Protection of personal information
The Research Institute of Economy, Trade and Industry (RIETI) defines basic provisions on the handling of personal information according to the Act on the Protection of Personal Information Held by Independent Administrative Agencies, etc. to protect the rights and interests of individuals while ensuring appropriate and smooth management of its administrative and business affairs.
Personal information protection policy
RIETI recognizes the importance of personal information, pays maximum consideration to its protection, and manages personal information obtained through its research activities and other operations appropriately according to the Act on the Protection of Personal Information Held by Independent Administrative Agencies, etc., Order for Enforcement of the Act on the Protection of Personal Information Held by Independent Administrative Agencies, etc., and RIETI's code on the protection and management of personal information.
Personal information obtained through RIETI's research activities and other operations shall be collected with consent for clearly-defined purposes of use, and shall not be used for purposes outside of the agreed scope of use or supplied to a third party unless it is required to do so by laws and regulations.
Personal information entrusted to RIETI shall be accepted with confirmation of the scope of its use at the time of collection, and shall never be used for purposes outside of the agreed scope of use.
When outsourcing work involving personal information to an external party, RIETI shall select a party that has a management system capable of complying with RIETI's personal information protection policy, and provide it with appropriate guidance and supervision.
RIETI shall implement a rational safety mechanism for prevention and correction with regard to the risks of unauthorized access, loss, tampering, destruction, leakage, etc. of personal information. Management resources shall be injected in line with the latest technological trends to continuously improve the security system for personal information.
Based on the latest IT trends, RIETI shall review its information security management system (ISMS) in an appropriate manner and timing for continuous improvement.
This policy shall be distributed to all RIETI workers to ensure the circulation of its content, and also posted on the RIETI website to educate and inform all RIETI members as well as raise their awareness on personal information protection.
Established on April 1, 2008
Revised on April 1, 2011
RIETI Chairman Atsushi Nakajima