Cybersecurity and Data Security
BCH places the utmost importance on information management, recognizing it as a key factor in both business operations and healthcare service delivery, particularly in safeguarding sensitive patient and personal data.
The Company has implemented comprehensive data protection measures that include strict compliance with relevant laws and regulations, controlled access rights granted only to authorized personnel, and the use of advanced security systems to prevent data leaks or unauthorized access. In addition, BCH continuously develops and strengthens its cybersecurity systems to address potential threats, cyberattacks, and unforeseen incidents. These efforts aim to ensure that all types of data are properly protected, securely managed, and compliant with international standards, thereby reinforcing patient and stakeholder confidence in the Company’s commitment to data privacy and security.
Goals
Key Operational Highlights 2024
- Organize activities and training sessions for employees at all levels on cybersecurity and data protection.
- Continuously communicate policies and guidelines to foster a strong culture of information security awareness.
- Regularly review and update cybersecurity and data protection policies to ensure consistency and effectiveness.
- Ensure alignment with applicable laws, regulations, and evolving international standards.
- Implement advanced security systems such as firewalls, data encryption, and multi-factor authentication (MFA).
- Monitor and detect cybersecurity threats 24 hours a day.
- Establish and regularly conduct drills for a Cyber Incident Response Plan to ensure preparedness.
- Maintain data backup and recovery processes to support continuous business operations.
Management and Operation Approach
BCH recognizes the importance of data protection and privacy as the foundation of trust in healthcare services. The Company has established a comprehensive cybersecurity governance framework that ensures compliance with legal and international standards, incorporates advanced technologies to prevent and detect cyber threats, and includes robust data backup and recovery plans to mitigate potential disruptions.
In addition, BCH places strong emphasis on raising cybersecurity awareness among employees at all levels and regularly reviewing its security measures. These efforts aim to ensure that all patient and medical information is protected with the highest level of security, transparency, and reliability forming the cornerstone of the Company’s commitment to maintaining high-quality healthcare services.
BCH respects the privacy of stakeholders’ data entrusted to it and is committed to ensuring secure data management to build trust in its services and operations. To this end, the Company has established and publicly disclosed a Privacy Policy in accordance with the Personal Data Protection Act B.E. 2562 (2019). This policy covers all stakeholders, including patients, employees, shareholders, investors, directors, and business partners.
Contacting Channels for Personal Data Complaints
BCH has established channels for stakeholders to submit personal data complaints, enabling them to exercise their rights as data subjects. These channels are also used to report complaints about leaks or breaches of personal data. This would show BCH’s transparency on the use and processing of the collected personal data. The Company will promptly address complaints as they are received.
Contacting Channels
Data Protection Officer
Bangkok Chain Hospital Public Company Limited
