Page Link

Governance and CSR Management

Governance Report

Exhaustive Information Security Management

Hitachi Chemical has formulated an overreaching Information Security Policy, which has been implemented by in the Information Security Management System that covers all of our information assets containing personal information. The system serves further as an administrative framework to ensure ongoing improvement of Information Security Policy including the planning, deployment, assessment, and review of our information security measures.

The Group also works continuously to ensure that Information Security Policies and systems are functioning properly. This is done through the Information Security Committee, directed by the CEO and chaired by the company’s Chief Information Security Officer (CISO), which periodically monitors system and policy implementation, audits, works to improve security management systems, and develop and deploy other policies, including employee training.

Information Security Organization

Information Security Organization

* CISO: Chief Information Security Officer

Personal Information Protection

Hitachi Chemical continues to implement a Personal Information Protection System (Personal Information Framework Mechanism) that is based on its Personal Information Protection Policy, which incorporates the Company's philosophy toward personal information protection. At the same time, Hitachi Chemical has initiated an e-learning education program for all employees, and periodically conducts audits of the status of operations. The Company has also set up external contact counters at each business office and clarified responsible persons so that they can respond promptly to customer and employee questions regarding personal information. In fiscal 2017, the Company reviewed its administrative rules in order to comply with the amended Personal Information Protection Act (executed May 30, 2017). Moreover, no incidents of leaks or breaches of personal information occurred in fiscal 2017, as has been the case in the past.

Information Security Audits

In fiscal 2017, the Hitachi Chemical Group self-audited itself and 12 domestic Group companies following an audit checklist for information security provided by Hitachi Ltd. The Group likewise audited 35 Group companies overseas according to global security self-check list provided by Hitachi Ltd.

Information Security Education

Every year, Hitachi Chemical conducts e-learning education on information security and personal information protection for its entire workforce including all officers, employees and temporary employees in order to increase awareness and ensure understanding of company internal regulations.

A simulation drill is also performed each year for email address holders to prepare them for personalized attack emails, a recently growing threat.

Comprehensive data security training is provided for new recruits as part of their generalized education curriculum. The new recruits are not allowed to access the companyís internal network until they commit to maintaining data security by signing a written pledge. They are also required to take five courses through e-learning after induction training.

Information Leakage Measures

The Company maintains the same level of security as Hitachi, Ltd. We also have following measures in place to prevent data leaks via computers and other information devices and external storage media.

  • Installing anti-virus software and encryption software in all computers
  • Installing email receiver confirmation tool
  • Installing email/web filtering system
  • Files are locked so that sensitive data cannot be copied to external media by employees below the section-chief (kacho) class.
  • Introducing and transitioning to security PCs without HDD.

No incidents of leaks of personal information occurred in fiscal 2017, as has been the case in the past.

  • Page Top