Social Responsibility

Information Security

Konica Minolta spares no effort in ensuring IT security and protecting personal information.

Konica Minolta Information Security Policies

We are dedicated to ensuring complete information security Group-wide.

1. Aiming to achieve ISO 27001 certification for information security management

The Konica Minolta Group established a plan for obtaining ISO 27001 certification in fiscal 2006, which is being completed in three yearlong stages. As part of the first stage, five Group companies including Konica Minolta Holdings, Inc. and Konica Minolta Business Expert, Inc. achieved this certification in June 2007. In the second stage covering fiscal 2007, the remaining Group companies worked toward certification.

2. Relation to other ISO management systems

The Konica Minolta Group has already established and implemented various measures such as a management system framework, a document management system, and internal auditing operations within the frameworks of ISO 9000 (quality) and ISO 14000 (environment). Under ISO 27001, these measures are maintained and promoted at an even higher level of efficiency.

3. IT security initiatives

The IT security management activities begun in fiscal 2005.

In fiscal 2007, we started implementing measures to address vulnerabilities in areas such as PC use, networks and public websites to improve the security level at worldwide group companies.

4. J-SOX compliance

IT security control is part of the IT controls required by Japan's Financial Instruments and Exchange Law (J-SOX), which came into effect in April 2008. We are ensuring compliance with regulations on IT security control, and are promoting it efficiently in a coordinated manner with the aforementioned IT security initiatives.

Konica Minolta Information Security Policy

• Download the Konica Minolta Information Security Policy (38KB)

Protection of Personal Information

We are determined to protect personal information and prevent information leakage.

In Japan, the Personal Information Protection Law took effect in April 2005. In fiscal 2004, Konica Minolta began preparing personal information protection policies, building appropriate systems, and compiling related manuals, and has conducted education for employees on this matter.

Despite such efforts, regrettably, there were several accidents involving loss of personal information: loss of a PC that contained data about our customers (June 2005), transmission of customers' email addresses to a wrong destination (July 2005), theft of a briefcase that contained documents on our customers (November 2005), and loss of a plastic folder containing some customer information (November 2006). Immediately after each event, we reported to relevant governmental authorities, informed and apologized to customers concerned, and disclosed the fact on our website. Since all the incidents were caused by human error, by sending the corporate notice we have reminded all employees of the vital importance of personal information protection, promoted their awareness of relevant rules, reviewed and improved our information control systems, augmented employee education and audit, and took every possible measure to prevent any recurrence. In Japan, training on the Personal Information Protection Law was again carried out in fiscal 2007. The training was given to 256 employees and covered the handling of personal information. There were no accidents involving the loss of personal information in fiscal 2007.