Epson, in a code of conduct called "Principles of Corporate Behavior," states "We will protect the security of people and corporate assets and exercise prudence in handling information, and maintain the security of management resources (corporate assets)." The company has put in place a system for ensuring the security of employees and visitors. Employees recognize the importance of security and follow good security practices. The company's assets (financial, tangible, intellectual, brand, information, and other assets) are properly managed, and the assets of other parties are respected. We strictly control personal data and confidential information to prevent leaks.
Epson has set forth essential information security principles and rules in a Basic Information Security Policy. The company is building an information security governance framework and fostering a corporate culture that reflects the importance and principles of good information security practices.
Epson's various business units build and maintain their own information security systems based on Group-wide rules. We assess the systems and controls of each business unit, and we check whether information security risks are being managed effectively. Group-wide rules and policies established by Group companies were overhauled in April 2017 to remind employees about information that needs to be protected and to help ensure that the proper practices are being followed. The senior information security managers of the business units meet regularly to share knowledge and information and to track progress.
In addition, the Seiko Epson Printing Solutions Operations Division and IT Division, along with Epson Avasys, have earned ISO 27001-compliant Information Security Management System (ISMS) certification. They, along with the rest of the Epson Group, continuously seek to improve the systematic management of information security.
In Japan, Epson has designated July as Information Security Awareness Month. Every year during the month, domestic Epson Group companies conduct special programs to educate employees about information security. In the 2015 and 2016 fiscal years, we used Information Security Awareness Month to remind employees about the importance of information security. Middle managers were given special training, and all personnel, from top executives on down, were required to complete an online learning course about information security. In light of a recent increase in targeted attacks against businesses, Epson conducted drills to teach employees how to respond to a targeted e-mail attack.
Epson conducts information security programs on a global basis. In the 2016 fiscal year the senior information security managers from Epson sites around the world began meeting regularly to discuss common issues and to increase the information security preparedness of Group companies.
Personal Data Protection
Ever since the Personal Information Protection Act went into full effect in 2005, Epson has sought to protect the personal data of customers and employees Group-wide. Products such as Epson's Pulsense heart rate monitor and M-Tracer for golf come with online services. Since these services contain the personal data of users, we check the work flow to ensure that personal data is appropriately managed and protected. In addition, Epson Sales Japan Corporation and Epson Direct Corporation maintain PrivacyMark System certification by updating it every two years.
Meanwhile, Seiko Epson is making preparations to comply with the EU's General Data Protection Regulation, which will come into effect in 2018.
Intellectual Property Protection
Epson protects the rights to its proprietary technologies so as to support the smooth and ongoing development of its existing businesses and the development and growth of new businesses. These actions ensure that our IP portfolio contributes to corporate earnings. We also respect the rights of others and implement measures to prevent infringement of those rights.
Anti-Counterfeiting Measures around the World
To protect the trusted Epson brand, we actively seek to seize counterfeit goods and other fraudulent articles that infringe the Epson trademark or our other intellectual property rights before they reach consumers.
We have set up anti-counterfeiting centers around the world that are staffed by people who monitor the goods produced and sold by manufacturers and retailers, and especially e-commerce retailers. We fight counterfeiting in a number of ways. For example, we share information with the police and other enforcement authorities to increase raids on counterfeiters. We educate customs officials to better enable them to recognize counterfeits and block their import and export. We also work with e-commerce site operators to halt the sale of imitation goods that violate our rights. The actions we take stop the distribution of counterfeit goods and help reassure consumers that the goods they buy are genuine Epson brand products.