Hypergene Information Security Policy

Purpose

Hypergene recognises that in many instances Hypergene collects, stores and processes information relating to Hypergene's customers, employees and individuals associated with Hypergene. Hypergene is dedicated to collecting, handling, storing and processing information correctly and securely.

The purpose of this information security policy is to ensure that Hypergene has a consistent process for managing information security. Therefore, this policy aims:  

– to summarise Hypergene’s long term ambition regarding information security,

– to show Hypergene’s commitment to provide secure and high standard of information security management.

Principles of information security management

Hypergene’s information security management is guided by three principles:  

  1. Confidentiality – information is protected from unauthorised access.
  2. Integrity – information is accurate, consistent, and protected from unauthorised alteration.
  3. Availability – authorised access is timely and uninterrupted for our employees, partners and customers.

The three principles are an integral part of Hypergene’s information security management and at the centre of the ongoing work to establish appropriate information security controls.  

Long-term ambitions

In order to achieve high standard of information security management, Hypergene is committed to maintain compliance with ISO 27001 and outlines four long-term information security objectives:

  1. To continuously improve our information security by having periodic follow-ups and audits of our processes in place.
  2. To be a risk aware organisation, which detects and manages risks in a proactive manner.
  3. To create an awareness amongst our employees about the importance of information security.
  4. To make sure that all employees are well-equipped to adequately manages risks in their work.

Approval of Policy for Information Security

This Policy for Information security is approved by Bo Gyldenvang, CEO, Hypergene

Hypergene Policy Framework

Scope of policy

This group policy (above) applies to Hypergene AB and its subsidiaries as their own binding policy.

This policy also applies to any third-party provider including interim employees and external consultants working under contract to any of the above-mentioned entities.

Framework

This Policy is part of the Hypergene Framework which includes;

  • All Hypergene policies including Code of conduct approved by CEO
  • All Hypergene instructions, guidelines, process descriptions, templates, working routines approved by Chief of Function within each area of responsibility

Roles and responsibilities

Each executive manager reporting to the CEO of Hypergene is responsible for ensuring that this policy is communicated and implemented, and that the employees within their area of responsibility are familiar with and follow this Policy.


All employees are responsible for complying with this Policy.

Communication

All Hypergene Policies are public, i.e. shall be available on official websites for customers, suppliers and other interested parties. The policies can also be attached as documents in procurements, requests for information (RFI) or requests for purchase (RFP).


All Hypergene instructions, guidelines and All Hypergene instructions, guidelines, process descriptions, templates, working routines are for internal use only.

Breaches against the policy

Any Hypergene employee that suspects violations of this Policy, or the Code of Conduct must speak up and raise the issue primarily to their line manager, their managers manager, Chief of HR Officer or through the Whistleblowing line.

Hypergene forbids any form of retaliation for people who speak up.

Approval of  Hypegene Policy Framework

The Hypergene Policy Framework is approved by Bo Gyldenvang, CEO, Hypergene.