Information Commissioner's Office
Statement on ICO investigation into Department of Health and Social Care CCTV footage
The ICO can confirm it is investigating an alleged data breach.
EMCOR Group (UK) plc, which provides facilities management and CCTV services for the Department of Health and Social Care (DHSC), has submitted a breach report as a processor of personal data, alleging images were taken from the DHSC CCTV system without consent from either EMCOR Group (UK) plc or the DHSC.
CCTV images were later published by The Sun newspaper on 25 June 2021.
As part of the investigation, ICO teams searched two residential properties in the south of England on Thursday 15 July 2021.
Personal computer equipment and electronic devices were seized as part of the operation and the ICO’s enquiries into alleged breaches of section 170 of the Data Protection Act 2018 continue.
Steve Eckersley, Director of Investigations at the ICO yesterday said:
“It’s vital that all people, including employees and visitors to public buildings, have trust and confidence in the protection of their personal data captured by CCTV.
“In these circumstances, the ICO aims to react swiftly and effectively to investigate where there is a risk that other people may have unlawfully obtained personal data. We have an ongoing investigation into criminal matters and will not be commenting further until it is concluded.”
Latest News from
Information Commissioner's Office
Blog: Spotlight on the Children’s Code standards - best interests of the child, detrimental use of children’s data and data minimisation28/07/2021 16:15:00
A blog by Michael Murray, ICO’s Head of Regulatory Strategy
Blog: Regulating through a pandemic and beyond28/07/2021 13:20:00
A blog by James Dipple-Johnston, Deputy Commissioner - Chief Regulatory Officer
ICO approves the first UK eIDAS Regulations Qualified Trust Service Provider28/07/2021 09:10:00
The Information Commissioner’s Office has approved GlobalSign as the UK’s first qualified trust service provider [QTSP] under the UK eIDAS Regulations.
ICO's blog on its information rights work26/07/2021 16:20:00
Colleagues from the ICO’s FOI Directorate share their experiences and involvement in raising awareness of our regulation of access to information legislation.
Blog: New toolkit launched to help organisations using AI to process personal data understand the associated risks and ways of complying with data protection law21/07/2021 09:20:00
Alister Pearson, the ICO’s Senior Policy Officer – Technology introduces a new beta version of our AI and Data Protection Risk Toolkit. He explains how it can assure organisations that use AI to process personal data that they are processing it in line with the law and how organisations can help the ICO shape a final version.
Blog: What’s next for the Accountability Framework?19/07/2021 09:10:00
Blog posted by: Anulka Clarke, 15 July 2021.
Blog: Reflecting on the past five years of fundraising and data protection regulation16/07/2021 14:43:00
Lord Toby Harris, Chair of the Fundraising Regulator & Elizabeth Denham CBE, the UK Information Commissioner, reflect on the past five years of fundraising and data protection regulation in the charity sector.
ICO fines transgender charity for data protection breach exposing sensitive personal data09/07/2021 09:25:00
The Information Commissioner’s Office (ICO) has fined transgender charity Mermaids £25,000 for failing to keep the personal data of its users secure.