Information Security Policy (ISO27001)
The official version of this document is the Japanese text. The English translation is provided only for reference. |
Information Security Declaration
National Institute of Genetics Bioinformation and DDBJ Center (hereafter referred to as "the Center") operates a supercomputer system (hereafter referred to as "the NIG supercomputer") for the purpose of providing resources for research and education in the life sciences with a focus on genetics.
To earn the trust and confidence of all stakeholders, the Center has implemented an Information Security Management System (ISMS, compliant with ISO 27001). This initiative ensures the safety and reliability of the information necessary for our research and educational activities, as well as our information systems, including the NIG supercomputer (hereinafter referred to as 'information assets'). All related parties are committed to undertaking the following measures in this regard.
Information Security Basic Policy
1. Goals
We will properly classify information assets, including personal genome data, and implement appropriate measures to ensure confidentiality, integrity, and availability.
2. Establishment of Organization and System
We will establish the organization and systems necessary to ensure information security, and clarify responsibilities and authorities. In addition, we recognize the risks related to human resources and take appropriate measures.
3. Safety Management Measures
In order to ensure proper management and operation of information assets, we shall establish and maintain an information security management system, implement appropriate physical and technical control measures, and strive for continuous improvement.
4. Compliance with Laws and Regulations
We will comply with the requirements arising from business operations and legal obligations related to information security, as well as other social norms and security obligations stipulated in contracts with customers.
5. Education and Training
We will conduct regular education and training on information security to ensure that all employees are familiar with this policy.
6. Emergency Response
We will take appropriate measures in the event of an information security incident, such as information leakage, falsification, or damage, or in the event that business activities are interrupted due to a disaster.
7. Continuous Improvement
We will operate a management system necessary to implement this information security policy within our organization and strive for continuous improvement.
Security Management of Information System Handling Personal Information
To ensure the safety and reliability of the NIG supercomputer, we will comply with the following policies and regulations that stipulate the safety management of its use.
- Guidelines for the Secure Management of Medical Information Systems Version 6.0 (May 2023)
- Guidelines for Safety Management of Information Systems and Services Providers Handling Medical Information (August 2020, revised July 2023)
- NBDC Human Data Sharing Guidelines
- NBDC Human Data Handling Security Guidelines
- Research Organization of Information and Systems Information Security Policy
- Research Organization of Information and Systems Usage Regulations of the NIG Supercomputer (Amended on April 5, 2022)
- Research Organization of Information and Systems Usage Regulations of the NIG Suppercomputer Appendix Tables 1-3 (Amended on August 1, 2023)
- Research Organization of Information and Systems, National Institute of Genetics Information Security Guidelines (Revised February 13, 2018)
- Research Organization of Information and Systems Personal Information Protection Regulations (Revised April 14, 2022)
Complaints and Inquiries Concerning the Handling of Personal Information
For inquiries regarding personal information, please contact the following
1111 Yata, Mishima, Shizuoka, 411-8540, Japan
National Institute of Genetics,
Research Organization of Information and Systems
General Affairs and Planning Division,
General Affairs and Planning Section,
Personal Information Complaints Consultation Desk
Contact:
Established: June 21, 2023
Revised: December 1, 2023
Masanori Arita, Director, Center for Bioinformation and DDBJ, National Institute of Genetics