Product Security Policy

With the spread of the Internet and the rapid progress of IT, medical instrument and services are also exposed to the threat of cyber-attacks. This document sets forth the basic policy for the information security of products and services developed and provided by Sysmex Corporation and its Group companies (Hereinafter, "Sysmex Group").

1. Purpose

The Sysmex Group is implementing cybersecurity measures in its products and services to provide customers and patients with peace of mind.

2. Compliance with laws and regulations

In the design and development of products and services, the Sysmex Group formulates and complies with action standards that incorporate standards and guidance requirements in accordance with applicable laws and regulations.

3. Security management system for products and services

The Sysmex Group has established a system to reduce cybersecurity risks in the Group's products and services, and provides education and training to employees.

4. Establishing a secure design and development process

The Sysmex Group conducts secure design and development to reduce vulnerability and risk. We will also periodically review our response standards and reflect measures against new threats in our products and services.

5. Response to vulnerabilities and incidents

If a vulnerability is discovered in a product or service of the Sysmex Group (including third-party software such as operating systems) that may cause harm to customers or patients or affect the essential performance of the product or service, the Sysmex Group will take appropriate action in accordance with the lifecycle of the product or service.

6. Disclosure of information

The Sysmex Group provides vulnerability and incident information regarding products and services, countermeasures taken by customers, and other information in accordance with the lifecycle of the Sysmex Group's products and services to maintain and improve peace of mind for customers. We will also promote information collaboration with external organizations to enhance the reliability of the information we provide to our customers.

7. Provision of safe products and services

The Sysmex Group aims to provide products and services that enable customers to manage security risks.

8. Continuous improvement

The Sysmex Group will continue to maintain and improve the security levels of its products and services in accordance with the policies set forth in this document.

November 1, 2019
Hisashi Ietsugu
Chairman & CEO
Sysmex Corporation