Privacy policy

Measures to safeguard personal information and the IBM Japan Health Association's efforts

As part of its routine activities, the Health Insurance Association handles personal information concerning insured persons and dependents, including eligibility and benefits information and medical care records.

While the Association has always handled personal information with the utmost care, the standards and other rules with which the Association must comply when handling personal information have been codified since full enactment of the Personal Information Protection Act in April 2005.

We will provide here an overview of the Health Insurance Association’s various measures to safeguard personal information. Note that certain exceptions and other considerations may apply; please contact the Association for more information.

  • Specified purposes of use, restrictions on use for other purposes
    When handling personal information, the Association will specify whenever and to the extent possible the purposes for which such information is used. It will refrain from using the information for any other purpose without prior consent from the individual in question.
  • Notification and announcement of purposes of use
    When it obtains personal information, the Association will notify the individuals in question of the purposes of use, either by notifying individuals personally or by announcement via pamphlets, the Association website, or other means.
  • Obtaining personal information by appropriate means and ensuring the accuracy of personal data
    The Association will never seek to obtain personal information through inappropriate means. Additionally, to the degree possible, it strives to ensure the accuracy of the personal data obtained, given the purpose of use.
  • Safeguards, security measures and supervision of employees and subcontractors
    In addition to maintaining and publishing rules on protecting personal information, the Association strives to ensure the secure management of such information. It also supervises employees and business subcontractors assigned responsibility for handing personal information.
  • Restrictions on providing personal data to third parties
    In principle, personal data will not be provided to third parties without consent from the individuals in question.
  • Disclosure, correction, and cessation of use of personal information
    If the individual to whom the personal information pertains requests the disclosure of such information or asks through appropriate procedures to have it corrected or its use suspended, the Association will generally comply with such request. It will also seek to respond to complaints as quickly as possible.

Basic policy regarding protection of personal information (Privacy Policy)

The IBM Japan Health Insurance Association takes the following measures to safeguard information concerning individual members and employees (“personal information” hereinafter), based on a philosophy of respect for individual rights.

  • The Health Insurance Association implements appropriate safety measures to safeguard personal information it obtains concerning members against leaks, loss, damage, or unauthorized access.
  • The Health Insurance Association uses the personal information provided by members solely for purposes considered beneficial for members, including health maintenance and health promotion. It uses Individual Numbers only within the scope of the purposes specified in the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures.
  • Except when it has obtained prior consent from the member in question, the Health Insurance Association will not provide personal information to any third party. Nor will it provide personal information containing Individual Numbers (“identifying personal information” hereinafter), whether or not the individual has consented, except in the cases specified in the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures. However, it may provide personal information on members other than identifying personal information to third parties without obtaining advance consent from members in cases that fall under any of the Subparagraphs in Article 27, Paragraph 1 of the Act on the Protection of Personal Information (Act no. 57 of May 30, 2003).
  • In addition to implementing activities related to training and promoting awareness among employees regarding the protection of personal information, the Health Insurance Association will strive to manage personal information appropriately by assigning persons responsible for such management within each section that handles personal information.
  • When subcontracting business operations, the Health Insurance Association will carry out reviews and implement improvements to strengthen personal information protection measures. When concluding business subcontracting agreements, it will fully review the competence of subcontractors and incorporate provisions in such agreements that provide for personal information protection.
  • A member who wishes to review, revise, or otherwise access his or her personal information may contact the Health Insurance Association’s Privacy Contact. The contact will respond swiftly to such requests within the extent reasonable.
  • In addition to complying with laws, regulations, and other standards concerning the handling of personal information and with its personal information protection management system, the Health Insurance Association will continually review and strive to improve this Privacy Policy.

IBM Japan Health Insurance Association
Shunichi Yamaguchi, Chairman of the Board
Established: July 15, 2004
Revised: February 22, 2024

PrivacyMark

As part of the PrivacyMark System, the PrivacyMark logo serves as a clear indication to users that a company’s systems and operations have been assessed and certified by an independent agency to adequately safeguard personal information and to be in compliance with the Japan Industrial Standard JIS Q 15001, “Personal information protection management systems – Requirements.”
The Medical Information System Development Center (MEDIS-DC) conducts PrivacyMark assessments, while JIPDEC grants the use of PrivacyMark.
The IBM Japan Health Insurance Association is certified to use PrivacyMark.
Date of assessment passed
Effective period of PrivacyMark certification		 :April 22, 2025
:December 11, 2024 – December 10, 2026

Disclosure of purpose of use of personal information held by the IBM Japan Health Insurance Association

The IBM Japan Health Insurance Association (“Association” hereinafter) prepares databases containing personal information based on personal information found in various notices, applications, and documents received from insured persons and their family members (“members” hereinafter); personal information found in medical cost details (“rezepts” hereinafter) used by medical care institutions or other facilities to bill the Association for examinations at such facilities; and other personal information, including the numerical results of health examinations. The Association uses this information in health insurance activities and health activities as described below.

