The ongoing security of your CCTV images, as well as ensuring they are retained no longer than is necessary, should be an important ongoing consideration for any organisation that operates CCTV.
Guiding Principle 9 of the Surveillance Camera Code of Practice states: “Surveillance camera system images and information should be subject to appropriate security measures to safeguard against unauthorised access and use.”
This means ensuring staff are trained properly in using the CCTV system and understand the data protection implications of the footage being recorded. Passwords for accessing the system must also be kept secure so that only authorised users can gain access and there is no inadvertent sharing of this information.
As well as considering internal security, all organisations must implement effective cyber security measures to keep CCTV images secure. Under your legal data protection obligations, which are enforced by the Information Commissioner’s Office (ICO), you must consider technical, organisational and physical security.
The security precautions the ICO recommends organisations should take are:
- Protect wireless transmission systems from interception.
- Restrict the ability to view or make copies of information to appropriate staff.
- Provide a secure space where footage is stored.
- Train staff in security procedures and take sanctions against staff who misuse surveillance system information.
- Establish appropriate controls if the system is connected to, or made available across, a computer network. Internet-protocol (IP) cameras should be protected by firewall and router controls, and default passwords should be changed.
- Apply any software updates (particularly security updates) published by the equipment’s manufacturer to the system in a timely manner. Modern IP camera manufacturers issue security advisories and fixes to security problems, and users should keep these patched and up to date just as much as their other computer equipment.
- Protect the recorded footage from CCTV, whether tapes or hard disk, against access by any unauthorised person, whether an unauthorised staff member or an outsider.
- Store any data you have collected securely, for example by using encryption or another appropriate method of restricting access to the information.
CCTV Logbook will help you manage your system better so that you do not miss out on any security fixes from your CCCTV supplier. Additionally, the compliance section of the CCTV Logbook portal provides a simple method for ensuring organisations are meeting their legal and best practice obligations. The step by step approach follow the requirements of the 12 Guiding Principles of the Surveillance Camera Code of Practice. When you have completed it, you will get a certificate to demonstrate compliance.
You can sign up for a free trial CCTV Logbook now and you will soon see all and know all about your CCTV system and best practice compliance.