CCPA (California Consumer Privacy Act) and BIPA (Biometric Information Privacy Act) are two recent laws (BIPA actually goes back to 2008) that put restrictions on what type of consumer information a company can collect.
In this article, we’ll give some background on each law, how to be compliant, and then discuss how they relate to companies that want to use security cameras at their office locations within California or Illinois.
CCPA is one of the latest consumer privacy laws that has recently been passed and shares many similarities to the EU’s GDPR. It was passed in 2018 and officially went into effect on January 1st, 2020, although California won’t start enforcing (imposing fines) the law until July 1st, 2020.
In simple terms, companies must notify users if they intend to monetize their data and also give consumers (California residents) the right to opt out of that monetization. Below are the basic intentions of the act for consumers.
This law generally applies to any company that exceeds one of the below thresholds:
Starting in July 2020, violations can start being assessed with fines.
So how does CCPA relate to video surveillance tools? While a vendor like Rhombus might not be the intended target of CCPA, many of our customers fall under its regulations which means our solution would fall under the regulations as well.
The most applicable part of CCPA with regards to video security is generally anything to do with facial recognition. Facial recognition is considered personal data and in order to make sure our customers stay compliant with CCPA, we will be giving them tools to handle consumer requests before July 1st, 2020.
These tools will include the ability to give a full report on all data our system has about the consumer that has requested their information. It will also give customers the ability to “forget” a specific person in the case that someone asks to delete all information about them. This “forget” ability will delete all associated face images and identifiers.
We will also give our customers data broker agreements so they can see exactly how we handle customer data and know exactly the steps they have to take with us in order to stay compliant with CCPA and their consumers.
Our team is constantly staying on top of the laws so that as they become further defined, we will continue to do everything we necessary to ensure our customers stay compliant to these regulations.
BIPA pertains to Illinois and applies to companies that collect and store biometric information (including fingerprints, voiceprints, and scans of the hand or face geometry). The requirements for those companies include:
BIPA applies to all “private entities” defined to include individuals, partnership, corporation, limited liability company, or other group.
For video security, BIPA really only applies to facial recognition and it’s fairly cut and dry in that respect. If you are going to deploy facial recognition for any purpose, then you need consent from anyone the cameras might identify.
Given the challenges with getting consent from everyone (unless you run some type of locked down facility), it’s usually a best practice to not deploy facial recognition in Illinois due to BIPA.
Within Rhombus, it’s a simple setting to enable or disable facial recognition for a specific camera.
If you’re a company with a presence in California or Illinois and want to use video security, then it’s important to choose a video security vendor that will help you fully comply with CCPA and/or BIPA to reduce any potential liability exposure. You will want to choose a vendor that understands these regulations and provides you with the necessary tools to be compliant with these regulations. If you have any questions or would like to learn more about ensuring CCPA and BIPA compliance with video security, please reach out to firstname.lastname@example.org
Organizations in every industry use video surveillance to make decisions that affect the safety of their facilities, employees, visitors, and more. If you use IP security cameras for live monitoring, it’s especially important that footage has low latency and it is as accurate and up to date as possible. But what is considered ‘good’ or ‘bad’ latency when it comes to video surveillance? How does being in ‘the cloud’ affect it? This post will explore the differences between low latency, ultra-low latency, and real-time streaming. We’ll talk about what you actually need for your video security system, and how you can achieve ultra-low latency and real-time streaming.
Many HIPAA-compliant organizations wonder how video surveillance fits into their security solution. Security cameras help hospitals, pharmacies, clinics, labs, rehab centers, and other healthcare organizations secure their facilities and protect patients and employees. However, it’s crucial to maintain HIPAA compliance to protect Personal Health Information (PHI) while using a video security solution. In this article, you’ll learn how to use security cameras in a HIPAA-compliant way, and how you can use video surveillance to strengthen overall HIPAA compliance throughout your entire organization.
In a healthcare environment, you need security solutions you can rely on long-term. That's why many hospitals, pharmacies, clinics, labs, rehab centers, and other healthcare facilities are future-proofing their video surveillance systems by moving to the cloud. With cloud video security, you can modernize and future-proof safety by automatically keeping cybersecurity up to date, supporting flexibility and growth with an integration-friendly platform, and by unifying physical security to save time and resources on a daily basis.