Regulator urges government to mandate NHS compliance with surveillance camera code
Commissioner Tony Porter tells PublicTechnology about continued efforts to get the Home Office to recognise the need for a surveillance camera code of practice that applies to NHS and education bodies
The Surveillance Camera Commissioner has called on the government to mandate NHS trusts and other public bodies to comply with the code of practice put in place by the Home Office five years ago.
First published by then home secretary Theresa May in April 2013, the Surveillance Camera Code of Practice sets out 12 “guiding principles” to which all English and Welsh local authorities and police services are required to comply. The National Crime Agency is also covered by the code, which was introduced following the creation in 2012 of the office of commissioner as a regulatory body to oversee surveillance camera use across England and Wales.
The regulator is independent of government but is housed by the Home Office, and has a dedicated staff of five, including commissioner Tony Porter, who work with the department’s policy staff. Its remit covers both static camera on buildings and street furniture, as well as mobile technology, such as the body-worn cameras whose use is becoming ever-more prevalent in among police and prison officers.
Outside of law-enforcement and local government, All other entities can, if they wish, obtain certification of compliance issued from the commissioner – but doing so is not mandatory. This means that a number of public bodies that typically operate a significant number of surveillance cameras – including NHS trusts and universities – are not required to comply with the code.
- All prison officers in England and Wales to get body-worn cameras
- Councils slash surveillance spending, data reveals
- New investigatory powers commissioner to oversee all forms of government surveillance
Porter, who has been in post since March 2014, has argued for some time that such institutions should be mandated to adhere to the code. He told PublicTechnology that he continues to lobby the government for legislative change, as well as working with individual healthcare and education organisations and industry bodies to promote voluntary compliance.
He said: “I have written to the [home secretary] saying there is no reason on earth why a parish council is covered by the code, but not an institution [such as a hospital] that has people at their most vulnerable, in a public space, being seen by security guards with body-worn cameras. A lot of trusts also have drones and ANPR (automatic number plate recognition). This must be used sensitively and proportionately. I am still trying to push this government to accept that the capability for invasion of privacy is significant.”
Porter namechecked the good work of Barnsley Hospital NHS Foundation Trust, which last year became the first trust in the country to achieve compliance certification from the Surveillance Camera Commissioner’s Office. The trust submitted to a voluntary assessment that examined the use of 135 cameras – including static and body-worn technology.
Other institutions in the higher education sector have also shown enthusiasm for voluntarily complying with the code of practice, Porter said.
“We have made a lot of inroads with a lot of universities, and we have had a lot of support from the Association of University Chief Security Officers, who have encouraged universities to adopt the code – and many have done so,” he added.
The 12 principles established by the code include stipulations that the use of cameras must “be for a specified purpose which is in pursuit of a legitimate aim and necessary to meet an identified pressing need”, and that “no more images and information should be stored than that which is strictly required for the stated purpose”. Organisations operating surveillance systems are also asked to ensure they do so as transparently as possible, with a clear contact point for complaints, as well as undertaking regular reviews to ensure the impact on individuals’ privacy is not disproportionate.
Look out on PublicTechnology in coming days for a full write-up of our discussion with the commissioner, including lots more detail on the ongoing rollout of a three-year national strategy, and why legislators need to catch up with the increased use of biometric technology.
The UK will be shut out of many European networks and databases over the next few years – and will have to pay the EU for access in the meantime, under terms of Brexit deal
Department call matched by new NHS Digital framework on data and technology standards
Supplier sought to support rollout of advance border control service
Health-service workers were shut out of their accounts for large parts of Saturday
With the annual worldwide cost of cybercrime set to double from $3tn in 2015 to $6tn by 2021, BT offers advice on how chief information security officers can better protect their...