Introduction and Objectives
A Closed-Circuit Television System (CCTV) has been introduced by Arcadian Gardens Surgery (“the Practice”) comprising a number of cameras that are fixed. All cameras are fully operational.
The owner of the system is the Practice.
For the purposes of the UK Data Protection Legislation, the data controller is the Practice, which is registered with the Information Commissioner, registration ZA327350.
The system manager is the GP Principal, DR M C K PERERA. The GP Principal is also the key contact point, and should be contacted via the Practice’s normal contact details on the website for any issues relating to the system
It is recognised that operation of the Practice’s CCTV System may be considered to infringe on the privacy of individuals. The Practice recognises that it is their responsibility to ensure that CCTV on the premises should always comply with all relevant legislation, to ensure its legality and legitimacy. CCTV will only be used as a proportional response to identified problems and be used only in so far as it is necessary in a democratic society, in the interests of national security, public safety, the economic well-being of the area, for the prevention and detection of crime or disorder, for the protection of health and morals, or for the protection of the rights and freedoms of others.
The legislation concerning CCTV in Section 30 of the Protection of Freedoms Act 2012 has produced a CCTV Code of Practice from the Surveillance Camera Commissioner that has been approved by Parliament and the Practice must pay due regard to the code.
The Practice in managing its CCTV operations under this Code of practice will endorse and comply with all 12 guiding principles of the Surveillance Camera Code of Practice.
The Codes of Practice and observance of the Operational Procedures contained in the policy shall ensure that evidence is secured, retained and made available as required to ensure there is absolute respect for everyone’s right to a free trial.The Practice CCTV System shall be operated with respect for all individuals, recognising the right to be free from inhuman or degrading treatment and avoiding discrimination on any ground such as sex, race, colour, language, religion, political or other opinion, national or social origin, association with a national minority, property, birth or other status.
Objectives
The objectives of the Practice CCTV System which form the lawful basis for the processing of data are: –
• To help deter crime and reduce the fear of crime
• To ensure the safety of persons in or near our premises and vehicles
• To protect our property from theft, vandalism and other threats
• To help detect crime and disorder, or other public safety issues
• To provide evidential material suitable for court proceedings, dispute resolution and civil proceedings
• To assist in supporting civil proceedings
• To assist in the overall management of the Practice, including dispute resolution and discipline management
Procedures
The GP Principal will provide access to the system where this is required. In their absence, the Practice Manager or Senior Partner will provide access.
Recordings will only be accessed where an incident has occurred or is suspected which falls within the objectives above. Review of recordings will take place only under supervision, and export of recordings will only be permitted where there is a legal requirement to do so. The persons involved in an incident may be present to review the information (including patients) where this is deemed necessary.
A record will be made of all uses of recordings and who viewed them.
Recording will be redacted (identifiable information such as faces blurred) when requested as part of a Subject Access Request.
How we comply with the code
Principle 1 Use of a surveillance camera system must always be for a specified purpose which is in pursuit of a legitimate aim and necessary to meet an identified pressing need.The specific purposes are given in Objectives above. There is a pressing need for the Practice to ensure the safety of its staff, patients and visitors, and to protect its assets.
Principle 2 The user of a surveillance camera system must take into account its effect on individuals and their privacy, with regular reviews to ensure its use remains justified.
This has been carefully considered. Fixed cameras record continuously within their scope and public areas are excluded from scope. Mobile cameras are not used.
Cameras are not placed in enclosed areas where there is an expectation of privacy e.g. bathrooms/toilets etc.
Principle 3 There must be as much transparency in the use of a surveillance camera system as possible, including a published contact point for access to information and complaints.
This is provided by this policy.
Principle 4 There must be clear responsibility and accountability for all surveillance camera system activities including images and information collected, held and used.
The Operations Manager/Practice manager is responsible and accountable for all activities
Principle 5 Clear rules, policies and procedures must be in place before a surveillance camera system is used, and these must be communicated to all who need to comply with them.
These are provided by this policy
Principle 6 No more images and information should be stored than that which is strictly required for the stated purpose of a surveillance camera system, and such images and information should be deleted once their purposes have been discharged.
Recordings made by detection are deleted after 30 days unless action is taken to preserve them. This is only done where the recordings are required for one of the objectives noted above.
Principle 7 Access to retained images and information should be restricted and there must be clearly defined rules on who can gain access and for what purpose such access is granted; the disclosure of images and information should only take place when it is necessary for such a purpose or for law enforcement purposes.
Only the roles noted above can access images except where required by law enforcement. The roles noted above will manage the viewing of images in normaluse to meet the objectives above. Viewing of images by persons involved in incidents will be granted where necessary for the objectives.
Principle 8 Surveillance camera system operators should consider any approved operational, technical and competency standards relevant to a system and its purpose and work to meet and maintain those standards.
These have been considered. As a technical standard, we have a minimum image size of 1080p to ensure sufficient clarity. However the resolution is not sufficient to allow document or computer screens to be read from the CCTV system.
Principle 9 Surveillance camera system images and information should be subject to appropriate security measures to safeguard against unauthorised access and use.
Images are stored on the servers at the Practice. These are appropriately secured.
Principle 10 There should be effective review and audit mechanisms to ensure legal requirements, policies and standards are complied with in practice, and regular reports should be published.
This policy is reviewed annually, the review date is at the end. No reporting is considered necessary by the practice except for logging of details of individual accesses for the purposes.
Principle 11 When the use of a surveillance camera system is in pursuit of a legitimate aim, and there is a pressing need for its use, it should then be used in the most effective way to support public safety and law enforcement with the aim of processing images and information of evidential value.
This principle is supported by this document.
Principle 12 Any information used to support a surveillance camera system which compares against a reference database for matching purposes should be accurate and kept up to date.
No reference databases are used.
Last updated June 2023.