Fundamental Philosophy

TXP Medical Co. Ltd.(hereinafter,”TXP”) has been doing business based on its mission “We save lives with medical data”. The information asset TXP handles in its business, including its customers’ information, is extremely important as its business basis.
TXP’s personnel who handle the information asset, including its board members and employees, appreciate the importance of protecting information asset from risks such as leakage, damage or destruction, shall comply to this policy and practice activities to maintain information security such as confidentiality, integrity and availability of the information asset.

Fundamental Principles

1. To protect information asset, TXP shall establish its Information Security Policy and relevant rules and regulations and conduct its operations complying to those. At the same time TXP shall comply to laws, regulations and other rules or guidelines relevant to information security, and also comply to contract items with its customers.

2. TXP will define criteria to analyze and evaluate existing risks of the information asset,such as leakage,damage and loss,and establish systematical risk assessment method, and execute the assessment periodically. Furthermore,based on the result, necessary and adequate security measures will be implemented.

3. TXP will clarify authority and responsibility regarding information security as well as establish information security organization system led by its director in charge.
And TXP will educate, train and enlighten its all personnel periodically for them to appreciate the importance of information security and handle information asset certainly.

4. TXP shall inspect and audit periodically on compliance status to Information Security Policy and handling of information asset. To identified deficiencies or items of improvements, corrective actions for them will be implemented in a rapid manner.

5. When event or incident regarding information security occurs, TXP will implement adequate measures to them. At the same time TXP will establish action procedures to minimize damage for the case such event should occur, and in case of emergency, TXP will correspond to it in a rapid manner and implement adequate corrective actions. And, specifically, regarding incidents possible to bring business interruption, TXP will establish managing systems against them and revise them periodically to assure its business continuity.

6. TXP will establish information security management system with objectives to actualize its fundamental philosophy, execute actions according to it, and review it periodically to improve the whole system.