Overall, the Association uses personal information pursuant to the Health Insurance Act to provide services that maintain and promote the health of its members and to provide insurance benefits for members in the event of non-occupational illness, injury, death, or childbirth.

Health insurance associations handle large volumes of medical information, including information found on rezepts, health examination data, and other personal information. Additionally, the activities of health insurance associations depend on the implicit trust of association members. For these reasons, the Personal Information Protection Commission and the Ministry of Health, Labour and Welfare recommends, in guidance or other materials it issues, establishing specific restrictions on the use of such information.

Discussed below is how and why the Association uses this personal information.

  • The Association uses applications and other materials related to eligibility for insurance coverage in its operations, as outlined below.
    • Master databases, including membership registers, are prepared by entering data chiefly from information found on Notifications of Eligibility as Insured Persons and Dependent (Change) Notices submitted when members join the Association (e.g., health insurance card symbol and number, Individual Number, name, date of birth, gender, address, monthly remuneration). This information is stored on Association administrative processing computers for use across health insurance service operations.
    • Prospective dependents are subject to review and certification when a Dependent (Change) Notice is submitted based on documentation of income and other information, including tax (tax-exempt) certificates and certificates of school attendance.
    • Health insurance cards are issued following a review of information provided in Notifications of Eligibility as Insured Persons and Dependent (Change) Notices.
    • On receiving a Notification of Loss of Eligibility as Insured Person, the Association issues a request for the return of the health insurance card. The cards are reviewed and disposed of after retention for a fixed period of time.
    • In the changes in or additions to data stored in a master database, the revisions will be based on change (correction) notices concerning matters related to eligibility.
    • Through links to benefits data, rezept data, health examination data, and other data, the master databases are used for various purposes. These include reviewing benefits payments, issuing medical care cost information, identifying those eligible for various health activities, and contacting members.
    • Names, addresses, and other contact information in the master databases may be used to contact members even after they lose their eligibility using contact information from notices or other documents.
    • Upon receipt of inquiries from medical care institutions or from other insurers (including municipalities and pension offices) concerning loss of eligibility or other matters related to insured medical consultation and treatment, the Association will respond to indicate whether the individual concerned is covered. This may include providing the health insurance card symbol and number, name, date of birth, gender, date of eligibility, date of loss of eligibility, and other data from master databases. The Association always confirms the identity of the party making the inquiry.
    • In cases in which an examination may have been administered or service provided after loss of eligibility, the Association will check the health insurance card symbol and number, name, date of birth, gender, date of eligibility, date of loss of eligibility, and other data from master databases against data held by other insurers or medical care institutions to prevent duplication of benefits.
    • Data from Notifications of Bases for Calculation, Notifications of Changes in Monthly Amounts, and Notices of Bonus Payments is uploaded to the master databases and used to collect insurance premiums (including regulation insurance premiums and long-term care insurance premiums). In addition, as needed in response to notifications, the Association will ask employers to provide salary/bonus ledgers and other materials for use in this confirmation.
    • Tasks related to the preparation of master databases and the processing of certain inputs thereto, the issuance of health insurance cards, and the preparation of notices of premium payment and other documents are subcontracted to health insurance service system vendors.
    • Data on health insurance card symbol and number, name, date of birth, gender, and address from master databases of applicants for health examinations are provided to contracted examining institutions and their partner examining institutions for use in sending results of health examinations.
    • Data on health insurance card symbol and number and date of birth from master databases of users of contracted recreation facilities are provided to the operators of such facilities for use in processing applications for facility use.
    • Data on health insurance card symbol and number, name, and address from master databases are used to send Association bulletins to members.
  • The Association uses claims for cash benefits and other benefits in its operations, as outlined below.
    • Data is entered into Association administrative processing computers to confirm the information provided in claims and to make suitable benefit decisions.
    • Data on benefit records is input and stored for later use in confirming or reviewing claims.
    • The Association reviews data from master databases for members claiming the Childbirth and Childcare Lump-Sum Grant or Dependents' Childbirth and Childcare Lump-Sum Grant, including the health insurance card symbol and number, name, and date of birth and check this data with other insurers to make appropriate benefit decisions and make adjustments related to duplication of benefits with other insurers.
    • The Association will respond to inquiries from other insurers to indicate whether or not a claim has been filed and/or payment of benefits has been made for the Childbirth and Childcare Lump-Sum Grant, Dependents' Childbirth and Childcare Lump-Sum Grant, or Injury and Sickness Allowance. The Association always confirms the identity of the party making the inquiry.
