Privacy and information security

Measures to ensure privacy

In order to accomplish our mission of “Creating the future of medical and healthcare” we provide services such as CLINICS telemedicine, Pharms family pharmacy support system, and JobMedley recruitment system to solve a wide range of social problems. In order to provide these services, we sometimes handle personal information.

In addition to strictly managing personal information and ensuring information security, we have created and published a privacy policy. We manage information as appropriate based on our privacy policy and we have created an information security management system to ensure that there are no flaws in our information management system. We have also obtained third-party certification for our information security and the entire company actively works to ensure good information management.

Information security management system

Medley has created an information security promotion system in accordance with our basic plan for information security. We conduct information security training and periodically update our information security management system so that all employees remain in strict compliance with information security laws.

Third-party certification received

In order to strengthen the information management system and handle medical information safely in our Medical Platform Business, which handles "personal information requiring consideration" as defined in the Act on the Protection of Personal Information, we underwent a review by a third-party organization and received ISMS cloud security certification ISO/IEC 27017:2015 and ISMS certification ISO/IEC 27001:2013.

In our HR Platform Business, we take the handling of personal information very seriously and we have received TRUSTe certification. In addition, we have implemented information security measures such as firewalls, SSL, and information access restrictions to mitigate the risk of information leaks.

International certification for information security management (1)

Medley has received ISMS CLOUD security certification (ISO/IEC 27017:2015) and ISMS certification (ISO/IEC 27001:2013) under the ISMS system to ensure the safety of the information assets of companies and organizations. We take appropriate action to protect our information assets from events such as disasters, hardware/software problems, unauthorized access, and leaks.

Certification for handling of personal information (2)

Under the TRUSTe system, companies and services are screened to determine if they appropriately handle personal information provided to them. Companies and services that qualify are allowed to post the TRUSTe mark on their websites.

(1): Certification received for CLINICS telemedicine support system and CLINICS EMR services
(2) Certification received for the CLINICS telemedicine, CLINICS EMR, JobMedley, and Kaigo-no Honne websites

Information security training system

Medley provides all employees (including temporary and contract employees) with information security training when they join the company so they have the information security knowledge necessary for their work. We have also established an information security training system that provides regular training for employees appropriate to their levels and positions, including training for managers and training on cloud-related security risks for employees using cloud-based services (mainly engineers and designers).

Return to index