The British Security Industry Association (BSIA) estimates that there are over 7 million CCTV cameras in the UK. These systems, particularly Commercial CCTV, have become vital tools for security in both the public and private sectors. With the rising use of these tools comes a strict legal framework that governs their installation and use. As a leading provider and installer of CCTV measures, EA-RS is very familiar with these guidelines. Here is an updated summary of the regulations that must be followed in all matters relating to CCTV installation.

Understanding DPA and GDPR Requirements for Commercial CCTV

Legal regulations for CCTV systems, including Commercial CCTV, are predominantly governed by the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). These laws set out clear guidelines for businesses using CCTV and emphasize the need for responsible use and management of surveillance systems. These regulations exist primarily to ensure a fair balance between a business’s security requirements and the privacy of individuals.

The DPA and UK GDPR are both based on the premise that CCTV footage is a form of personal data and must be managed as such, especially when individuals can be identified in the video material. Businesses must have a clear and legitimate reason for using CCTV and must be able to demonstrate that its use is both necessary and proportionate.

Read Next: Securing Tomorrow: Future-Proofing Your Security System Through Regular Maintenance

Practical Guidelines for CCTV Installations

To comply with the DPA and UK GDPR, businesses must install and operate their commercial CCTV systems with a number of essential practices. Here are some general guidelines for these practices:

  • Signage: Clear signage must be displayed to inform people that CCTV systems are in use. The signage should include the purpose of the monitoring, the name of the organization responsible, and contact details for queries.
  • Subject Access Requests (SARs): Individuals have the right to request and receive copies of any images of them captured by your CCTV system. You must comply with this request within one calendar month, and you are not allowed to charge for the provision of this footage.
  • Cooperation with Authorities: CCTV footage must be provided to authorities, such as the police, upon their legal request.
  • Data Protection Fee: Businesses that operate CCTV systems are required to pay a data protection fee to the Information Commissioner’s Office (ICO), unless they are exempt.
  • Data Retention: CCTV footage should be stored only as long as absolutely necessary for the intended purpose. The ICO generally recommends deleting recordings after 30 days unless required for an ongoing investigation. Long-term storage would breach data storage principles.

Get in Touch with EA-RS for Commercial CCTV Solutions

If you are ready to upgrade security on your property, EA-RS can provide the solutions you need. Contact us for more information about our innovative, customizable commercial CCTV solutions.

Now Read: Gateways to Security: The Importance of Automated Gate Installations