Security Policy on Medical Products and Services
In recent years, with the development of the Internet and IT, the highly sophisticated information society has been rapidly progressing, and the environment surrounding medical care has also increased concerns about information security such as cyber attacks.
Therefore, we, FUJIFILM Corporation will establish information security policy with respect to the medical products and services (hereinafter referred to as products and services) we developed and manufactured. It is one of the important issues for us to secure, maintain and improve the information security in order to respond to the trust from patients and customers and continue to provide highly safe products.
- Establishment and implementation of rules for security of products and services
In order to comply with the laws and regulations applicable in the countries and regions that provide products, we will establish rules such as procedures and guidelines, and design and develop products based on them.
- Establishment of security management system for products and services
In order to properly and surely implement security measures for products and services, we will clarify the management system and responsibilities.
- Education on security for products and services
In order to properly and surely implement security measures for products and services, we will enhance our sensitivity through enlightenment and education on security for products and services and intend to establish and thoroughly comply with various regulations with regard to security for products and services.
- Continuous improvement of security measures for products and services
In order to respond to changes in the requirements of laws and regulations and technological innovation, we will regularly and as necessary review the procedures and guidelines, strive for continuous improvement and enhancement to maintain and improve the level of security for products and services.
- Response to security incidents for products and services
We will collect and analyze security reports for products and services from inside and outside of us, strive to prevent incidents and establish a scheme to respond promptly in the event of security incidents.
- Security Incident Prevention of product and services
We will monitor and analyze vulnerabilities of products (including OTS software such as OS and middleware), establish a scheme to take necessary measures *1 and strive to prevent security incidents for products and services.