Information Security/Personal Information Protection
The NESIC Group believes that maintaining impeccable quality in the systems and services we provide to customers, and dependable information security for business, personal and all other customer data, are the foundation underpinning the trust that is essential for building trusting relationships with stakeholders.
We, therefore, have implemented a broad spectrum of measures to ensure safety in the construction, integration and other types of work we perform, and secure information, so that customers can be confident in the systems and services we provide.
Main Initiatives in Information Security
Information Security Education
To enhance security awareness, information security training is actively conducted for all employees (including temporary employees) of the NESIC Group in Japan.
In the fiscal year ended March 2016, all NESIC Group employees in Japan underwent DVD-based training on handling personal information and participated in training on information security and protection of personal information.
Information Security Self-Inspections
Abiding by the NEC Group’s information security standards, all NESIC departments conduct self-inspections to determine whether they are properly implementing information security measures. These self-inspections allow each department to identify its strengths and weaknesses, and then take steps needed to improve information security.
Strict Controls on Information Devices and Personal Information
To prevent information leaks, we exercise strict controls on the movement of personal computers, USB memory sticks, and other information devices to locations outside of company premises.
When business activities necessitate that information devices be taken off site, employees are required to take the least amount of information needed and must implement encryption measures. Information devices taken off site are tracked with a dedicated management system.
When personal information is received from a customer, it must be registered in the “Personal Identifiable Information Control System,” a dedicated system for this purpose.
The proper functioning of the systems mentioned above was confirmed in internal audit procedures focusing on information security and protection of personal information in the fiscal year ended March 2016.
National Personal Identification Number System
When the Japanese government announced that it would introduce a national personal identification number system, we assembled a project team with members drawn from throughout its organization.
The team developed a process for preparing a report on legal matters concerning employees, sole proprietors and others, and security management measures for that process.
This work helped to significantly lower the risk that personal identification numbers could be leaked.
Creation and Application of DVD-based Information Security Materials
We have created DVD-based training materials on information security, including the protection of personal information. Used in practical training, these materials, streamed internally, are viewed by employees, who then discuss information security in their own workplaces and try to develop ways of correcting problems.
Initiatives for the Protection of Personal Information
The NESIC Group, as a partner for our customers, seeks to build a bridge toward a new era, keeping in mind the goal of enhancing customer value, creating an affluent and convenient society, and establishing networks that facilitate secure connections among people. In doing so, we recognize the importance of personal information protection and operate a management system to protect that information, while at the same time ensuring that employees are fully aware of the proper management of personal information.
- Personal Information Protection Policy
- Personal Information Protection Management System
- Acquisition of the Privacy Mark
- Main Initiatives
Personal Information Protection Management Structure
NESIC is united in its commitment to protecting the personal information of customers, which it does by establishing and strengthening the following system.
Acquisition of the Privacy Mark
We are certified by JIPDEC in terms of using the privacy mark, and are taking steps to ensure that personal information protection is comprehensively managed through the management system established in accordance with JIS Q 15001 : 2006 of the Japanese Industrial Standards, a requirement in this certification system.
*For matters we have announced based on the “JIS Q 15001 : 2006 of the Japanese Industrial Standards,” please click on the following link.
Our group companies are also working to acquire the privacy mark, as necessary, and to ensure the full protection of personal information at each company.
＜Acquisitions of the Privacy Mark at Group Companies＞
・NEC Magnus Communications, Ltd.
・Nichiwa Co, Ltd..(Japanese Website Only)
・NEC Net Innovation, Ltd..(Japanese Website Only)
Education on personal information protection
We provide education on information security as well as personal information protection to all employees once a month. In addition, we have already implemented online education for employees regarding My Number.
Checks on personal information protection (confirmation of implementation)
Checks are implemented regularly (once a year or more) on the internal handling of personal information by the Management Office for the Promotion of Personal Information Protection. Corrective measures are taken, if necessary.
Auditing of personal information protection
In addition to the checks, auditing is carried out by audit teams once a year for all operations that handle personal information, to confirm that the management system is being operated properly.