CCTV Audit & Gap Analysis

CCTV Data Protection
Assessment & compliance

Are you operating a surveillance camera or a body-worn camera?

Did you know that data protection laws now require anyone with a CCTV system – even if it’s just one camera – to now comply and use their systems within the new rules set out in data protection laws.

These laws include UK and EU GDPR, and the Biometric and Surveillance Camera Commissioner Code of Conduct among others. A major element of the new rules includes the use of CCTV signs in public spaces that are clearly visible and include the contact details of the system’s owner so data subjects can exercise their rights and ask for more information.

Compliance with data protection and CCTV code of conduct goes beyond just installing a CCTV system. Our approach considers the four steps to a compliant CCTV system.

  • Step 1: Installation
  • Step 2: Management including training
  • Step 3: Operation
  • Step 4: Public awareness and signage

Using the above four-step approach, we can offer the following services:

white icon square logo

Provide a complete tailored CCTV policy incorporating GDPR, Data Protection Act 2018, Protection of Freedoms Act 2012, and the updated Surveillance Code of Practice (that came into effect on 12th January 2022) requirements.

white icon square logo

Compile a comprehensive list of CCTV installations in place as well as the consideration of the security processes in place to prevent unauthorised access.

white icon square logo

Complete an assessment of CCTV systems in place to review if any systems in place are fully compliant with the legislation including the requirement to be transparent through visible signage that includes contact details and a way for data subjects to exercise their rights.

white icon square logo

Analysis of Individual Rights and Data Subject Access Requests policies and processes in relation to CCTV.

white icon square logo

We can help your organisation meet the training requirements to manage and operate a CCTV system.

white icon square logo

Review the storage and retention periods of CCTV to ensure compliance.

white icon square logo

Highlight any contracts that need to be reviewed in light of GDPR.

white icon square logo

Prepare a Data Protection Impact Assessment (DPIA) that can be used throughout the organisation to use as a template before you procure or use CCTV.

white icon square logo

Identify in a gap analysis any further work that needs to be completed to ensure compliance with the legislation

Benefits Of working with DPAS

white icon square logo

We provide a high-quality service completed by data protection subject matter experts.

white icon square logo

As an independent organisation, we have experience across a variety of sectors and have expertise in other areas of data protection, not just GDPR which can be applied to CCTV compliance projects.

white icon square logo

We have over 20 years’ experience in delivering data protection services 

white icon square logo

We have designated experts on hand, which you may not have available within your organisation, to offer advice and guidance.

white icon square logo

Using DPAS ensures that there is a fresh pair of eyes on your organisation’s processes and an independent assessment of your organisation’s use of CCTV and other surveillance systems.

white icon square logo

Doesn’t put a strain on your existing resources. We can provide a CCTV compliance project with minimal disruption to your team.

white icon square logo

We can work offsite and onsite to ensure costs are kept to a minimum.

white icon square logo

We can incorporate CCTV compliance services as part of a data protection package that your organisation requires.

white icon square logo

We can also share best practices, and easily provide risk analysis and remediation for continual improvement.

white icon square logo

Use the gap analysis and CCTV report within your board meetings to demonstrate your organisation’s commitment to the importance of data protection and individuals’ rights.