Policy on the Protection of Personal Information
The Japan International Cooperation Center, an incorporated foundation, (hereafter "the Center") develops diversified activities for supporting human resources development while linking a large number of people including trainees and students from developing countries, trainers, citizens, experts and volunteers working around the world and providing opportunities for learning from each other and understanding each other. Through these opportunities, the Center has been entrusted with various types of personal information by people outside the Center. Such personal information is particularly important and highly confidential. Not only that, we acknowledge that it is a social responsibility of the Center to manage such information properly. Therefore, we, the Japan International Cooperation Center, will commit ourselves to pursuing the following policy to properly handle and protect personal information through the establishment of rules and a system compliant with the JISQ 15001 (personal information protection management standard) requirements to deploy the most secure system for that purpose.
1. Personal information the Center should protect
Personal information refers to information containing the name and the date of birth of any person, other dates and statements and/or a number assigned specifically to that person, which enable readers to identify that particular person (including information that may not be adequate by itself but can easily be cross-checked against other information and helps identify the person when accessed in conjunction with such other information).
2. Acquisition, use and offering of personal information
The Center only uses acquired personal information for the prescribed purpose. The Center does not offer the information to third parties without approval of the person concerned. In order to implement measures to enforce that policy, the Center shall establish a number of operating procedures, and the administrator of personal information protection and management shall verify and conduct internal audits. Notwithstanding the above, personal information may be disclosed without the consent of the person should a court of law, the police or any other public organization request its disclosure in accordance with laws and ordinances.
Once the Personal Information Protection Management System has been implemented, the Center shall comply with the Personal Information Protection Law and related guidelines as well as other rules to ensure protection of personal information.
4. Implementation of security measures for personal information protection
In order to ensure that absolutely no personal information is lost, destroyed, falsified, damaged, or divulged, in addition to controlling office access, and providing security measures for computer systems, the Center shall take the following measures in an effort to protect personal information of all persons involved and maintain optimal information management through introduction of an appropriate and reasonable level of security measures.
- Management of distribution (including contractors)
When the Center provides any third party with personal information for performance of duties, such information shall only be offered to a recipient on whom security requirements for personal information protection according the Center's standards have been validated.
- Supervision of employees
The personal information administrator, who coordinates the Personal Information Protection System, is central in actively promoting personal information protection throughout the organization. Each one of us at the Center understands the significance of personal information protection and exercises adequate care when handling personal information.
- Corrective and preventive measures
In order to provide appropriate corrective measures for handling of personal information and to prevent problems related to personal information, the Center shall periodically inspect management practices as well as conduct internal and external audits. Also, should any personal information-related problem ever occur, the Center shall take action quickly to prevent spread of the damage, analyze the causes of the accident and take measures to prevent recurrence of similar events.
5. Complaints and consultation regarding handling of personal information
The Center shall promptly deal with complaints and requests for advice concerning handling of personal information by establishing a "Personal Information Consultation Counter." Also, the Center shall endeavor to improve the "Personal Information Protection Management System" based on complaints and consultation findings.
6. Ongoing improvement of the Personal Information Protection Management System
The Center shall respond to social changes and development of information technology to maintain updated optimal systems for protection of personal information. To that end, the Center shall conduct periodic audits regarding the contents and the operation of the Personal Information Protection Management System referring to the managerial state of the Center. Based on audit results, the Center shall review and improve the Personal Information Protection Management System.
The Center declares its commitment to the protection of personal information under the policy above.