Information Security Policy
Allm Inc. and its subsidiary companies (hereinafter referred collectively to as “We”, ”Us”, “Our”) proactively integrate information communications technology (ICT), and improve operational efficiency and services while providing developing, maintaining, and operating medical, nursing, and care-related systems as our core business.
In order to prevent the leakage of, loss of, or unauthorized access to all information assets including personal information acquired through these activities, we establish our Information Security Policy regarding the following matters, and all executives, employees, and other related parties shall understand its intent and comply with it.
1. Information security management system
We shall develop and establish an information security management system and continuously improve it. For that purpose, we shall establish an Information Security Committee to accurately understand our state of information security and information security incidents (issues, accidents, etc.) ,and then quickly implement necessary measures.
2. Compliance with laws and regulations
We shall comply with the country’s prescribed policies on information security and other related laws and regulations.
3. Education on information security
We shall periodically educate and train our employees on the importance of information security and the proper handling of information assets.
4. Handling of information security incidents
If an information security incident occurs, the person who discovered the incident shall report the details of the incident to the Information Security Committee without delay, and prevent the spread of damages by taking immediate measures. The cause of the incident shall also be analyzed and measures taken to prevent reoccurrence.
5. Continuous improvement
We shall periodically evaluate and review our basic information security policy and information security management system, and continuously improve them.