Search for:

CCTV installation at your commercial property

You can use CCTV to protect your property but you must follow data protection law.

You must:

  • put up a sign to let people know CCTV is being used and why
  • in most circumstances, be able to provide images within 1 calendar month to anyone you’ve recorded
  • share images with the authorities, such as the police, if they ask for them
  • keep images only as long as your business needs them
  • pay a data protection fee

In general, CCTV is directed at viewing and/or recording the activities of individuals. Therefore, most uses of CCTV by organisations or businesses will be covered by the Data Protection Act. The ICO has also issued a code of practice that provides recommendations on the use of CCTV systems to help organisations comply with the DPA.

CCTV systems which make use of wireless communication links (eg, transmitting images between cameras and a receiver) should ensure that these signals are encrypted to prevent interception.

CCTV systems which can transmit images over the internet (eg, to allow viewing from a remote location) should ensure that these signals are encrypted to prevent interception and also require some form of authentication for access (eg, a username and secure password).

The devices used to store CCTV images are also a common target during a break-in (eg, to remove potential evidence of the crime). In the first instance, organisations should consider the physical security of the storage device such as whether it is kept in a locked room. Newer systems may allow for recordings to be stored in an encrypted format which will prevent unauthorised access in the event of loss or theft, and which could be considered in addition to a range of appropriate access controls.

In responding to subject access requests or other disclosures, data controllers should consider an appropriate format of the data to be disclosed, and appropriate security controls. During procurement, the capability of the device or prospective system to export data securely to third parties should also be considered.

Copyright © 2024 Hells Bells | Powered by Avril WordPress Theme