If you have CCTV cameras installed at work, or are thinking of installing them, you should have a CCTV policy in place and you should also read the Information Commissioner's Office Code of Practice for Surveillance Cameras and Personal Information. Our CCTV policy will help you get over the first hurdle.
Data protected
Images which are recorded and held about identifiable individuals are covered by the UK GDPR and the Data Protection Act 2018 and therefore, if you're thinking of installing CCTV cameras in the workplace to routinely capture images of individuals, you'll need to comply with your data protection obligations. The Code of Practice for Surveillance Cameras and Personal Information sets out the Information Commissioner's Office good practice recommendations on how you can comply with the data protection principles. As CCTV is intrusive, the starting point is to consider whether you should use it in the first place, assessing what purposes you wish to use it for, what benefits you will gain, what better solutions might exist and what effect it may have on people's privacy. Your impact assessment will need to conclude that CCTV is justified in all the circumstances.
CCTV considerations
Once you have taken the decision to install CCTV, you’ll then need to consider matters such as:
Our CCTV Policy covers all these issues. Finally, our policy includes an optional section on vehicle tracking and monitoring which you should include if you intend to fit in-vehicle camera systems to company vehicles. If you do this, only monitor the vehicle during business use and have a privacy button installed to enable the recording to be deactivated during private use.