CHW65-Use of CCTV and Surveillance in Care Homes Policy
{{org_field_logo}}
{{org_field_name}}
Registration Number: {{org_field_registration_no}}
Use of CCTV and Surveillance in Care Homes Policy
1. Purpose
The purpose of this policy is to ensure that the use of Closed-Circuit Television (CCTV) and surveillance systems at {{org_field_name}} is conducted ethically, lawfully, and in line with best practice. This policy outlines how CCTV is used to enhance safety, protect service users and staff, and comply with legal requirements while ensuring privacy, dignity, and data protection.
This policy aligns with:
- The Regulation and Inspection of Social Care (Wales) Act 2016, which mandates safeguarding and quality monitoring in care homes.
- The General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, which set requirements for collecting and processing personal data.
- The Protection of Freedoms Act 2012, which regulates the use of surveillance cameras.
- Care Inspectorate Wales (CIW) guidance, which requires care homes to balance safety and privacy when using surveillance.
- The Human Rights Act 1998, ensuring that the right to privacy is upheld when CCTV is used.
2. Scope
This policy applies to:
- All staff members, including care workers, management, and administrative staff.
- Service users and their families, ensuring they understand their rights regarding CCTV use.
- Visitors and contractors, ensuring compliance with our surveillance procedures.
- Third-party service providers, such as CCTV installation and monitoring services.
The policy covers:
- The purpose and justification for using CCTV.
- Legal considerations and compliance with GDPR.
- Where CCTV cameras are located and how footage is used.
- Rights of service users, staff, and visitors.
- Access, storage, and security of recorded footage.
3. Principles for CCTV and Surveillance Use
3.1. Justification for Using CCTV
CCTV is used at {{org_field_name}} to:
- Enhance security by deterring unauthorised access and criminal activities.
- Safeguard service users and staff by monitoring external areas and communal spaces.
- Investigate incidents such as falls, security breaches, or allegations of misconduct.
- Ensure compliance with health and safety protocols.
CCTV is not used for constant surveillance of private areas, such as bedrooms or bathrooms, as this would violate privacy rights.
3.2. Compliance with Legal and Ethical Requirements
To ensure compliance with UK GDPR and the Data Protection Act 2018, we adhere to the following principles:
- Transparency – Service users, staff, and visitors are informed that CCTV is in operation through clear signage and written notices.
- Lawful processing – CCTV is used only for legitimate purposes, such as security and safeguarding.
- Data minimisation – CCTV recordings are only kept for as long as necessary, typically 30 days, unless required for investigations.
- Access control – Footage is only accessible to authorised personnel, ensuring data security.
- Regular review – The necessity of CCTV use is reviewed annually to ensure compliance with best practices.
A Data Protection Impact Assessment (DPIA) is conducted before any new CCTV system is installed, assessing risks to privacy and data protection.
3.3. CCTV Camera Locations and Use
To balance safety and privacy, cameras are installed in:
- External areas, including entrances, exits, and car parks, to monitor access and prevent unauthorised entry.
- Communal spaces, such as hallways and lounges, where general security monitoring is beneficial.
- Storage rooms and medication areas, ensuring controlled access and preventing theft.
Cameras are not placed in private areas, such as bedrooms, bathrooms, or staff restrooms.
3.4. Consent and Rights of Individuals
Service users, staff, and visitors have the right to:
- Be informed that CCTV is in operation and why it is being used.
- Access recorded footage if they are featured in it, following GDPR protocols.
- Request deletion of footage if it is unlawfully obtained or no longer necessary.
- Object to CCTV use, unless it is essential for security or safeguarding.
Consent is obtained during the service user’s admission process, with clear explanations of how CCTV is used. Staff consent is obtained as part of employment contracts.
3.5. Access to and Storage of CCTV Footage
CCTV recordings are stored securely and accessed only when required. Measures include:
- Restricted access, with only the Registered Manager and designated security personnel having viewing permissions.
- Encrypted storage, ensuring footage is protected from unauthorised access.
- Retention period of 30 days, after which footage is automatically deleted unless needed for legal or safeguarding reasons.
- Secure disposal of footage, following UK GDPR guidelines.
If footage is required for investigations, it is stored separately and protected from deletion.
3.6. Use of Footage for Investigations
CCTV footage may be reviewed in the event of:
- Security incidents, such as theft or vandalism.
- Safeguarding concerns, including suspected abuse or neglect.
- Accidents or medical emergencies, such as falls or injuries.
- Allegations of misconduct, ensuring fair investigations.
All reviews are conducted confidentially, with decisions documented and reported to relevant authorities, including CIW, police, or safeguarding teams, where required.
3.7. Data Breaches and Unauthorised Access
If a CCTV data breach occurs, we:
- Report it immediately to the Data Protection Officer: {{org_field_data_protection_officer_first_name}} {{org_field_data_protection_officer_last_name}}.
- Investigate the breach and assess its impact.
- Notify the Information Commissioner’s Office (ICO) within 72 hours, if required.
- Implement corrective actions to prevent future incidents.
All unauthorised access attempts are logged and reviewed as part of our security audits.
4. Managing CCTV and Surveillance Efficiently
4.1. Leadership and Accountability
- The Registered Manager is responsible for ensuring compliance with CCTV regulations.
- The Data Protection Officer oversees GDPR compliance and data security.
- The Maintenance Team ensures CCTV equipment is functioning correctly and securely maintained.
4.2. Staff Training and Awareness
- All staff receive training on CCTV usage, GDPR compliance, and privacy rights.
- Annual refresher courses ensure knowledge is up to date.
- Security procedures are reinforced during team meetings and handovers.
4.3. Monitoring and Continuous Improvement
- Quarterly security audits assess CCTV effectiveness and data protection compliance.
- Feedback from service users and families ensures CCTV is used appropriately.
- Incident logs and review reports identify areas for improvement.
- Annual policy reviews ensure alignment with CIW guidance and legal updates.
5. Related Policies
This policy is supported by:
- CHW11 – Safe Care and Treatment Policy
- CHW16 – Health and Safety at Work Policy
- CHW18 – Risk Management and Assessment Policy
- CHW19 – Emergency and Business Continuity Plan
- CHW34 – Confidentiality and Data Protection (GDPR) Policy
- CHW41 – Managing Service User Finances Policy
6. Policy Review
This policy is reviewed annually, or sooner if changes in legislation, CIW guidance, or security risks require updates. Staff and service users are informed of any changes, and additional training is provided if necessary.
Responsible Person: {{org_field_registered_manager_first_name}} {{org_field_registered_manager_last_name}}
Reviewed on: {{last_update_date}}
Next Review Date: {{next_review_date}}
Copyright © {{current_year}} – {{org_field_name}}. All rights reserved.