Surveillance – means to watch or record. In this instance, surveillance refers to any technology used to record images of individuals. Surveillance systems can be:
- staffed (e.g. control room where cameras are actively monitored)
- unstaffed (remote CCTV cameras that record and download to a single location, often reviewed in response to an incident)
- operator controlled (e.g. Body Worn Video activated by an individual).
Overt Surveillance – is where individuals are aware that the cameras are present, and that recording is taking place (usually notified through signage, or notification from the operator that recording is taking place).
Covert surveillance – refers to a surveillance system that is hidden, where individuals are not notified that they are being recorded. We do not directly undertake covert surveillance. Any covert surveillance of Genesis properties is carried out by police/local authorities in line with the Regulation of Investigatory Powers Act.
Intrusive Surveillance - covert surveillance of anything taking place in or on residential premises or in a private vehicle which involves the presence of an individual on the premises or in the vehicle, or the use of a surveillance device. We are prohibited from undertaking intrusive surveillance.
Visual Recording System – any system which carries out surveillance / visual recording of individuals
This policy ensures that our use of CCTV and visual recording systems complies with the Data Protection Act and associated legislation and codes of practice, in particular the 12 principles of the Surveillance Camera Commissioner’s Code of Practice:
- Use of a surveillance camera system (SCS) will always be for a specified purpose which is in pursuit of a legitimate aim and necessary to meet an identified pressing need.
- The use of a SCS will take into account its effect on individuals and their privacy, with regular reviews to ensure its use remains justified.
- There will be as much transparency in the use of a SCS as possible, including a published contact point for access to information and complaints.
- There is clear responsibility and accountability for all SCS activities including images and information collected, held and used.
- Clear rules, policies and procedures will be in place before a SCS is used, and these must be communicated to all who need to comply with them.
- No more images and information will be stored than that which is strictly required for the stated purpose of a SCS, and such images and information will be deleted once their purposes have been discharged.
- Access to retained images and information will be restricted and there are clearly defined rules on who can gain access and for what purpose such access is granted; the disclosure of images and information should only take place when it is necessary for such a purpose or for law enforcement purposes.
- SCS operators will consider any approved operational, technical and competency standards relevant to a system and its purpose and work to meet and maintain those standards.
- SCS images and information is subject to appropriate security measures to safeguard against unauthorised access and use.
- There will be effective review and audit mechanisms to ensure legal requirements, policies and standards are complied with in practice, and regular reports will be published.
- When the use of a SCS is in pursuit of a legitimate aim, and there is a pressing need for its use, it will be used in the most effective way to support public safety and law enforcement with the aim of processing images and information of evidential value.
- Any information used to support a SCS which compares against a reference database for matching purposes will be accurate and kept up to date.
Any CCTV/visual recording system that we use will meet the technical requirements as set out in Surveillance Commissioner’s Technical Standards and/or other industry standards.
In all cases, footage must be legible, fit for purpose and captured in a resolution sufficient to allow the footage to be used for the purposes set out in the relevant Privacy Impact Assessment (PIA) (see section 6).
Each visual recording system/process will have a:
- System owner –who is responsible for ensuring that all required PIAs and reviews are conducted and that the system meets the identified legitimate interests. They will not directly access records but are responsible for making sure the system is used appropriately.
- System operator(s) – authorised NHG staff member(s) who are able to view/share footage in response to incidents/requests. They are not able to alter the location or position of any cameras and any request for access/sharing of footage must be authorised by the system owner prior to footage being obtained from the system.
- System administrator(s) (Facilities Management / Third party suppliers) – authorised staff member(s)/contractor(s) who can access the list of cameras/devices used in the visual recording system and ensure that they are working and meeting the technical/security standards. They can action repairs of cameras and arrange for repositioning of devices in response to requests from the system owner.
Where devices are allocated to individual operators e.g. body worn video, a list of the assets used will be maintained showing the asset number, who it was assigned to, duration and whether or not any incidents were captured. This asset list is maintained by the system owner.
