Skip to main content

Information Security Policy (ISO27001)

The official version of this document is the Japanese text. The English translation is provided only for reference.

Information Security Declaration

National Institute of Genetics Bioinformation and DDBJ Center (hereafter referred to as "the Center") operates a supercomputer system (hereafter referred to as "the NIG supercomputer") for the purpose of providing resources for research and education in the life sciences with a focus on genetics.

To earn the trust and confidence of all stakeholders, the Center has implemented an Information Security Management System (ISMS, compliant with ISO 27001). This initiative ensures the safety and reliability of the information necessary for our research and educational activities, as well as our information systems, including the NIG supercomputer (hereinafter referred to as 'information assets'). All related parties are committed to undertaking the following measures in this regard.

Information Security Basic Policy 

1. Goals

We will properly classify information assets, including personal genome data, and implement appropriate measures to ensure confidentiality, integrity, and availability.

2. Establishment of Organization and System

We will establish the organization and systems necessary to ensure information security, and clarify responsibilities and authorities. In addition, we recognize the risks related to human resources and take appropriate measures.

3. Safety Management Measures

In order to ensure proper management and operation of information assets, we shall establish and maintain an information security management system, implement appropriate physical and technical control measures, and strive for continuous improvement.

4. Compliance with Laws and Regulations

We will comply with the requirements arising from business operations and legal obligations related to information security, as well as other social norms and security obligations stipulated in contracts with customers.

5. Education and Training

We will conduct regular education and training on information security to ensure that all employees are familiar with this policy.

6. Emergency Response

We will take appropriate measures in the event of an information security incident, such as information leakage, falsification, or damage, or in the event that business activities are interrupted due to a disaster.

7. Continuous Improvement

We will operate a management system necessary to implement this information security policy within our organization and strive for continuous improvement.

Security Management of Information System Handling Personal Information

To ensure the safety and reliability of the NIG supercomputer, we will comply with the following policies and regulations that stipulate the safety management of its use.

Complaints and Inquiries Concerning the Handling of Personal Information

For inquiries regarding personal information, please contact the following

1111 Yata, Mishima, Shizuoka, 411-8540, Japan
National Institute of Genetics,
Research Organization of Information and Systems

General Affairs and Planning Division,
General Affairs and Planning Section,
Personal Information Complaints Consultation Desk

Contact:

Established: June 21, 2023

Revised: December 1, 2023

Masanori Arita, Director, Center for Bioinformation and DDBJ, National Institute of Genetics