Do you operate CCTV or Video surveillance, Body worn Camera or Automatic Number Plate Recognition Cameras or are planning to install such a system?
Are you compliant or confused about your legal responsibilities?
Compliance-Plus can help save your organisation avoid a £500,000 fine & loss of reputation and from 2018, when the EU General Data Protection Regulation is in force penalties of up to 4% of global turnover or 20 million euro are possible.
Here's how and what we do:
- We review your registration to the ICO to ensure your registration reflects the purposes of your surveillance system and process and define responsibilities of Data Controller and Data Processors.
- We produce a site specific CCTV Policy Document which covers all aspects of operating your systems with a view to ensuring compliance with Data Protection Act (DPA) GDPR as it evolves and Protection of Freedom Act (POFA) if appropriate for surveillance systems that monitor public spaces.
- We complete a compliance and conformity assessment of the system performance measured against the existing Operational Requirement (OR) or we write an OR to meet with the minimum BS EN 62676 Standards for CCTV and Video Surveillance systems as may be required, we record detail of all system components creating an asset register presented as Excel spreadsheets which RAG rates devices for conformity with recommendations which you can take ownership of.
- We carry out a compliance and conformity audit of system management and operations for conformity with BS 7958:2015 CCTV Management and operations code of practice and make recommendations.
- We write a summary report which will include any non-compliance issues and gap analysis for you and make recommendations for improved system performance which can be followed up as part of a managed service to ensure compliance is achieved and maintained.
- We provide CCTV compliance awareness training, supply and instruction on the use of GDPR compliant management documentation and evidential copying media to the clients’ nominated staff.
- We can manage complaints and Data Subject Access Requests (DSAR) on your behalf and also provide a video redaction and evidential presentation service if required.
- View and download the Compliance-Plus Brochure here
If you operate a CCTV or Video Surveillance System that is able to view and monitor public space then you will need to be aware and demonstrate compliance with the General Data Protection Regulation -GDPR and following current UK legislation:
- The Information Commissioners Office (ICO) has imposed financial penalties on organisations for not complying with the Data Protection Act 1998 (DPA) this will be superceded by GDPR in May this year . Other legislation is in place: Human Rights Act 1998 (HRA), Freedom of Information Act 2000 (FIA) and Protection of Freedom Act 2012 (POFA) which relate to operating some Video Surveillance Systems (VSS) and Closed Circuit TeleVision (CCTV) systems.
- National Surveillance Camera Strategy for England and Wales.
- National Strategy for CCTV Public Space in Scotland
- BS EN 62676 - Guidance for CCTV/Video surveillance operators about grading and other important matters.
- Standards for CCTV Installers, service providers and manufacturers.
- Compliance with the DPA and POFA is a mandatory legal requirement for all organisations that use and operate CCTV systems for surveillance of people in public space.
- When installing or operating video surveillance or CCTV, the ICO must be notified and the system operated in accordance with the ICO CCTV Codes of Practice 2017 to ensure compliance with the DPA and POFA or you may consider voluntary adoption of the Surveillance Camera Commissioners Code of Practice. Often recorded evidence that was considered reliable does not comply with legislation and may be challenged within a court of law. Potentially a damaging and costly mistake which could have been easily prevented.
Televigil promote and encourage our clients to adopt the Home Office Surveillance Camera Commissioners "Passport to Compliance "Scheme and third party Certification.We will work with you and on your behalf, provide an initial consultation to establish what level of service is required based on the undertaking of a Self Assessment tool to gain an understanding of what and how much time and resource may be required. please be aware that the Passport to Compliance does not offer guidance on BS 7958:2015 CCTV Management and operations code of practice and make recommendations of the system, which we can provide to demonstrate compliance with the GDPR and help ensure compliance
The following documentation published by the Surveillance Camera Commissioner will give you an understanding of what level of information and commitment that will be required:
- Self Assessment Tool for CCTV/Video Surveillance
- Self Assessment Tool for Body Worn Cameras.
- Self Assessment Tool for ANPR.
- Self Assessment Tool for UAV or Drones.
Passport to Compliance Documents:
So why choose Compliance-Plus?
Compliance-Plus is the leading system assessment and data protection operational management compliance service, which delivered by a network of Independent Professional Security Advisers who will help you comply with the DPA and POFA.
The following services and product may form part of a Compliance Plus service:
- Correct Notification to the ICO, and Defining Responsibilities of Data Controller and Data Processor ensuring compliance. You can Check ICO registration here https://ico.org.uk/for-organisations/register/
- Creation of a Policy Document tailored to cover all aspects of operating CCTV, ANPR, Unmanned Aerial Vehicles, Electronic Access Control and Visitor Management Systems with a view to promoting and ensuring compliance. within your organisation.
- Supply of a Digital Evidence System - DES and management documentation which is required to ensure compliance. This may be "Own Branded" with your corporate identity.
- Assessment of system efficacy and performance measured against an Operational Requirement providing a meaningful benchmark for you to measure quality of image and service provider performance produced as MS excel spreadsheets so you can take ownership and manage your asset.The BSIA Code of Practice for CCTV is probably the best practice Code of Practice and guidance for planning, design, installation and operation of surveillance systems that makes reference to the latest standards and is free.
- Audit of system management, documentation and production of Assignment Instructions to assist security personnel to ensure compliance. British Standard BS 7958:2015 CCTV Operation and Management Code of Practice is the recognised industry standard..
- A Privacy Impact Assessment (PIA) of the scheme and each camera location may be required and undertaken.
- CCTV compliance Awareness Training and instruction including the use of the Digital Evidence System and site Management Documentation to ensure compliance.
- Summary report which highlights which non-compliance issues within the System Performance, Signage and Management of a system and makes recommendations for remedial service to ensure compliance.
- "Data Subject Right of Access Requests, Public Information Requests and Complaints can be managed as part of the service including Forensic Services for Video Editing and Evidence Preparation for legal submission to ensure compliance.
Who is Compliance Plus for and used by?
Any organisation that uses CCTV, particularly if the scheme includes cameras which cover areas of Public Space including Educational, Recreational, Retail and Commercial sites.
What are the benefits?
Organisations that use the Compliance Plus service will be up-to-date with current CCTV regulation, benefit from improved confidence in system use, make better-informed day-to-day decisions and enjoy a reduced risk of accusations of non-compliance being levelled against themselves or their organisation.