Reasons of materiality in respect of our business
As an energy business operator which supports a core infrastructure of society, the Daigas Group recognizes the vital importance of protecting customers’ information and managing that information appropriately.
Inside and outside the Group
Management systems and its performance
Indicator (GRI Standards: 418-1)
Total number of substantiated complaints regarding breaches of customer privacy
(International and domestic standards)
• Act on the Protection of Personal Information
• Act on the Prohibition of Unauthorized Computer Access
• Act on the Regulation of Transmission of Specified Electronic Mail
(In-house policy and standards)
• Daigas Group Code of Conduct
• Rules for Personal Information Protection
The Vice President in charge of the General Affairs Department is appointed as the Chief Privacy Officer (CPO). Placed under the Vice President to ensure the protection of private information involving the Daigas Group are Personal Information Managers, who supervise Business Units, the Human Resources Department, Osaka Gas affiliated companies and contractors working for Osaka Gas.
■ Personal Information Protection Structure
In addition, the Information Security Subcommittee, which was under the CSR Committee* (chaired by the CSR Executive), has been put under the umbrella of the Cyber Security Committee, which was established as one of the Company-wide committees in August 2019, to strengthen the system for information security measures throughout the Daigas Group.
■ Information Security Management System (August 2019)
- *The CSR Committee (Chair: CSR Executive) was renamed the ESG Committee (Chair: Head of ESG Promotion) in FY2021.
In FY2020, the Daigas Group did not receive any reasonable complaints for breaches of customer privacy. We will continue our efforts to thoroughly manage customer information.
Specific actions taken regarding materiality
Mechanism to protect personal information
Osaka Gas is doing all it can to prevent the leakage of personal information of customers and other incidents affecting private information by improving the Group’s information management system, inspecting the implementation of the system as part of its risk-management efforts, carrying out regular audits of its business operations, and taking company-wide action in the event of incidents such as the loss of customer data, including information sharing and mobilization of all organizations to scrutinize the situation. In FY2020, Company implemented an e-learning program based on past examples (5,299 participated) and worked to establish a system to strengthen the protection of personal information. Also, the Company created and held an online training course for Osaka Gas employees on information security (participated in by 6,888 employees). The Information Security Subcommittee also introduced a system for checking the storage status of data files containing customer information, which is being carried out systematically.