How GDPR Laws Will Affect YOU with your security systems
CCTV, Alarm and Access control have been the best deterrent in providing security and it dose a great job when installing correctly. Their very presence can serve to deter criminals from entering a location, while the images they provide can be invaluable in bringing wrongdoers to justice after the event.
However, those very same images will undoubtedly capture many more innocent faces than guilty ones, all of whom have individual privacy rights. With the introduction of the General Data Protection Regulation (GDPR) imminent, safeguarding the private data stored in those images will soon become more important than ever for business owners employing CCTV security on their premises.
What is the GDPR?
The GDPR is a new legal framework aimed at the legislation surrounding data protection. In addition to the traditional forms of private information such as names, addresses, telephone numbers and bank account details, this will also apply to images of individual captured by CCTV in public places.
When will the GDPR come into effect?
The new laws are scheduled to come into effect across the entirety of the EU on May 25th 2018, including in the UK. Due to the government’s firm support for the proposals, the laws will still be applicable even in the event of Brexit and after its occurrence.
What does the GDPR say about CCTV images?
According to the regulation, specific kinds of data carry with them a higher risk due to their sensitive nature and unique circumstances. Due to the mass rapid increase of CCTV cameras across the UK (and Europe), and the general lack of consent from those being monitored, CCTV is defined as being high risk.
How does this differ to previous legislation?
The existing UK Data Protection Act (DPA) was brought into effect in 1998, at which time CCTV was nowhere near as widespread as it is today. Therefore, business owners will have to be wary about how potential breaches to their system and loss of information could affect them.
With the GDPR fines for non-compliance being potentially 79 times higher than under the DPA, businesses will certainly want to be careful. The new regulation will entail a fine of either €20 million or 4% of the company’s worldwide revenue – whichever is higher. That’s no small amount of money.
What can businesses do to protect themselves?
Securing the instruments of security will become more important than ever, so there are a few measures which businesses will want to take. Appointing a data protection officer (DPO) will become mandatory and key in making sure that CCTV systems are secure and up-to-date while utilizing encryption technology to prevent hackers from gaining access to images is also top of the list.
On an internal level, regulating which employees have access to the CCTV archives is also instrumental in ensuring that a breach of security does not occur.
Will the GDPR affect everyone?
Those companies with fewer than 250 employees are required to hold internal records of processing activities if the processing of data could risk an individual’s rights or freedoms, or if it pertains to criminal activity.. However, there are a number of extenuating stipulations which could mean that even small businesses are subject to GDPR penalties on occasion.
Don’t sacrifice security
Even though the implications of GDPR might make things a little more complicated with regards to safeguarding your CCTV network, that shouldn’t mean that you forgo the enormous security benefits they offer. As well as deterring criminals from targeting your business in the first place, they can also provide invaluable evidence if a break-in does take place.
At CCTVSouth, we have a whole host of Intruder alerts, CCTV security cameras, and Access control systems to increase safety that will give you peace of mind. To find out more about how we can help secure your home or workplace, get in touch with us today.
Key points that we at CCTVSouth design systems with GDPR in mind.
- We at CCTVSouth store names and address and work relating to the work carried out are kept in a folder stored on the Apple iCloud drive which has an end to end encryption, no one else including Apple and their employees can view. Link to details about iCloud and encryption If you would like a copy of all the information related to you and the work carried out please get in touch with me.
- All CCTV work is carefully designed to make sure that there is a minimal amount of coverage with only the areas of interest covered. If there is an overlap a privacy masking will be applied at the NVR/DVR headend of the system.
- All camera and recorded data with being of the highest standard and once the system is commissioned it will be handed over to the owner. Training on how to use the security system will also be given at this time.
- All information about each individual job or quotation will be reviewed on an annual basis and if it is no longer needed it will be securely deleted.
- Signage is one of the best ways to make people aware that they are being recorded and on the sign, it should have contact details of the owner system.
For more information on GDPR please contact me LINK
For more information please look at the Surveillance Camera Commissioner Buyers Toolkit LINK