- The benefits of using surveillance should be weighed against the impact on service users' privacy.
- Surveillance must only be carried out for one or more legitimate purposes, and be necessary, proportionate and fair.
- Providers should consider whether there are steps they could take that are less intrusive of people's privacy.
- Providers should document the reasons for surveillance, and carry out a needs assessment to determine if it supports the needs of the service user, and record any alternatives to surveillance considered.
- Provders should consult service users, family and staff on whether and how to use surveillance.
In December 2014, CQC published Using surveillance: information for providers of health and social care on using surveillance to monitor services. The document is aimed at health and social care services considering the use of surveillance and sets out some of the key points to consider.
CQC emphasises that the document does not give ‘guidance’ or ‘legal advice’ to providers on whether to use surveillance systems. Even more importantly, CQC stresses that it does not require providers to use surveillance.
Providers should comply with the Human Rights Act 1998. In particular, the benefits of using surveillance should be weighed against the impact on service users’ privacy. CQC recommends conducting a privacy impact assessment and taking steps to limit any intrusion on a person’s privacy such as repositioning cameras at particular times or limiting the times when they are in use. Providers should document how they have addressed privacy concerns.
Providers must also ensure they comply with the Data Protection Act 1998. This requires that surveillance must only be carried out in the pursuit of one or more legitimate purposes and that it is necessary, proportionate and fair. Providers should also consider whether there are other steps they could take that are less intrusive of people’s privacy. Information gathered for one purpose must not be used for another incompatible purpose. For example, recordings made to protect a service user from abuse must not be used as a record of staff time-keeping for disciplinary purposes.
Providers should document the reasons for using surveillance (e.g. for the prevention and detection of crime); carry out a needs assessment that identifies whether the surveillance supports the needs of the service user; and record any alternatives to surveillance that are considered, together with the steps taken when deciding to use surveillance. CQC inspectors will expect these records to be readily available.
Where possible, providers should consult service users, families, regular visitors and staff on whether and how to use surveillance. This should be an ongoing rather than a ‘one-off’ exercise. Providers should provide information on the type of surveillance being considered, its location, purpose, what information will be collected, where and how it will be stored and who will have access to it. CQC will usually expect to see written evidence of such consultations when it inspects the service.
All staff and contractors involved in the use of surveillance systems should receive appropriate training. Providers should keep records of this information so there is documentary evidence of it. They should also keep records of who is responsible for operating the surveillance system and for managing any information obtained through it.
Any equipment used must be safe, suitable and properly maintained.
Information obtained or recorded must be kept secure, with those able to access it fully aware of their legal responsibilities. Any information stored electronically should be kept safe through the use of strong passwords. There should be clear policies and pro-cedures for handling requests for information under the Freedom of Information Act 2000, as well as on securely retaining and de-stroying information.
Wherever possible, staff, service users and visitors should be informed about the use of surveillance. Surveillance in a non-public place (e.g. a service user’s private room or home) or in a location that is likely to capture very sensitive personal information (e.g. a prayer room for service users) is more likely to require the explicit consent of the service user. It is unlikely to be lawful to use surveillance to directly observe a person’s intimate care or medical treatment. Inspectors will expect to see the relevant records.
Where service users lack capacity to understand or consent to the use of such surveillance, providers must follow the principles of the Mental Capacity Act 2005. If surveillance is being used to prevent service users from leaving a residential care home, a deprivation of liberty safeguards (DoLS) application ought to be made to the relevant local authority. Where explicit consent is required in relation to those lacking capacity, providers must seek the consent of the person with the relevant power of attorney. If this is not available, an application to the Court of Protection may be necessary, since a ‘best interests’ decision under the Mental Capacity Act 2005 will not suffice in such circumstances. Providers should keep clear records.
Covert surveillance is more likely to capture very personal information than overt surveillance. The use of covert surveillance must therefore satisfy a more pressing and legitimate aim than overt surveillance to remain lawful and proportionate. Any covert surveillance should be limited in time and purpose and deal with a specific problem rather than be ongoing.
Where surveillance is installed by third parties, providers should consider whether the surveillance is unreasonably intruding on their privacy. This must be properly assessed, with appropriate records kept, and the service user should not suffer any detriment of care if such surveillance has been used by their relatives without the provider’s knowledge. If providers are concerned about intrusions on privacy it would never be appropriate to deliberately damage a surveillance device or deliberately delete information recorded by it.
Indeed, doing so would probably amount to a criminal offence. However, switching a camera off, providing the appropriate assessment has been done, or removing it for safe-keeping and returning it to its owner would not be (although providers should think carefully before switching a device off as this could create an impression that there was something illicit going on at the service that they wished to cover up).
CQC emphasises that it would be concerned by an ‘over-reliance’ on surveillance to deliver key elements of care. It states that surveillance can never replace trained and well-supported staff. Providers should also bear in mind that surveillance can have a negative impact on the bond of trust between employers and their staff or between service users and staff.
Problems with CQC’s information
CQC refrains from going into much detail about the relevant legislation. For example, while it stresses that providers should comply with the Regulation of Investigatory Powers Act 2000, it provides no further information about this. Moreover, it gives very few ex-amples about how to put the key points into effect.
Ridouts’ position is that if surveillance is to be used it should be overt rather than covert. We would also advise you to seek legal advice if considering the use of any form of surveillance given the number of legal issues that will need to be considered in any situation where surveillance is being used.
CQC published a separate guidance document in February 2015 for service users and their families on surveillance. It will be publishing new guidance on surveillance in spring 2015. We would advise providers to review this guidance when it is published.
- Using surveillance: information for providers of health and social care on using surveillance to monitor services, CQC, 2014: http://bit.ly/CQCUsingSurveillance.
Use the following items in the Toolkit to help you to put the ideas in this article into practice:
About the author
Joanna Dirmikis is a barrister, and works for Ridouts solicitors in London.