Information Security and Personal Information Protection
We have enacted measures to prevent information leaks from both hard and soft perspectives. At the same time, the Group is promoting an appropriate response to personal information protection laws, which are diversifying on a global basis.
The Teijin Group clearly understands the kind of important information that needs to be protected within its business operations. Based on that understanding, the Group has enacted measures to prevent information leaks from both hard and soft perspectives.*1 At the same time, the Group is promoting an appropriate response to personal information protection laws, which are diversifying on a global basis.*2
- *1From a hard perspective, we are promoting physical measures such as establishing security systems to protect against cyberattacks and enhancing our office security. From a soft perspective, we are establishing rules through guidelines and handbooks and implementing educational activities and other types of training regarding these rules.
- *2In addition to the General Data Protection Regulation (GDPR) in the EU, similar regulations are becoming widespread in the United States, China, and Southeast Asia. In light of these developments, the Group is responding to the various regulations in each country using the response to the GDPR in Europe as a guideline on how to do so.
The Teijin Group not only has put in place measures to prevent leakage of trade secrets, technological information, personal information, and other information, but also maintains and improves its information security by taking the utmost care in managing its information systems.
In each of the Company’s divisions, we decide upon the person responsible for IT, the person responsible for personal information protection, and the person responsible for the management of trade secrets. Every year, these responsible persons check the management status of information assets like information systems, networks, facilities, personal information and trade secrets. Moreover, the Corporate Audit Department conducts yearly audits of information security and personal information protection at all group companies.
In FY 2019, we worked to enhance our security servers and more thoroughly enforce trade secret management in Japan based on the Trade Secret Protection Handbook. At overseas Group companies, we commenced efforts to survey the status of trade secret management, paying close attention to the laws and regulations related to trade secret management in each country.
In addition to accelerating our efforts to implement GDPR and conducting training sessions in June for the responsible persons in Teijin Group Europe region, we have also developed an emergency system at our head office in the event of any leakage of personal information.
Further, we implemented multiple training sessions Groupwide based on the assumption of a targeted e-mail attack. This training aimed to have our employees experience what a targeted e-mail attack was like and improve their awareness of such attacks. We also reconfirmed the process for enacting countermeasures in the event of an emergency so that our employees can appropriately handle and report any issue. Furthermore, we established the months of July, August, and September as information security awareness months, and during this time we held group learning sessions at each office. In fiscal 2019, there were no substantial leaks of information due to external cyberattacks or other threats.