Privacy and data security

We aim to build trust with stakeholders, including patients and healthcare providers, to support our business. We respect individuals’ privacy and implement measures to help protect their personal information.

Our approach

Two women holding hands representing support

Our multilayered information security and data privacy programs and practices are designed to foster the safe, secure and responsible use of the information and data our stakeholders entrust to us. We have created programs designed to comply with global privacy and data protection laws.

Independent third parties test our cyber capabilities and audit our cloud security, and we continually test our systems to discover and address any potential vulnerabilities. In addition, our employees receive annual cybersecurity and data privacy training. 

Governance

The general counsel and the Audit Committee of our Board of Directors receive regular updates on data privacy through the chief ethics and compliance officer. 

Our chief information security officer (CISO) is responsible for cybersecurity across Organon, including the implementation of our policies, risk management, overseeing the technologies that support data protection and incident management. Our cybersecurity program is aligned with industry standards, including the National Institute of Standards and Technology cybersecurity framework. 

The CISO and the chief ethics and compliance officer provide an annual report to the Board on managing information security risks, including cybersecurity readiness, security controls and cybersecurity investments. The CISO also regularly briefs the Audit Committee on information security. Our directors are informed of incident simulations and response plans, including those for cyber and data breaches. 

Learn more about our work on corporate governance, ethics and compliance, and procurement and supply chain practices.