This website uses cookies to identify your browser when interacting with the website. By browsing this website, you agree to this website's use of cookies and related privacy policies.

公司理念

禾榮科技

Innovative medical technology Extend the length and width of life

Home ESG Information Security

ESG

ESG

Information Security

To strengthen information security and ensure the confidentiality, integrity, and availability of our information assets, as well as the protection of personal data, our company has established a comprehensive “Information Processing Cycle” policy. This framework supports the continuous operation of our information systems, ensures compliance with relevant laws and regulations, and safeguards against both internal and external threats. All employees are expected to adhere to this policy.

1.Information Security Risk Management Framework

Our information security policy is maintained by the IT department, which is also responsible for the planning, execution, and oversight of all information security measures.

esg-cybersecurity
esg-cybersecurity
2.Information Security Policy

Our company’s information security policy, detailed management strategies, and resource allocation are outlined as follows:

  • Risk Prevention

    To protect our information systems, we have implemented key cybersecurity practices such as email spam filtering, regular vulnerability scans, and timely security patching. Passwords are updated every three months, and antivirus software is maintained with daily updates. We also run periodic system recovery drills to ensure data and system integrity.

  • Protective Measures

    Our server rooms are equipped with access controls, independent cooling, and backup power. We analyze firewall activity to adjust security policies and centrally manage user access rights. All IT equipment is procured through a standardized process, and the use of external devices is restricted to prevent unauthorized access.

esg-cybersecurity
3.Specific Management Measures and Resource Allocation for Information Security
  • Personal Data Protection:
    All employees are expected to properly safeguard their account credentials and access permissions.
  • Email System Security:
    An email management system is in place to filter out spam and phishing messages.
  • Antivirus Protection:
    Antivirus software is installed on all devices, with real-time scanning enabled and virus definitions updated regularly to ensure system protection.
esg-cybersecurity
4.Achievements and Ongoing Commitment to Information Security

We are continuously working to enhance our information security management through clear policies, advanced technologies, and proactive risk management strategies. These efforts help safeguard our information assets and support stable business operations. Moving forward, we will remain vigilant to evolving cybersecurity trends and continue to refine and strengthen our security measures to respond effectively to emerging threats.

Cybersecurity Training Participation Report – 2024
Course Title Target Audience Participants Completion Rate
Cybersecurity Challenges in the Age of AI All Employees (Total: 57) 57 100%
Information Protection Policy All New Employees 25 100%
5.Information Security Management Performance
Indicator 2024 2023 2022
Major information security incidents 0 0 0
Data Breach Incidents 0 0 0
Affected employees or customers due to data leakage 0 0 0
Penalties from information security incidents (NTD) 0 0 0
go top top go top top