Healthcare logo
Asia Pacific | Healthcare and life sciences

Two Guidelines from Three Ministries (Japan)

Medical institutions in Japan that place medical information in a 3rd party service (eg cloud) must review their risk management measures against the requirements of two guidelines set by three different government ministries. The guidelines are collectively referred to as the “Two Guidelines from Three Ministries” (2G3M).

[1] Guideline for the Security Management of Medical Information Systems version 6.0 (May, 2023)

Ministry of Health, Labor & Welfare 

[2] Safety Management Guideline for Information Systems and Service Providers Handling Medical Information (Aug, 2020)

Ministry of Economy, Trade & Industry

The Ministry of Internal Affairs and Communications (MIC)

In order to help customers understand how we support compliance with these guidelines, we've created a 2G3M Whitepaper as well as a Control Mapping for “The Safety Management Guideline for Information Systems and Service Providers Handling Medical Information.” Third-party compliance programs such as ISO/IEC 27001, ISO/IEC 27017, and ISO/IEC 27018 certifications align closely with 2G3M and we have mapped many of the 2G3M requirements with these industry standards in the whitepaper.

We can also provide the "Security Reference" document which outlines the safety management measures taken by Google Cloud and Google Workspace, as well as the functions of Google Cloud and Google Workspace that customers can utilize to comply with these guidelines. For those customers who would like to refer to the "Security Reference" document, please contact sales.


Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Google Cloud
  • ‪English‬
  • ‪Deutsch‬
  • ‪Español‬
  • ‪Español (Latinoamérica)‬
  • ‪Français‬
  • ‪Indonesia‬
  • ‪Italiano‬
  • ‪Português (Brasil)‬
  • ‪简体中文‬
  • ‪繁體中文‬
  • ‪日本語‬
  • ‪한국어‬
Console
Google Cloud