How can hospitals and healthcare facilities assure staff and patients of data privacy?
Hospitals and healthcare facilities are largely open environments in which anyone can access external areas such as car parks, and internal areas from reception to corridors, wards and even emergency rooms. There are growing risks of abusive or criminal activities. Some medical institutions have introduced body cams to monitor and prevent potential staff abuse. Other hospitals and healthcare facilities are exploring CCTV to manage risks in their buildings and wider estates.
Watch our explainer video
Video Redaction Software, Identity Cloak, can help you redact your Hospital & Healthcare CCTV footage in four fast steps.
Watch this video that explains Identity Cloaks simple auto redaction process from CCTV footage import to GDPR compliant video export suitable to share with third parties.
Facit helps customers to take control in-house to cut video management and editing costs significantly and eliminate data privacy compliance risks.
CCTV compliance in hospitals
Hospitals and healthcare facilities are largely open environments in which anyone can access external areas such as car parks, and internal areas from reception to corridors, wards and even emergency rooms. There are growing risks of abusive or criminal activities. Some medical institutions have introduced body cams to monitor and prevent potential staff abuse. Other hospitals and healthcare facilities are exploring CCTV to manage risks in their buildings and wider estates, meaning they will need to abide by CCTV compliance in hospitals.
Hospitals have a strict duty of care towards patients and their privacy. With the advent of GDPR – which treats images of people as data – there are also strict guidelines about video recording, sharing video and redacting people to protect the privacy of all but the person(s) of interest. When requests are made by third parties for copies of video footage – by the police, other agencies, or the public – the CCTV footage must be handed over within a set period in a compliant manner.
Facit IdentityCloak provides a fast, cost-effective way to redact (blur) the faces or full bodies of people in video footage in order to protect their privacy. IdentityCloak provides an ideal alternative to costly bureau services. In-house users report that IdentityCloak is easy to use and enables them to turn around compliant video footage in minutes make it easy to achieve CCTV compliance in hospitals.
Criminal activity in hospitals increases the need for vigilance and video
Possession of firearms, sexual assault, racial abuse, arson and threats to kill are among the hundreds of crimes reported at hospitals across the UK.
Figures published by Sussex Police through a Freedom of Information request reveal 374 incidents were logged in one year in just one UK county. Other allegations included possession of drugs, burglary, possession of a knife and burglary and harassment. [The Argus, 2017]
The most common incidents were theft, common assault and public order offences. Some of the crimes reported had happened elsewhere but were dealt with by police at a hospital. Several cases were linked to people who were drunk or on drugs and happened at weekends or Friday nights while others involved those with mental health problems.
Facit advises on video data privacy policy
As the use of video – body cams and CCTV – increases in medical facilities, so the need for effective compliance measures increases. Facit advises organisations with open access and high occupancy on how to treat, store and share video footage in a compliant manner. For the majority of operations, Identity Cloak offers a cost effective subscription-based solution that enables users to address the problem of crime without compromising people’s data privacy.
Where to find advice on the use of CCTV surveillance in hospitals and healthcare facilities
Bodies such as the Medical Defence Union (MDU) provide checklists on the use of CCTV. If you are planning to install CCTV, consider the following points:
- Record your reasons for installing CCTV and ensure they are proportionate and legitimate, such as crime prevention. The ICO says the use of CCTV should be reviewed each year. Seek advice from your local Caldicott Guardian or Data Protection Officer (DPO), if necessary.
- Ask one person within the practice, ideally the data controller, to be responsible for ensuring your CCTV system complies with the law and your ethical duty to protect patients.
- Seek professional advice about the most appropriate surveillance technology, the location of cameras, facial recognition, time/date stamps, etc. As with any third party supplier, put in place a contract which includes guarantees about issues such as security and patient confidentiality when processing images.
- Install clearly visible signs which state that CCTV cameras have been installed.
- Restrict access to stored CCTV images and only view them in a secure area. Do not retain images for longer than necessary, unless they are needed as evidence.
- Do not disclose images of patients without consent, except in exceptional circumstances when this can be justified in the public interest. Where other people are recorded on the same footage, their image should be blurred to protect their confidentiality.
- Your practice privacy policy should cover the installation of cameras, the safe storage of images, retention periods, disclosure to the police and subject access requests. [This above guidance was correct as at 30/08/2018]
Further useful reading is available in The Government’s Surveillance camera code of practice, which was published in 2013.
