Compliance

Thoroughly ensuring high ethics and law-abiding spirit prevents misconducts. In the event of misconduct, the TOSHIBA TEC Group takes proper and prompt action.

Risk Compliance Management

The TOSHIBA TEC Group appoints each president and CEO as a CRO*1 in order to propagate and thoroughly implement the "TOSHIBA TEC Group Standards Of Conduct" while promoting the measures of Risk Compliance Management. Top management exercises the initiative to devise and promote various measures, as well as take actions involving emergency situations.
Appointing the CRO as a chairperson, TOSHIBA TEC Corporation organizes the Risk Compliance Committee*2, to maintain a Groupwide structure, devise and promote measures toward the advancement of Risk Compliance as well as TOSHIBA TEC measures.
A system, which encourages every employee to actively and directly report and provide risk compliance-related issues to the "CRO" or "outside attorneys," is introduced and implemented. A whistle-blower system "TOSHIBA TEC Partner Hotline" for suppliers is also set up to encourage suppliers to report such matters on the TOSHIBA TEC website.

1. *1: CRO: Chief Risk-Compliance Management Officer
2. *2: CRO: Risk Compliance Committee: It devises corporate-wide measures and controls measures regarding Risk Compliance, reinforces and promotes maintenance of the Risk Compliance Structure.

Risk Compliance Management System

Compliance Education

To thoroughly ensure a law-abiding spirit and awareness toward compliance, the TOSHIBA TEC Group periodically provides various educational seminars to employees. Employees who work outside Japan also receive education to manage global business expansion. For the Group companies outside Japan, compliance education reflecting regional characteristics is provided.
In addition, seminars regarding "information security," "protection of personal data," "export control program" and "environmental education" are provided to each employee.

Page Top

Information Security

1) Information Security

TOSHIBA TEC Corporation reviews its internal rules concerning information security and continues improvements in self-audits among each division, in response to changes in the social environment.
e-Learning is used to learn rules to prevent accidents and ensure information security while handling information. Education is provided to directors, employees and employees dispatched from cooperation companies. Similar measures are taken at each TOSHIBA TEC Group company, thus, the Group makes a concerted effort to maintain and improve information security.

2) Information Security Measures

A firewall has been set up between the Internet and the corporate intranet, to prevent unauthorized access from the Internet into the corporate intranet, as well as to protect information leaks.
When an employee needs to access the corporate intranet from outside the office, employee authentication is performed through a security system, to prevent unauthorized access.
Regarding anti-virus measures, a system, which initially detects viruses contained in Internet email, is being used. All possible measures are taken to ensure client computers receive virus updates by incorporating anti-virus software, to prevent virus infections.
The server is housed in a safe data center, to manage important information and information systems, and take anti-risk measures including disasters. Furthermore, by limiting available information, controlling usage of records and encrypting confidential information including personal data, security is enhanced.

Page Top

Protection of Personal Data

The TOSHIBA TEC Group provides a variety of in-house specifications, which define the management system and proper handling of personal data to comply with all applicable laws and regulations, as well as to take all possible measures to prevent personal data leaks. The Group also strives to thoroughly protect personal data, while providing education to employees and improving measures to physically control portable electronic devices.
In particular, "Privacy Policy" is posted on the website, along with the "Personal Data Protection Program" which defines the handling of personal data and in-house management structure.
In addition, handbooks, which give clear explanations of this program, are distributed to all employees, while education is provided to allow employees to enhance their sensitivity for protecting personal data. Thus, every employee is required to thoroughly protect personal data within the realm of expanding business activities.

Security Export Control

Recently, the nonproliferation of weapons of mass destruction and conventional weapons in countries, regions or to terrorists, who threaten security, is a critical issue in an international society.
The TOSHIBA TEC Group maintains a basic policy, it will not engage in any transaction, which could potentially undermine international peace and security. Under this basic policy, the TOSHIBA TEC Group complies with all applicable export control laws and regulations in countries and regions where it operates. The Group also complies with U.S. export control laws and regulations with respect to transactions involving U.S. origin items.
The Group companies have established their "Export Control Program" to develop their company based-export control systems in accordance with the above-mentioned Group policy. Accordingly, the Group companies provide education and support to directors and employees of their governing group companies, while making strict judgments, conducting transaction screenings and export control audits on cargo and technology.