BASINGSTOKE, England, June 1, 2016 /PRNewswire/ --
Cloud-based video surveillance company Cloudview is warning that many of the CCTV systems businesses to protect property, staff or tenants risk breaching data protection legislation and putting companies at risk of fines, bad publicity and even criminal sanctions.
The warning comes after Cloudview commissioned a briefing note from independent solicitors Wright Hassall to clarify how the Data Protection Act (DPA) relates to CCTV systems. This sets out five key requirements for DPA compliance, from secure storage and ideally encryption to the ability to switch the system on and off so that recording is not continuous. The note warns that even tighter regulations come into force in 2018, with fines of up to €20 million or 4% of global turnover (whichever is higher) for a serious breach.
Cloudview co-founder and CEO James Wickes believes many organisations may not realise the extent to which their CCTV recordings are covered by the DPA.
"Poor image quality, inaccuracy in the time/date stamp and being unable to access recordings easily when requested are problems I hear about frequently when visiting CCTV users - and these are all potential breaches of the DPA," he explains. "The Information Commissioner's Office point out that if data is to be recorded this must be done securely and accurately in order to be used properly, otherwise its capture is unjustified.
"Similarly, if recorded footage isn't stored securely to prevent unauthorised access and hacking, the organisation is at risk of a fine or a more serious penalty. Many of the organisations we speak to don't know how many CCTV systems they use or whether they are actually working because they're not managed centrally - making CCTV a litigation time bomb waiting to go off."
The DPA requires all organisations that collect CCTV data to have a legitimate reason for doing so. The recordings must be of sufficient quality for their intended purpose - in other words, if the aim is to identify individuals performing criminal activity, the recordings should be of sufficient quality to do so and must be easily accessible by the police. They must be held securely, using encryption wherever possible, and should be stored no longer than necessary.
"Organisations use CCTV to provide security, but it's vital that they remember it falls under the same regulations as all the other personal data they hold," concludes James Wickes. "The simple truth is that it's very impractical to try and make old style systems compliant, and adding security usually makes them less accessible and usable. Cloudview enables users to become compliant quickly, making CCTV more secure, more private for subjects and easier to use so it can protect people better."
Cloudview has now made the briefing note available via its website.
Founded in 2012, Cloudview is the world's first corporate-grade, secure, cloud-based video surveillance system. It enables authorised users to view, manage and share footage generated by CCTV from multiple locations on any smartphone, tablet or PC. Cloudview was recently awarded 'Police Preferred Specification' status, the only CCTV product of any description to have received this accolade. The firm works in partnership with Care Protect, which has adopted Cloudview's technology across a number of care homes to protect the wellbeing of thousands of residents and staff. Cloudview is headquartered in Hampshire with development teams in Amman, Jordan and Northampton, England.