Governance
- Nomination and Compensation Committee
- Corporate Governance Report
- Risk Management (Business Continuity Plan) Policy
- Compliance
- Data Security Policy
- Purchasing and Outsourcing Policy
- Sales Policy
- Prohibition of Bribery and Corruption
Nomination and Compensation Committee
EM Systems has established a Nomination and Compensation Committee as a voluntary advisory committee to the Board of Directors.
See the Directors page for more details.
Corporate Governance Report
Browse the Corporate Governance Report here.
Risk Management (Business Continuity Plan) Policy
<About the Business Continuity Plan (BCP)>
The sales and servicing of various systems form the core of EM Systems group business. Certain products include a cloud backup feature, while other products use SaaS cloud services.
Outages affecting the operation of underlying systems required for IT infrastructure (such as unprecedented large-scale disasters causing power outages at data centers, severed data communication lines or difficult securing suitable staff) are considered events where services are unable to be provided as per normal, and as such result Business Continuity Plans (BCP) are enacted immediately.
The EM Systems group has also developed Business Continuity Plans (BCP) for events other than natural disasters such as outbreaks of infectious diseases or damage to infrastructure. It is also taking the necessary steps to ensure that business can continue to remain viable in the event of other expected emergency situations, by data centers with uninterruptible power sources, using communication line redundancy, and preparing or supply required equipment that allows employees to work from home.
And if business continuity plans appear to be required for a long period of time, an order of priority is defined according to service severity, so that resources can be focused in business areas or to address issues that require urgent restoration.
Compliance
<Compliance Training>
EM Systems provides compliance training to ensure that employees acquire knowledge about compliance, comply with laws and regulations, and correctly understand matters related to harassment in order to prevent inappropriate decisions and actions during work. The e-learning compliance training is conducted once a month for regular and contract employees, part-time employees, and part-timers.
Scope of Compliance Education:
Compliance with various laws and regulations
Prevention of bribery
Respect for human rights and prevention of harassment
Prohibition of involvement in antisocial activities
Proper management of data security and confidential information
Dissemination of internal rules such as employment regulations
<Internal Reporting System>
The "Whistleblower Protection Regulations" has been established with the aim of identifying risks within the company faster, taking actions to rectify such risks, and ensuring the soundness of the overall organization.
This is a system that allows all employees (regular employees, contract employees, part-time employees, temporary workers, directors, executive officers, or retired employees) to report or consult anonymously on illegal activities in the workplace (including bribery and other corrupt activities in general), bullying, harassment, and other activities or cases that may violate human rights on a separate line from their regular duties.
The whistleblower protection system applies to all employees (regular employees, contract employees, part-time employees, temporary workers, directors, or retired employees).
If, as a result of an investigation into the content of the report, the misconduct or the content of the report is found to be true, appropriate measures will be taken, including corrective measures to prevent recurrence of such misconduct.
<Safety and Hygiene>
The Health and Safety Committee operates with goal of maintaining employee health, safety and hygiene.
Representative employees at each workplace are regularly given the opportunity to exchange views with industrial physicians and members of the Human Resources Department and General Affairs Department. Activities are also held throughout the company to raise awareness of health and disease prevention as well as infectious disease control, traffic safety, safe driving and other areas of concern.
Data Security Policy
<Personal Information Protection Policy>
EM Systems handles personal information in accordance with its Personal Information Protection Policy and Personal Information Protection Regulations. See here for details about how personal information is handled. EM Systems continues to remain certified with the Privacy Mark as evidence of proper control and operation.
In addition, education on the protection of personal information is provided once a year on data security policies and other concepts.
All employees (full-time, contract, part-time, and temporary employees) receive classroom training and e-Learning to check their level of understanding.
Privacy Mark
Registration No. 14700136(03)
<Basic Information Security Policy>
EM Systems views secure and proper management of personal and medical information of patients handled by our customers as its social corporate responsibility by providing services from data centers protected with strict security in place. To earn the trust of customers and society, it has created a basic information security policy as its most important policy, and has developed and maintains ISMS (Information Security Management System) based on JIS Q 27001 regulations. EM Systems is always making improvements to ISMS as part of an overall framework established for preventing the leakage and modification of customer information, service outages and other potential risks that could affect business continuity.
Certification Registration Number (Certification Criteria)IS 572136
JIS Q 27001:2023(ISO/IEC 27001:2022)
Scope of Registration
Operation and management of data centers and development and maintenance of applications
[Reference] Scope of data security certification (Privacy Mark, ISO27001)
Scope of certification as a percentage of consolidated net sales (consolidated)* 91%
Scope of certification as a percentage of consolidated net sales (non-consolidated) 100%
*Certification status for each segment of the dispensing systems business, medical systems business, nursing care systems business, and other businesses (as of FY12/2023).
Purchasing and Outsourcing Policy
EM Systems implements measures to ensure fair and appropriate business transactions in accordance with its Purchasing Control Regulations and Outsourcing Control Regulations.
Comprehensive compliance training is provided to ensure transactions comply with the Subcontract Act, and sales and inventory control rules have been established to prevent fraudulent business dealings. In principle, orders are managed based on certificates and order forms issued by our own internal systems.
Sales Policy
EM Systems has in place stringent sales accounting standards based on Sales Management Rules as part of efforts to prevent fraudulent sales or disclosing improper amounts.
Prohibition of Bribery and Corruption
The EM Systems group does not offer cash, gifts, entertainment or any other form of reward aimed at securing or maintaining business, or that may create an unfair advantage as part of fraudulent business practices, whether directly or indirectly, from third parties including public organizations or private companies. It also does not accept cash, gifts, entertainment or any other form of reward that may affect decision-making processes conducted by the group.