    • The Association uses rezept data for those claiming the Injury and Sickness Allowance to check claims. In certain cases, the Association will confirm treatment status or other information with the physician responsible or visit a health or medical facility to ensure appropriate decision-making regarding benefits.
  • Rezept data is stored on Association administrative processing computers for use across health insurance service operations. The format is either: for claims submitted in CSV format by Health Insurance Claims Review & Reimbursement Services (HICRRS), the original format or images thereof; for paper rezepts, a database of digital versions thereof compiled by HICRRS.
    • Rezept data is checked by rezept inspection vendors. In the event of any questions concerning the information provided in the claims, the Association may ask HICRRS to complete a follow-up review.
    • If a follow-up review leads to suspicions that an examination occurred after loss of eligibility, the Association may forward data, including the Association name, health insurance card symbol and number, name, date of birth, date of loss of eligibility, and date of examination, to the medical care institution.
    • Similarly, the Association may forward data, including the Association name, health insurance card symbol and number, name, and date of birth to medical care institutions to determine whether patients expected to receive payment of High-Cost Medical Care Benefits will also receive assistance from public funds or from their local governments.
    • Rezept data is used to analyze medical care costs and to manage the Association’s medical care costs. This data is also used to identify those eligible for follow-up guidance and education on preventing lifestyle-related conditions following health examinations.
    • Members examined by multiple medical care institutions in a single month will be identified and provided guidance based on rezept data.
    • Decisions on payment of High-Cost Medical Care Benefits and additional benefits are made based on rezept data. These benefits include Patient Cost-Sharing Reimbursements and Additional Benefits, Total High-Cost Medical Care Additional Sum, and medical care additional sum for dependents
    • The Association makes decisions regarding the payment of Injury and Sickness Allowance by referring to rezept data.
    • The Association makes decisions regarding the payment of medical care expenses and Secondary Dependent Medical Costs, including those for judotherapy, by referring to rezept data.
    • In response to requests for disclosure, rezept data is printed and delivered. Requests for disclosure from parties other than the individual concerned will be handled in accordance with established procedures and fulfilled only in response to parties authorized by such procedures.
    • A subcontracted health insurance service system vendor will provide medical care cost information and notices of price differences for generic drugs to members based on rezept data.
    • With the consent of the member in question, the Association may share rezept data with medical care institutions and dispensing pharmacies for the purpose of improving the safety and quality of medical care, improving the efficiency of medical care benefits, and rationalizing medical care expenses.
    • If a member receives medical consultation and treatment for injuries attributable to the actions of a third party in traffic accidents or under similar circumstances, the Association will provide a copy of the patient’s rezept to the casualty insurer as proof of medical care costs.
    • The Association will provide details of medical care costs and other data concerning members receiving medical care overseas to a subcontracted translation vendor for translation into Japanese.
    • The Association will send copies of rezepts and application forms containing certain information found in rezepts to the High-Cost Medical Care Group of the National Federation of Health Insurance Societies (NFHIS) to apply for the joint undertaking conducted by NFHIS, under which NFHIS pays a part of high-cost medical care, and receive assistance for medical care costs.
    • After removal of personal identity information, rezepts may be used as teaching materials as case studies in rezept inspection training programs organized by multiple health insurance associations.
  • Health examinations are provided by subcontracted health examination service providers.
    • Data on the numerical results of health examinations are obtained from the health examination service provider and provided to the examinees. This data is also stored on Association administrative processing computers for use in identifying those eligible for follow-up guidance and to provide information on preventing lifestyle-related conditions.
    • The Association provides health examinations jointly with employers. In principle, the employer is also notified of the results of health examinations of insured persons. This data is shared by the employer and the Association to facilitate management of the health of insured persons (employees).
    • Health examination results are stored in master databases for comparison to future data and for use as reference information in providing health management services and health guidance.
  • Other health activities
    • Specific Health Guidance is provided by a subcontracted health guidance service provider.
    • Information and communication technology (ICT) is used to provide members with personalized information based on treatment data.
    • For reference in data analysis and evaluations based on Data Health Plans (plans for implementing health activities effectively and efficiently based on data analysis, including medical care information and health examination results, as part of Japan's National Growth Strategy)*
    • Health examination results and medical data may be used by various federations and research associations of which the Association is a member as materials for effectively implementing health promotion and illness prevention measures.*
    • For use in surveys conducted to study the Association’s health activity programs.
    • For use in dissemination of various health information to maintain and promote health of Association members.

