Welcome to #WeekendWisdom number 30. This week we’re going to talk about thermal imaging cameras.
Earlier this week I co-hosted an online event where we talked about the “Return to work safely protocol” and data protection aspects in regards to that. If you want to watch it back go to YouTube and search for “breaking bad data protection practices”.
Now if anything I’m about to say here gives you cause for concern or questions, please feel free to contact me on info@L2CyberSecurity.com.
What’s wrong with Thermal Imaging Cameras?
So because thermal imaging cameras are actually processing health data, you need to carry out a data protection impact assessment. This must be done on the whole set up, BEFORE you consider installing it. You can get guidance on www.DataProtection.ie for doing a data protection impact assessment or DPIA.
Who can I screen?
You have the right to screen your employees. What you don’t have is the right to screen any member of the public or people who are not your employees. You just simply do not have that right.
What about visual and audible alerts?
Are you thinking about using any visual or audible alerts from the equipment? If so these must be placed in a very private location where there is only the subject being screened can be aware of these alerts.
Saving the data to the cloud is OK – yeah?
Do the cameras come with cloud storage capability? If so I’d be very reluctant to use it until you’re absolutely certain that the data is not taken outside of the EU.
I can get the clips emailed to my phone. That’s secure isn’t it?
And finally, you’re processing health data, it needs to be protected, so if the cameras have the capability of emailing video clips, don’t use them because email is not the most secure method for transmission of data.
So that’s it for this week. Let’s be careful out there and we’ll talk to you again next week.