23. Transition to Online Data Compliance Management
The VeriFi Data Compliance Support Service has evolved to keep pace with changes in legislation, rapidly evolving technology and recording media as it moved incrementally from video tape to USB flash memory. The next move is to SFS (Secure File Sharing) via the Cloud.
Police, Insurers and Law firms are increasingly requiring that CCTV footage and other data is transferred to them electronically rather than physically via DVD or USB.
VeriFi have recognised the inevitability of this transition and will commence the fully supported roll out of SFS during the summer of 2022. Initially this will apply to sites having a high volume evidence requirement. Less active and smaller sites/unmanned sites will continue with the paper based management system unless the client expresses a preference to go online.
When attending site, we will assess whether SFS is appropriate to the needs of the site and if so will install our EIDOS SFS software, provide user log on + training + easy to follow flow chart for you or whoever you have delegated as responsible for day to day management of the CCTV etc.
Those sites where SFS is not appropriate will continue with the existing record keeping, provided with USB cards rather than DVDs.
Data Release Process
The information you will be required to complete does not change, instead it’s just entered online.
The method of transferring CCTV footage and other data will now be via the Cloud and 2 step verification process as follows;
1. User logs on to https://release2.verifi-eidos.com and clicks on the ‘DATA RELEASE’ tab.
2. To log the release of data the user clicks on ‘Release Data’.
3. The user selects one of the following types of data release:
File Release by email
Allows files to be shared via the Cloud. The recipient will receive a download link via email and text message verification code.
Release of physical media
Gives you the choice of releasing physical media such as CD/DVD, Memory Card or Paper.
URL release by email
Allows files already available on-line to be shared, together with instructions the recipient may need to access them.
4. Details of the data to be released are completed including ‘Data Type’, ‘Description of Incident/Activity’ and ‘Justification for the release of data’.
5. Depending on the type of data release (see point 3) the user will either select the files to be uploaded, media to be released or URL to be shared.
6. The user enters the data recipient details. If physical media is being released the recipient signs on screen agreeing to the data controllers T&Cs.
7. The data manager must then authorise the release of the data. The system will not allow data to be released via email until authorisation has taken place.
8. The recipient will receive an email notifying them that data is ready for download along with an SMS verification PIN. To download the footage the recipient clicks on the URL contained within the email and enters the SMS verification PIN. They then must sign on screen agreeing to the data controllers T&Cs before downloading the footage.
Data Retention by VeriFi
The data recipient has a window of 48 hours in which they may download the data. Once downloaded the data remains on the system for 24 hours before being automatically deleted.
Archive Retention by Client
It is suggested that you retain the data on the secure file you created for this purpose, this should be deleted when the case is closed and you can no longer justify its retention. The USB that you may have used to achieve transfer should be deleted when the transfer is completed.
Frequently Asked Questions
Q1. Can I continue to use my existing paper base records?
A. If there is no internet availability or the site is unmanned we will continue to support VeriFi paper based record keeping . However the transition to Cloud based records is well overdue and a line has to be drawn at some point. More importantly, the main recipients of Surveillance and Security Data are police and insurers who increasingly require that data is transferred electronically and a paper based system is simply not capable of supporting this.
Q2. What are the cost implications?
A. There are no additional costs attached to the transition from paper to software, unless you choose to adopt options such as visitor logging and patrol verification.
Q3. Will it mean more work for anyone?
A. No, the online system requires the same level of form filling as before, the major advantage is that answers are mandatory and cannot be skipped and there is no need to manage and secure portable media.
Q4. How can I trust that my internet will not be abused by the users?
A. Generally, employers have the right to monitor their employees and contractors’ employees use of the internet on computers owned by the employer. Furthermore internet abuse should be explicitly covered in the employer’s contract with service providers and their employee’s contract of employment. A point to ponder, and this is not intended to be a flippant response, the person in question is a security officer trusted to protect the client’s multi-million pound investment. Therefore one has to question why, if this person’s integrity relating to the use of the internet is being called into question?
Q5. Can I send to more than one recipient in one upload of data?
A. No as each recipient must sign individually in order to maintain security of distribution.
Q6. How big a file can I up load?
A. 5Gb, slightly more than the capacity of a DVD.
Q7. What happens if the data manager is on leave?
A. The same arrangements that you currently have in place will apply, but in the case of the online system the VeriFi Help Desk is able to provide a high level of support.
Q8. Where is the information stored?
A. Amazon Web Services (AWS) a subsidiary of Amazon provides the VeriFi Cloud computing platform.
Q9. What support will you give us?
A. The VeriFi Helpdesk is available by telephone during normal business hours and email at all other times.
Q10. Who has access to the information?
A. The data manager for the site (you) + VeriFi team + other stakeholders approved by you.
Q11. What happens to the data should we stop using your audit service?
A. We will provide you with a PDF copy upon notification that you wish to terminate the service.
Q12. What happens if the contract to manage the site is terminated by the landlord?
A. Upon being informed of the situation we would contact you for instructions.
Q13. Who can input data onto the system?
A. The data manager for the site (you) + VeriFi team + other stakeholders approved by you.
Q14. Can data entered into the system be altered or tampered with after it has been entered?
A. No, but where applicable amendments can be entered although the original entry will remain locked.