    (*) Before such use, data will be anonymized by removing names, dates of birth, addresses, and other identifying information. In cases in which anonymization is difficult, the Association will obtain the consent of the individual concerned.

  • HR data on Association management and employees, lists of Association Committee members, and lists of personnel responsible at employers
    • Documents related to the appointment and hiring of Association management and employees will be stored under strict security.
    • Documents related to compensation of management and employees will be stored under strict security and used to process withholding taxes and for other purposes.
    • Documents related to performance evaluations and other HR matters will be stored under strict security and used in personnel transfers and other activities.
    • Lists of Association Committee members and directors are used to communicate dates and times of Association Committee and Board of Directors meetings and other information.
    • Lists of personnel responsible at employers will be used for various purposes, including communicating information on briefings for personnel responsible at employers, health management promotion committee meetings, and other purposes.
  • Specific Personal Information
    • Specific Personal Information refers to personal information that includes Individual Numbers (Social Security and Tax Numbers) (including numbers, codes, or other symbols corresponding to and used in place of Individual Numbers other than certificates of residence codes).
    • The Act on the Use of Numbers to Identify a Specific Individual in the Administrative Procedures (“Act” hereinafter) specifies the scope of use of Specific Personal Information, including the coordination of such information between parties involved in administrative operations, such as administrative agencies (e.g., obtaining information on taxation or non-taxation status from municipal governments for use in dependent certification by a health insurance association). This information is not used beyond the scope specified in the Act.
    • In certain cases, the notices described under 1 and 2 above may qualify as Specific Personal Information because they include Individual Numbers. Since use of such data in accordance with the purposes and methods of use specified under 1 and 2 above falls outside the scope of use specified in the Act, appropriate measures will be taken, including masking or removal of Individual Numbers.
  • The Association handles tasks such as retention, administration, disposal, and deletion of personal information, as outlined below.
    • For personal information indicated on various paper notices, applications, rezepts, or other documents, upon completing input processing, the Association or a subcontractor will retain such documents in storage for the mandatory retention period (in years) specified in Association document control regulations. The documents will not be removed from storage except when needed for confirmation or similar purposes.
    • Personal information on media other than paper will be retained and administered appropriately in accordance with management and administration rules on retention in media other than paper format.
    • Paper documents containing personal data for which the mandatory retention period (in years) has expired or personal data is no longer needed as processing is complete will be shredded so as to render the documents illegible. Large volumes of documents containing personal data are handled by dissolving by a specialized subcontractor.
    • Before disposing of personal computers or magnetic media or returning them at the end of a lease period, all data stored on such devices or media is rendered unrecoverable by data destruction software.
    • Personal information held by the Association is used for no purpose other than the above activities.

