Basic Information Security Policy
Medley Inc. and its group companies (hereinafter referred to as "the Group") provides a variety of online services with the mission of "Creating the Future of Medical Healthcare." The Group believes that it is extremely important to protect and manage customers' personal information and information assets from various information systems and to ensure that customers use the Group's services with peace of mind. On ghe basis of this concept, the Group will ensure a high level of information security by establishing and maintaining an information security management system in which all executives and all employees (hereinafter referred to as "all executives and employees") will participate.
1. The establishment of an information security promotion system
An Information Security Committee consisting of the President and CEO (hereinafter referred to as the CEO) and other executive management team members will be established to discuss and determine the measures necessary for the enhancement of the Group's information security. In addition, necessary information security measures will be implemented, and the status of information security management in the entire company will be assessed using the services of information security personnel in each department.
2. Ensuring compliance with information security laws and regulations
In addition to developing in-house regulations related to the management and operation of information property in accordance with laws and regulations related to information security, all executives and employees will be made fully aware of the regulations necessary for ensuring compliance with these regulations.
3. Implementation of information security training
All executives and employees will be periodically trained in information security to ensure understanding regarding the importance of proper management and handling of information property and the apportionment of roles and responsibilities in information security promotion activities.
4. Continuous improvement of the information security management system
Periodic information security audits will be conducted, and on the basis of the results, the information security management system will be continuously improved.
5. Thorough management of outsourced activities
If activities are outsourced, a thorough review of the eligibility of contract individuals/companies from the perspective of information security will be conducted and conscientious efforts will be made to prevent the leakage of information from outsourced individuals/companies.
Revised April 17, 2019.
President and Chief Executive Officer - Kohei Takiguchi
Return to index