Data Breach Policy

A data breach generally refers to the unauthorized access and retrieval of information that may include corporate and / or personal data.

In this context, a data breach refers to access to

FactoryTalk® Remote Access™

Servers and its data.

The regulations across the various jurisdictions in which Rockwell Automation operates require Rockwell Automation to make reasonable security arrangements to help protect the personal data that we possess or control, to help prevent unauthorized access, collection, use, disclosure, or similar risks.

Employees, parties external to the organization, or computer system errors, can cause data breaches.

All members of staff have an obligation to report actual or potential data protection compliance failures. This allows us to:

Investigate the failure and take remedial steps if necessary.

Maintain a register of compliance failures.

Notify the Supervisory Authority of any compliance failures that are material either on their own or as part of a pattern of failures.

Rockwell Automation will notify any affected clients after becoming aware of a data breach. However, Rockwell Automation does not have to notify the data subjects if anonymized data is breached. Specifically, notifying data breach subjects is not required if the data controller has implemented techniques like encryption along with adequate technical and organizational protection measures to the personal data affected by the data breach.

Security Architecture Whitepaper

Provide Feedback

Have questions or feedback about this documentation? Please submit your feedback here.