Personal information held by the Association for business purposes

Type of personal information Content of personal information
Insured person eligibility information Symbol/number, name, date of birth, gender, date of eligibility, initial date of eligibility, date of forfeiture of eligibility, standard monthly remuneration, remuneration, insured person’s address (at time of eligibility), bonus amount, starting date of childcare leave, ending date of childcare leave
Voluntarily and continuously insured person eligibility information Symbol/number, name, date of birth, gender, date of eligibility, date of forfeiture of eligibility, standard monthly remuneration at time of forfeiture of eligibility, presence/absence of dependents, insured person’s address, insured person’s contact information (tel. no.)
Special-case retired insured person eligibility information Symbol/number, name, date of birth, gender, date of eligibility, date of forfeiture of eligibility, presence/absence of dependents, insured person’s address, insured person’s contact information (tel. no.)
Information on insured persons’ rezepts Whether the party is the insured person or a dependent, examination/treatment category, insurer no., symbol/number, benefit ratios, year/month of examination/treatment, prefecture code, medical care institution code, name, gender, date of birth, special notes, whether work-related or work-induced, name and address of medical care institution, department consulted, name of injury or illness, date consultations commenced, outcome of illness/injury, actual number of days of consultation, final points, public expenditure points, amount of partial contribution, amount contributed by patient, amount contributed for outpatient treatment, amount contributed for inpatient treatment, public expenditure amount, name of prescribed drugs, amount contributed for prescribed drugs, public expenditure portion of amount contributed for prescribed drugs, number of days of treatment associated with meal costs, public expenditure portion of number of days of treatment associated with meal costs, amount decided for treatment associated with meal costs, public expenditure portion of amount decided for treatment associated with meal costs, standard contribution for treatment associated with meal costs, public expenditure portion of standard amount for treatment associated with meal costs, consultation details, images (of rezept)
Information on insured persons’ health examinations Symbol/number, name, address, date of birth, tel. no., employer name, employee no., email address, examination cost, health-examination benefit-type code, items not examined, type of examination, date of examination, name of examining institution, address of examining institution, examination results, results of medical interview, images (X-rays), content of consultation/guidance, medical opinion, name of nurse/health nurse, records of purchase of emergency medicine/household medicine, previous illnesses, family previous illnesses
Information on cash benefits to insured persons Symbol/number, name, date of birth, address, tel. no., remittance beneficiary bank/account no., name of medical care institution performing examination, year/month of examination, illness or injury, salary income, basic pension no., pension amount, medical care costs, date prosthetic equipment was fitted, cost of purchase of prosthetic equipment, previous year’s income (only for tax-exempt persons), transportation costs, name of certifying medical care institution, period unable to work, salary during period unable to work, attendance at workplace during period unable to work, date of childbirth, expected date of childbirth, number of children born, name(s) of child(ren) born, relationship, year/month/date of death, cause of death (condition), content of copy of official register indicating removal, cost of funeral (for funeral expenses only), claimant address, claimant address (when the insured person has died), claimant remittance beneficiary bank/account no.
Insured person judo therapy information Symbol/number, name, date of birth, name of judo therapist, year and month of treatment, cost of treatment, name of injury or illness, bank account of judo therapist for transfers
Information on eligibility for copayment rate for Elderly Recipients (aged 70–74) Symbol/number, name, date of birth, gender, address, amount of public pension received, salary income amount, amount of other income, presence/absence of dependents
Insured person’s long-term care insurance eligibility information Symbol/number, name, date of birth, gender, date of 40th birthday, date of 65th birthday, long-term care insurance insured person category, date of exemption from long-term care insurance, ending date of exemption from long-term care insurance, year/month/date of departure from Japan, year/month/date of return to Japan, date of submission of notice of moving out/in to municipality
Information on use of health activities by insured persons Symbol/number, name of insured person, name of user (or person examined), date of birth of user (or person examined), whether the party is the insured person or a dependent, relationship, consulting hospital name, consulting hospital tel. no., amount of health examination costs, internal postal code, email address, employer (personal) tel. no., amount subject to payment, subsidy amount decided, type of examination, age, address, home tel. no., name of recreational facility used, year/month/date of use of recreational facility, number of days of lodging, BMI measured value (height, weight), value of additional points applied for (self-assessment item)

Type of personal information Content of personal information
Dependent eligibility information Name, date of birth, gender, relationship to insured person, occupation (name of employer or school), average monthly income, living together or separately, date of dependent authorization, date of forfeiture of dependent eligibility, address of dependent living away from insured person
Information on dependents’ rezepts Same as Information on insured persons’ rezepts
Information on dependents’ health examinations Same as Information on insured persons’ health examinations
Information on cash benefits to dependents Name, date of birth, relationship to insured person, bank account for transfers, name of medical care institution where consultation took place, year and month of consultation, name of injury or illness, income for the previous year (only for tax-exempt persons), medical care costs, date prosthetic equipment was fitted, purchase date of prosthetic equipment, date of childbirth, expected date of childbirth, number of children born, name(s) of child(ren) born, relationship, year/month/date of death, cause of death (condition), content of copy of official register indicating removal
Dependent judo therapy information Dependent name, dependent’s date of birth, relationship to insured person, other items same as for insured persons
Information on dependent eligibility for copayment rate for elderly recipients (aged 70–74) Dependent name, dependent’s amount of public pension received, dependent’s salary income amount, dependent’s amount of other income
Dependent’s long-term care insurance eligibility information Same as Insured person’s long-term care insurance eligibility information
Information on use of health activities by dependents Same as information on use of health activities by insured persons (not including those available only to insured persons)

