CCTV and monitoring devices policy

It’s for all employees and volunteers.

• The policy covers all monitoring devices that capture live or stored audio, images or video data, including: recorded sessions with children and young people, supporter relations calls or recorded WebEx calls.
• All personal data captured on monitoring devices must be collected, stored, transferred and deleted in line with ICO (Information Commissioner’s Office) best practice.
• Using a monitoring device is justified if it: (i) improves security; (ii) helps to prevent, detect or prosecute criminal acts; or (iii) greatly improves the welfare and safety of service users and staff.

• If you are capturing personal data through monitoring devices, you must ensure this is justified and a proportionate response to the issue. You are responsible for ensuring that less intrusive methods have been explored or tried already.
• When installing devices, you should consider how to reduce the level of intrusiveness of the device(s) and how to avoid irrelevant recordings of the public.
• Where devices are installed, there should be clear signage and you should inform people or their parent or carer verbally where appropriate.
• If you are responsible for monitoring devices, you must ensure that they are only accessible to employees on a need to know or see basis.
• You should share monitoring device data only when there is a police investigation, a safeguarding concern or within the grounds of what the recording device was installed for. Other sharing should be governed by our Information Sharing Policy.
• You must store and delete data recorded on monitoring devices in accordance with our Records Management Policy and Retention Schedule.