Asia Pacific | Healthcare and life sciences

Three Guidelines from Three Ministries (Japan)

Medical institutions that outsource medical information, or process it in a cloud service, must review their risk management measures against the requirements of three separate guidelines from three different ministries:

1. Guideline for the Security Management of Medical Information Systems - Ministry of Health, Labor & Welfare

2. Security Management Guideline for Information Processing Providers Dealing with Medical Information - Ministry of Economy, Trade & Industry

3. Security Management Guideline for Cloud Service Providers Handling Medical Information - Ministry of Internal Affairs & Communications

These are referred to collectively as the “Three Guidelines from Three Ministries” (3G3M).

In order to help customers understand how we support compliance with these guidelines, we've created a 3G3M whitepaper. Third-party compliance programs such as ISO/IEC 27001ISO/IEC 27017, and ISO/IEC 27018 certifications map to many of the guidelines described in the whitepaper.


ISO/IEC 27001

Learn more

ISO/IEC 27017

Learn more

ISO/IEC 27018

Learn more