  • Purposes of use necessary for payment of insurance benefits to insured persons, etc.
    [Examples of such use within the Association]
    • Confirmation of the eligibility of insured persons, certification of dependents, and issuance and management of health insurance cards
    • Payment of insurance benefits and additional benefits
    • Administration of use as stipulated by the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures
    [Examples of provision of information to other operators, etc.]
    • Payment to salary accounts (employers) for automatic payment of High-Cost Medical Care Benefits, Patient Cost-Sharing Reimbursements, etc.
    • Outsourcing of translations related to overseas medical care expenses
    • Filing claims with casualty insurers, etc. related to third party actions
    • Joint operations involving high-cost medical care benefits with the National Federation of Health Insurance Societies
    • Coordination of information as stipulated by the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures
    • Outsourcing of data processing related to the eligibility of insured persons, etc.
  • Purposes of use necessary for collection of insurance premiums, etc.
    [Examples of such use within the Association]
    • Ascertaining of standard monthly remuneration and standard bonus amounts
    • Collection of health insurance premiums, long-term care insurance premiums, and regulation insurance premiums
  • Purposes of use necessary for health activities
    [Examples of such use within the Association]
    • Health examinations for purposes of health maintenance and promotion; health guidance and health consultations
    • Implementation of specific health checkups and health guidance
    • Transmission of health information etc. for purposes of health maintenance and promotion
    [Examples of provision of information to other operators, etc.]
    • Management of implementation status of specific health checkups and health guidance, and reporting such to the national government
    • Entrustment of health guidance and health consultations to industrial physicians
    • Entrustment of health examinations to medical care institutions
    • Provision of health examination results to employers as part of joint health activities
    • Provision of medical care cost information to insured persons, etc.
  • Purposes of use necessary for review and payment of medical fees
    [Examples of such use within the Association]
    • Inspection and review of the contents of medical cost details (rezepts), etc.
    [Examples of provision of information to other operators, etc.]
    • Entrustment of inspection and review of the contents of rezept data
    • Entrustment of data entry by punching input and image scanning for computer processing of rezept data
    [Examples of provision of information to the healthcare bill check and payment organization]
    • Provision of member information for rezept transfers via the system for online confirmation of eligibility, etc.
    • Inquiries and provision of member information related to requests for re-examination for rezept transfers via the system for online confirmation of eligibility, etc.
  • Purposes of use necessary to support Association operations
    [Examples of such use within the Association]
    • Medical care cost analysis; disease analysis
    [Examples of provision of information to other operators, etc.]
    • Outsourcing of data processing related to medical care cost analysis and medical care cost information
    • Participation in the medical care cost analysis project at the headquarters of the National Federation of Health Insurance Societies
  • Other purposes
    [Examples of such use within the Association]
    • Basic data to maintain and improve administrative operations of the Association
    [Examples of provision of information to other operators, etc.]
    • Consultations with or notifications to insurers, medical care institutions, etc. in administration of claims for compensation from third parties
  • Specific Personal Information
    Purposes of use in coordinating information with other medical insurers or administrative agencies (“other institutions” hereinafter) as stipulated in Article 19, Item 7 of the Act on the Use of Numbers to Identify a Specific Individual in Administrative Procedures
    [Receiving information from other institutions for administrative processing by the Association]
    • Benefit information related to the review process for insurance benefits such as injury and sickness allowance and high-cost medical care benefits
    • Information on taxation/tax exemption related to matters such as determination of copayment categories of elderly recipients
    • Information on eligibility with other institutions related to the process of obtaining the eligibility of insured persons
    • Information on taxation/tax exemption, certificate of residence information, etc. related to the dependent certification process
    [Provision of information by the Association for administrative processing by other institutions]
    • Information on insurance benefits from the Association related to the benefit payment process of other institutions for benefits such as high-cost medical care benefits and childbirth- and funeral-related benefits
    • Information on eligibility and dependent certification with the Association for the process of confirmation of eligibility by other institutions for purposes such as obtaining the eligibility of insured persons and dependent certification
  • Purposes of use pertaining to the use of the online eligibility verification system
    [Provision of information by the Association for administrative processing by other institutions]
    • Eligibility-related information on insured persons, etc. and registration of specific health checkup data
    [Receiving information from other institutions for administrative processing by the Association]
    • Specific health checkup data

About personal data held

The following are matters that must be made readily accessible to the individual in question (including cases in which replies will be made without delay to requests from the individual in question) pursuant to the Act on the Protection of Personal Information and JIS standards:

(1) Name, address, and representative of business operator handling personal information

Name: The IBM Japan Health Insurance Association
Address: 36-2 Nihonbashi Hakozakicho, Chuo-ku, Tokyo
Name of representative: Shunichi Yamaguchi

(2) Title, affiliation, and contact information of person in charge of management of personal information protection

Title: Managing Director
For contact information, see "Inquiries."

(3) Personal information held by the Health Insurance Association

See "Personal information held by the Association for business purposes."

(4) Main purposes of use expected in ordinary operations of the Health Insurance Association

See "Main purposes of use expected in ordinary operations of the Health Insurance Association."

(5) Where to submit complaints concerning handling of personal data held

See "Inquiries."