As part of their employment with Notting Hill Genesis, some staff are issued with mobile phones which have the capability to record visual images. A list of all devices is maintained by IT/mobile phone provider. However, staff only record images using the recording function of their device where there is prior approval to do so and where the process has been authorised by the System Owner, following a PIA (see section 6).
Staff do not record customers in their homes without the knowledge of the customer as this would constitute intrusive surveillance which we are prohibited from undertaking.
Privacy impact assessments
The system owner ensures that a Privacy impact assessment (PIA) is undertaken for all new deployments of visual recording systems used for overt recording. The PIA includes a consultation with all relevant stakeholders. All PIAs are signed off by the system owner, and, where appropriate, the relevant Director of service area.
PIAs consider all risks to the privacy of individuals and the controls in place to reduce those risks, such as the use of privacy zones to prevent the capture of unnecessary information / unwarranted intrusion on the privacy of individuals.
All PIAs are reviewed on an annual basis by the system owner to ensure that the visual recording system is justified and that the devices used are appropriate to the aims. Any amendments to the system because of the PIA are implemented. PIAs are recorded in line with our Risk Management Policy. Compliance is monitored, as set out in section 11 below.
Where visual recording systems are installed, adequate signage will be in place to inform individuals that they are being recorded. Any signage complies with any standards in place at the time, such as those set out by the Information Commissioner and/or the Surveillance Camera Commissioner and include as a minimum the published contact point for access to information and complaints. Signage will be in place before recording begins.
Where the visual recording system is operator controlled, individuals are informed that they are being recorded. As part of the PIA, consideration is given to how this information can be delivered to individuals being recorded.
Security, storage and retention
Footage is only retained for as long as is necessary to fulfil the purposes for which the footage is captured. Footage is not held in the visual recording system for longer than 30 days in the initial instance. The retention period should be identified in the PIA.
All footage in the visual recording system and any isolated/extracted footage is retained in a secure environment e.g. encrypted where possible. Any transfer of data from the recording system to the storage system (e.g. from mobile phones, via the internet) is also secure.
All footage which is outside of the set retention period is automatically deleted once the retention period has expired, unless the footage has been isolated in response to a request.
Access to footage
Where access to footage is required for our purposes of investigating an incident (e.g. theft, insurance claim, health and safety), the relevant footage is extracted from the system by the system operator and saved to a secure location. Requests for footage are authorised by the system owner. A retention period for the isolated footage is set at this time. Isolated footage, where the retention period has expired, is deleted by the system owner in line with this policy.
Where a request is from a member of the public / member of staff (or via an authorised representative e.g. solicitor) for information about themselves, the request is handled in line with the Subject Access Request procedure.
Access to footage by members of the public / member of staff is not provided where the information requested is not their personal data (i.e. it is about another party, property (e.g. vehicle) or incident which does not directly involve them), or where disclosure would be subject to an exemption under the Data Protection Act 1998 e.g. Section 29 Crime and Taxation. In these cases (e.g. theft of property) a request must be made by the appropriate authorised third party.
Where the request is from an authorised third party (e.g. police, insurance company), the request is recorded and verified by an appropriate staff member prior to any footage being released.
All requests for footage are recorded.
Third party suppliers
Where visual recording systems are provided by third party suppliers, the system owner ensures that they adhere to this policy with regard to technical standards, access management and retention of footage.
Contracts with suppliers also stipulate the service level agreements for returning footage in response to requests to ensure that legal obligations in respect of subject access requests and third-party requests can be met within the appropriate timescales. All third-party suppliers are approved and authorised by the in-house Procurement Team and selection complies with the Procurement Policy.
Review, audit and monitoring
All PIAs are reviewed on an annual basis. Regular audits are carried out on all records relating to visual recording systems including records of requests, asset lists and granting of access rights, to ensure that the policy is being adhered to.
Where a complaint is received regarding the use of a visual recording system from a member of the public or an authorised representative (e.g. MP, Councillor, solicitor etc.) this is dealt with in accordance with our Complaints Policy, including the timescale for a response.