Change Font Size

  • normal
  • large

About Kissei

Research & Development

News Release

Investor Relations

Sustainability

  • 2024
  • 2023
  • 2022
  • 2021
  • 2020
  • 2024
  • 2023
  • 2022
  • 2021
  • 2020

Security Control Actions

We take the following actions to prevent leakage, loss, or damage to personal data we handle and to otherwise ensure the secure management of personal data.

1. Establishment of Basic Policy

We have formulated the Kissei Personal Information Protection Policy in order for Kissei Pharmaceutical and Kissei Group companies to work together to ensure the proper handling of personal data.

2. Development of Rules Pertaining to the Handling of Personal Data

We have developed internal rules that contribute to the protection and use of personal information by establishing the handling method, employees responsible and employees in charge, and their duties at each stage, including acquisition, use, storage, provision, deletion and disposal, etc. of personal data.

3. Organizational Security Control Actions

We implement the following actions as organizational security control actions in accordance with internal rules concerning the protection and use of personal information.

(1) Clarify the responsibilities and roles of officers and employees concerning the handling of personal data

(2) Thoroughly manage personal data by establishing and complying with processing procedures from acquisition to disposal

(3) Create records of personal data from acquisition to disposal, and ensure means to confirm and grasp the state of handling

(4) Develop a communications systems for prompt responding and reporting if internal rules are breached or a personal data leakage incidence, etc. occurs

(5) Conduct regular inspections of the state of handling of personal data, and review and improve security control actions

4. Personnel Security Control Actions

We implement the following actions as personnel security control actions in accordance with internal rules concerning the protection and use of personal information.

(1) Implement training, etc. for officers and employees regarding the handling of personal data

(2) Obligate officers and employees to maintain the confidentiality of personal data through internal rules

5. Physical Security Control Actions

We implement the following actions as physical security control actions in accordance with internal rules concerning the protection and use of personal information.

(1) Management of areas where personal data is handled

(2) Prevention of theft, etc. of equipment and electronic media, etc.

(3) Prevention of leakage, etc. when carrying electronic media, etc.

(4) Deletion of personal data and disposal of equipment and electronic media, etc.

6. Technical Security Control Actions

We implement the following actions as technical security control actions in accordance with internal rules concerning the protection and use of personal information.

(1) Access controls

(2) Accessor identification and accreditation

(3) Prevention of unauthorized access, etc. by external parties

(4) Prevention of leakage, etc. associated with the use of information systems

7. Understanding the External Environment

We take necessary and proper actions for the secure management of personal data, based on our understanding of foreign systems, etc. for the protection of personal information.

Back to top of page