(6) Name of accredited personal information protection organization and complaint resolution contact

See "Accredited Personal Information Protection Organization the Association belongs to."

(7) Procedures in response to requests for disclosure, etc.

For security purposes, the Health Insurance Association discloses personal information subject to disclosure to members in writing and through other means after completing the designated procedures in writing, including reviews of personal identification documents. However, information may not be disclosed, in whole or in part, in the following cases:

  • (1) Cases in which disclosure may be detrimental to the life, safety, property, or other interests of the individual concerned or of a third party
  • (2) Cases in which disclosure may markedly impede the appropriate execution of Health Insurance Association operations
  • (3) Cases in which disclosure would violate laws and regulations

Articles 25 and 29 of the Act and Articles 7 and 8 of Cabinet Order No. 507 require the Health Insurance Association to establish procedures for requesting the disclosure of personal data held by it. The Association's procedures are outlined below. However, disclosure of rezepts will be handled in accordance with the June 20, 2011 notice (HIB No. 0620-1) from the Director of the Health Insurance Bureau of the Ministry of Health, Labour and Welfare, “Partial revision of ‘Disclosure of medical cost details and other information to insured persons.’”

  1. Disclosure may be requested by: the individual in question or his or her agent
  2. Agents: (A) Legal agent of a minor or an adult ward
    (B) An agent entrusted by the individual in question to submit/handle the request for disclosure
  3. How to submit requests for disclosure: In writing (Spoken requests and requests submitted by telephone, fax, email, or other means will not be accepted.) Requests may be submitted by post if delivery in person would be difficult.
  4. Submit to: Managing Director, IBM Japan Health Insurance Association
  5. Required information: Applicant name (and name of agent if submitting request via an agent), date and time of request, personal data for which disclosure is requested (indicate whether disclosure requested is for all or only part of such data—for example, data for a certain period of time)
  6. Document to attach: Document certifying that the applicant is the individual in question (or his or her agent)

Pursuant to the Health Insurance Act, personal data held by the Health Insurance Association concerning its members cannot in principle be deleted at the member’s request, since most information comes from sources such as notices pursuant to the Health Insurance Act. Except for voluntarily and continuously insured persons or special-case retired insured persons, each member must be covered by the health insurance of the association his or her employer joins. As was the case previously, corrections and additions require submission of notices of change or correction. While members retain the right to demand the cessation of use of personal data, in most cases, this would result in the inability to provide benefits or administer health examinations and is likely to be counter to the interests of the member with respect to other health activities.

  1. How to submit requests: In writing (Spoken requests and requests submitted by telephone, fax, email, or other means will not be accepted.) However, for ordinary corrections, please continue to submit the required notice.
  2. Submit to: Managing Director, IBM Japan Health Insurance Association
  3. Required information: Applicant name, date and time of request, nature of request, reason for request
    Note: Please explain your request in the greatest possible detail. Identify the personal data and clearly indicate whether the request concerns all or part of the data.

(8) Measures implemented for safe management of personal data held


  1. The Association formulates basic policies on matters such as compliance with applicable laws, regulations, and guidelines and contact points for questions and complaints to ensure the appropriate handling of personal data.

  2. The Association formulates rules on handling of personal data, covering matters such as methods of handling, persons responsible and in charge, and their duties, for each stage including data collection, use, storage, provision, and deletion/disposal.

  3. In addition to appointing persons responsible for handling personal data, the Association clearly defines which employees handle personal data and the scope of the personal data handled by them. The Association maintains structures for reporting to and communicating with the persons responsible in the event that a violation of laws or rules on handling is discovered or suspected.
    The state of handling of personal data is subject to periodic self-inspections, as well as audits by other sections or external parties.

  4. Periodic training is provided for employees concerning points to note regarding the handling of personal data.
    Contacts are concluded with employees on the confidentiality of personal data.

  5. In addition to controlling employee entry to and exit from zones in which personal data is handled and controlling devices and other items brought into such zones, measures are implemented to prevent unauthorized persons from viewing personal data.
    In addition to measures to prevent incidents such as theft or loss of devices, digital media, documents, and other materials used in the handling of personal data, measures are taken to ensure that personal data cannot be readily identified when transporting such devices, digital media, etc., including transportation within a business site.

  6. Systems are adopted to implement access controls, limit persons in charge and scope of personal information databases and other information handled, and protect information systems used to handle personal data from unauthorized access and malware.

