Your CCTV System MUST Be GDPR Compliant! Find Out Why…

Those 4 letters… GDPR… are enough to make anyone wince. Arggg…not again!

For some it may seem like a distant memory since The General Data Protection Regulations (GDPR) came into effect on 25th May 2018. For others, a nightmare you can’t escape!

However, Falcon Fire & Security have an important notice for business owners with CCTV systems – which are now affected by the new legislation.

Commercial CCTV systems and GDPR

How Does GDPR Affect My CCTV System?

By law, if you are using  CCTV to capture images (for security or health and safety procedures) they must be compliant under GDPR.

The new regulations are broadly similar in nature to the previous Data Protection Act 1998 (updated in 2018) which has governed the use of CCTV up until now.

The recording of identifiable imagery is considered as personal data under the GDPR and therefore, at a data protection level, requires the same level of thought and care.

There are a few steps you must take to ensure you are compliant…

A Rule Of Thumb

You must be able to:

  1. Justify the reason for using CCTV (and have it documented)
  2. Inform people that cameras are being used – using signage which identifies who’s managing the cameras and how to contact them
  3. Justify and state the duration for which recordings are held
  4. Be able to provide people who’ve been recorded with copies of their personal data
  5. Ensure that third parties with access to your CCTV data understand their obligations in relation to GDPR

Which Third Parties Might Have Access To My CCTV Footage?

These third parties could include the CCTV Installer (e.g Falcon Fire & Security) who may also be monitoring the cameras on behalf of clients.

In this case, the security company is regarded as the “data processor” working for the client who is the “data controller”. This means the security company will need to have robust measures in place to prevent unauthorised access, alteration, destruction or disclosure of the CCTV data.

This includes an obligation to ensure the transmission network is secure. Recordings will also need to be electronically encrypted, physically locked and tracked by a signing process if removed.

What Happens If My CCTV System Is Non-Compliant?

Organisations found to be non-compliant may be faced with hefty fines.

Most importantly, it doesn’t matter WHO is responsible for the breach – it could be the MD, the caretaker or even a malicious hacker – it is the organisation itself that suffers the financial consequences and reputation damage.

Feeling Unsure? Get In Touch Today!

As security specialists, we are committed to providing the very best service. In doing so, we adhere to strict rules and procedures to ensure your business is protected in the correct way.

Unsure if your CCTV system is up to scratch? Contact us today and one of our friendly experts will be happy to help.

Fill out the contact form below and we’ll call you back ASAP.