Compliance Action Planning for BS 7958 CCTV Management and Operation Code of Practice

Transcription

1 Compliance Action Planning for BS 7958 CCTV Management and Operation Code of Practice Quality Management Project No: Document Date 8 th July 2014 Document Title Compliance Action Planning for BS 7958 CCTV Management and Operation Code of Practice Prepared by Neil Brailsford Signature Checked by David Ventham Signature Approved by Nick Hewitson Signature Revision History Revision # Details Prepared By Checked Date of Issue By 1.1 Internal Draft NB DV 8 July 2014 A1 Issued to Client NB DV 8 July 2014 Page 1 of 5

2 1.0 Background Traditionally in the UK, CCTV operations have been managed by common sense and use of the organisation s normal working practices, which may or may not have been adapted to suit. However, in 1999/2005 and then revised in 2009 the British Standards Institute issued BS 7958 Closed Circuit Television (CCTV) Management and Operation Code of Practice. CCTV Control Rooms that directly or inadvertently monitor public spaces should be managed and operated in accordance with BS This British Standard states the requirements for a management system and covers everything from the physical layout of the control room, control room operation, personnel training and HR matters, evidence gathering, data protection, information security and business continuity. Examples of public spaces are: Town centres; Shopping malls; Public buildings (such as museums, sports centres and civic centres); Airports; Train stations; Bus stations; o Onboard vehicle; Traffic management systems; Car parks. These systems must be managed and operated correctly, failure to comply with BS 7958 can expose the organisation to risk of litigation, vote of no confidence and adverse publicity at the least. At worst, it might lose or accidentally make public vital information. Figure1: Typical CCTV Control Room Page 2 of 5

3 2.0 What The BS 7958 Standard Requires Of You The Code of Practice issued by the British Standards Institute as BS 7958 'CCTV - Management and Operation' incorporates the applicable legislation from the Data Protection Act 1998 and the Human Rights Act The Data Protection Act 1998 requires that all 'Data Controllers', or designated managers as appointed by the CCTV system owners, keep secure the details (images) relating to individuals. The management system in BS 7958 'CCTV - Management and Operation' (Section 4.6.4) calls for 'audit trails of systems used for - the media register - the operators log - the incident log - witness statements - faults and maintenance records - the security of data - authorised visitors.' It also calls for effective 'Warning and Information Signs' compliant with the Data Protection Act Other codes and standards which are imbedded within BS 7958 are: Information Commissioners Office (ICO) CCTV Code of Practice 2008; Association of Chief Police Officers (ACPO) and UK Home Office National CCTV Strategy 2007; BS Code of Practice for digital CCTV recording systems for the purpose of image export to be used as evidence; Code of Practice for the Identification of Persons; Regulation of Investigatory Powers Act 2000 (RIPA); and SIA (accredited level 2 award) CCTV licence. Staff screening processes along with staff training and records are an important part of BS Irrespective of the ownership, this code covers CCTV schemes used in areas where the public would have a right to visit. These areas include, but are not limited to: A place that is privately owned, but where the public perceive no boundary; A place where a public service is offered; Public footpaths, roads, bridle-ways, etc; Educational establishments and hospitals; Sports grounds, supermarkets and housing areas. 3.0 How We Can Help You To Achieve Compliance Organisations wishing to reduce risk exposure and at least use best practices should have an independent compliance audit of their system and operational procedures, with remedial plans for any non compliance. This reduces the risk and exposure to your organisation, increases efficiencies and provides a better service. Page 3 of 5

4 Smart Consultation Limited offer Compliance Action Planning (CAP). We can take care of the complete development and operation service of a management system based on BS 7958:2005/2009 to give you confidence in meeting full compliance with all applicable regulations and anticipation of, and preparation for, all foreseeable eventualities. CCTV is our core skill and we are experienced at assessing the BS 7958 compliance of control rooms and understanding where non compliances exist and developing remedial action plans to meet the standard. We develop a management system to meet your needs so that compliance is locked into your normal operational activity. We use a safe hands approach to help you maintain compliance in the future, with continuous improvement to help changes brought about by changing regulations and legal requirements. We are not a UKAS approved certification body and cannot issue an audited compliance certificate but what we can do is help you plan the path to compliance and, with our guidance, get you from where you are on that journey to compliance. We work with you to audit your system and understand your current status, defining where you have compliance or the understanding of any non compliance and what you need to do to reach compliance. We use an in-depth check list for each relevant part of the standard to inspect your system. We are here to HELP YOU and we never forget that your system, your staff and your worries are special and we tailor our help and our plans to meet YOUR NEEDS. 4.0 Current BS7958 review BS7958 is currently in review with a plan for an updated version of the standard to be released in early It is being revised in line with the Home Office Surveillance Camera Code of Practice which was released in June This code sets out 12 guiding principles which should apply to all public space surveillance camera systems. This code has been developed to address concerns over the potential for abuse or misuse of surveillance in public places. The Surveillance Camera Commission (a statutory appointment made by the Home Secretary under the Protection of Freedoms Act 2012) has a number of statutory functions, these include: Encouraging compliance with this code of practice; Reviewing the operation of this code; Providing advice about this code (including breaches of it). Page 4 of 5

5 The Home Office Surveillance Camera Code of Practice defines best practice in the operation and management of CCTV systems. The new revision of BS7958 will provide a path to meet best practice and to be independently audited. While the Code of Practice and BS7958 isn t a legal requirement for the vast majority of CCTV camera system operators (there are some relevant authorities who are defined by section 33 of the Protection of Freedoms Act 2012 who must have regard to the code); it is seen as a significant step in delivering the government s commitment to the further regulation of CCTV. Other bodies may be considered for inclusion as relevant authorities who will have to have regard to the code in the future. The achievement of BS7958 certification will therefore provide an operational benchmark and a robust defence in the event of any legal challenge to the existence or use of a CCTV system. Our staff are involved in the review of BS7958 and we are therefore well placed to help you meet not only the current version of the standard but also to be ready with appropriate policies and procedures in place to meet the next revision of the standard. 5.0 Contact Us For additional information please contact us at: Smart CCTV Limited 8 Dragoon House Hussar Court Westside View Waterlooville Hampshire PO7 7SF Telephone Number: +44 (0) Nick.hewitson@smartcctvltd.com Neil.brailsford@smartcctvltd.com w ww.smartcctvltd.com Page 5 of 5