Providing personal information to third parties

Pursuant to the Ministry of Health, Labour and Welfare guidelines mentioned above, the Association provides the following notices concerning the provision of personal information to third parties. The insured person or other individual in question is regarded to have given his or her implied and comprehensive consent when no explicit objection or reservation is raised by him or her in cases in which the purpose is to engage in actions and measures that would benefit the insured person, cases in which obtaining explicit consent would impose unreasonable burdens due to changes in current methods of notification of medical care costs, amounts of benefits paid, or other information, or cases in which obtaining explicit consent may prove unreasonable from the point of view of the individual in question. Since notification of medical care costs and amounts of benefits paid includes items concerning family members in addition to insured persons, this also applies to family members.

  • To provide notification of medical care costs, notification of determination of benefits and notification of generic drug paid for the entire household, including dependents (family members)
  • To provide statutory and additional benefits (including funeral expenses, injury and sickness allowance, childbirth and childcare lump-sum grant, and maternity allowance) through the employer
  • To enable automated payment of high-cost medical care benefits through the employer without application by the individual in question
  • For the following purposes to avoid duplicated benefits when a rezept involves aid for medical care costs from a municipal government or other government agency:
    • a) To consult with the medical care institution to confirm whether the insured person paid the cost
    • b) To consult with municipal government or other government agency to confirm whether public medical aid is available
  • To allow payment of subsidies through the employer when the insured person applies for subsidies in health activities undertaken by the Health Insurance Association
  • To send notices of eligibility information to insured persons in household units

Cases not qualifying as provision to third parties under the Act on Protecting Personal Information

  • Cases that fall under any of Subparagraphs in Article 27 (Restriction of Provision to A Third Party), Paragraph 1 of the Act are not deemed as provision to third parties.
  • In cases that fall under any of Subparagraphs in Article 27, Paragraph 5 of the Act, those who receive provision of personal information are not deemed as third parties.
(A) Items of personal data subject to shared use
  • Rezept data (shared use with the National Federation of Health Insurance Associations)
  • The following data (shared use with the employer)
    • Personally identifiable data, including employee no., name, date of birth, address/tel. no., and emergency contact/family information
    • Basic personal data based on individual applications other than the above personally identifiable data (e.g., gender, academic history, previous employment history)
    • Data related to salary/remuneration
    • Data related to social insurance/welfare
    • Data related to job/position/external title or rank
    • Data related to employment categories and conditions
    • Data related to section where employed
    • Data related to location of employment
    • Data related to job performance
    • Data related to type of work
    • Data related to health examinations/medical interviews
    • Data about the various programs which the Health Insurance Association performs (charged optional examination etc.)
    • Other data attendant to the above
(B) Scope of parties involved in shared use
  • IBM Japan Health Insurance Association
  • Employer members of the IBM Japan Health Insurance Association
  • National Federation of Health Insurance Associations
(C) Purposes of use of parties involved in shared use
For activities undertaken with the National Federation of Health Insurance Associations pursuant to Article 2 of the Additional Rules to the Health Insurance Act For activities related to the Health Insurance Association undertaken with the employer ((1) various health promotion programs, (2) analysis for planning and drafting of disease-prevention programs, (3) activities related to health insurance)
(D) Party responsible for management
IBM Japan Health Insurance Association
36-2 Nihonbashi Hakozakicho, Chuo-ku, Tokyo
Chairman of the Board Shunichi Yamaguchi

Anonymized information

The IBM Japan Health Insurance Association hereby publishes the following information regarding anonymously processed information.

  1. The Association periodically prepares anonymized information by deleting the following items from rezepts and health examination information or replacing them with other descriptions, rendering the original data unrecoverable.
    Deleted: Member names, dates of birth, ages, insured person codes, doctors' names
    Replaced: Names of medical care institutions, rezept IDs, member IDs
  2. Anonymized information is provided periodically to third parties through established secure methods for purposes such as benchmarking analysis with other health insurance societies and epidemiological studies.

Information provided to: IQVIA Solutions Japan G.K.
: PREVENT Inc.

Inquires

The IBM Japan Health Insurance Association
Personal information protection office

Tel: 03-5614-6441, Fax: 03-5614-6444
(Available hours: 9:00 - 17:00, Monday - Friday excl. national holidays)
In case you may contact by Web

Accredited Personal Information Protection Organization the Association belongs to

The IBM Japan Health Insurance Association is certified as an independent agency to adequately safeguard personal information and to be in compliance with the Japan Industrial Standard JISQ 15001.
If you have any inquiries or complaints about the Association processing of personal information, you may contact as below.

JIPDEC Personal Information Protection Consultation Service Office.

〒106-0032
Roppongi First Building, 9-9 Roppongi 1-chome,
Minato-ku Tokyo
Tel: 03-5860-7565, 0120-700-779