privacy baseline

A privacy baseline is a documented set of minimum, organization-wide requirements for how personal or otherwise sensitive data must be collected, processed, stored, shared, and retained across systems and processes. In industrial and manufacturing environments, it provides a consistent reference for designing and operating OT, IT, MES, ERP, and quality systems so that handling of identifiable or sensitive data aligns with applicable privacy expectations and regulations.

The privacy baseline typically defines what types of data are considered in scope (for example, employee identifiers, operator performance records, visitor logs, or customer-related production data), what purposes are allowed for using that data, who may access it, and what protections must be in place. It is expressed at a level that can be traced into system requirements, configurations, and procedures.

Typical elements of a privacy baseline

Although content varies by organization, a privacy baseline commonly includes:

• Data classification rules for personal, sensitive, and non-personal data used in operations, quality, maintenance, and engineering systems.
• Collection and use constraints describing what data may be collected from workers, suppliers, and customers, and for which defined purposes.
• Access control principles that specify which roles may see identifiable data, under what conditions, and how role changes are handled.
• Data minimization and pseudonymization requirements, such as using operator IDs instead of names in certain reports or dashboards.
• Logging and monitoring expectations that balance traceability and audit needs with limits on exposure of identifiers and sensitive attributes.
• Retention and deletion rules for operational logs, production history, audit trails, video, badge records, and training or competency data.
• Data sharing constraints for transfers to third parties, cloud services, analytics platforms, and cross-site data lakes.
• Change control and documentation expectations, ensuring updates to systems, interfaces, and analytics respect the baseline.

Operational role in manufacturing environments

In regulated manufacturing, the privacy baseline is used as a design and validation input for both new and legacy systems. It influences how MES and ERP are configured, how quality and deviation records store operator and patient-related data, and how shop floor intelligence tools log events and performance metrics. The baseline is typically referenced when:

• Designing or updating user roles, access matrices, and identity integration between OT and IT systems.
• Configuring security tools such as SIEM, endpoint monitoring, and audit logging so that collected events do not exceed allowed identifiers or retention limits.
• Defining interfaces between plant-level systems and corporate or cloud analytics, including which fields are masked, aggregated, or removed.
• Planning data retention and archival behavior for production records, training data, and maintenance logs, especially where people are identifiable.
• Executing change control, to confirm that new features, devices, or data flows still comply with documented privacy requirements.

Relationship to security baselines

A privacy baseline is related to, but distinct from, security baselines. Security baselines specify minimum technical and procedural controls to protect systems and data from unauthorized access, modification, or loss. The privacy baseline defines which data is permitted to exist in those systems, for what purposes, in what form, and who may see it.

In practice, the privacy baseline constrains how security controls are implemented. For example, it can define what identifiers may appear in logs, how long logs containing personal data may be retained, and under what conditions monitoring tools may capture screens or keystrokes. Both baselines are typically developed and maintained together, with traceability to system-level requirements and configurations.

Common confusion

• Privacy baseline vs. security baseline: A security baseline focuses on protecting systems and data (for example, authentication, patching, network segmentation). A privacy baseline focuses on which personal or sensitive data may be present and how it may be used and exposed. They are interdependent but not interchangeable.
• Privacy baseline vs. privacy policy: A privacy policy is often an external-facing statement describing how an organization handles personal data. A privacy baseline is generally an internal, operational specification that engineers, system owners, and process owners use to configure and run systems consistently.

Use in brownfield and legacy environments

When applied to long-lived equipment and legacy MES or ERP systems, a privacy baseline helps identify where existing data handling does not align with current expectations. This can drive compensating controls such as masking identifiers in reports, restricting access to certain screens, adjusting logging configurations, or introducing data brokers that filter or anonymize data before it is stored or exported.