obtained third-party certification for our information security and we actively work to ensure good information management with the whole company.

Information security management system

We have created an information security promotion system in accordance with our basic plan for information security. We conduct information security training and periodically update our information security management system so that all employees remain in strict compliance with information security laws.

Third-party certification received

In order to strengthen the information management system and handle medical-related information safely particularly in our Medical Platform Business, which handles "personal information requiring consideration" as defined in the Act on the Protection of Personal Information, we underwent a review by a third-party organization and received ISMS cloud security certification ISO/IEC 27017 and ISMS certification ISO/IEC 27001 for the main services of our Medical Platform Business.

In our HR Platform Business, we take the handling of Personal Information very seriously and we have received TRUSTe certification for the main services of our HR Platform Business. In addition, we have implemented information security measures such as firewalls, SSL, and information access restrictions to mitigate the risk of information leaks.

International certification for information security management (1)

We have received ISMS CLOUD security certification (ISO/IEC 27017) and ISMS certification (ISO/IEC 27001) under the ISMS system, which certifies that the safety of the information assets of companies and organizations conform to international standards. We take appropriate action to protect our information assets from events such as disasters, hardware/software problems, unauthorized access, and leaks.

Certification for handling of Personal Information (2)

Under the TRUSTe system, companies and services are screened to determine if they appropriately handle Personal Information in accordance with certain standards. This serves as an indicator of whether the company or service can be trusted when users provide Personal Information to a company.

(1) Certification received for CLINICS telemedicine system, CLINICS EMR system, Pharms, and Dentis
(2) Certification received for JobMedley, and Kaigo-no Honne Information security training system

Information security training system

We provide all employees (including temporary and contract employees) with information security training when they join the company so they have the information security knowledge necessary for their work. We have also established an information security training system that provides regular training for employees appropriate to their levels and positions, including training for managers and training on cloud-related security risks for employees using cloud-based services (mainly engineers and designers).

Return to index