Medical logo

Three Guidelines from Three Ministries (Japan)

Medical institutions that outsource medical information, or process it in a cloud service, must review their risk management measures against the requirements of three separate guidelines from three different ministries:

  1. Guideline for the Security Management of Medical Information Systems - Ministry of Health, Labor & Welfare
  2. Security Management Guideline for Information Processing Providers Dealing with Medical Information - Ministry of Economy, Trade & Industry
  3. Security Management Guideline for Cloud Service Providers Handling Medical Information - Ministry of Internal Affairs & Communications

These are referred to collectively as the “Three Guidelines from Three Ministries” (3G3M).

In order to help customers understand how we support compliance with these guidelines, we've created a 3G3M whitepaper. Third-party compliance programs such as ISO/IEC 27001, ISO/IEC 27017, and ISO/IEC 27018 certifications map to many of the guidelines described in the whitepaper.

Relevant products & services