VeriFi EIDOS

9.4 Unauthorised Viewing

Suitable arrangements must be put in place to prevent viewing of personal data by anyone other than stakeholders involved in the processing of such data.

In the case of CCTV, images must be clearly identifiable or recognisable for there to be an issue, a physical barrier that prevents the casual viewer from getting close enough to the image to achieve identification or recognition will often be sufficient.

Playback of recordings should always be strictly controlled and only viewed by authorised stakeholders having a justified need to view.