What's the maximum video retention allowed under GDPR?

GDPR doesn't specify a maximum, but the principle of data minimization suggests you should not keep footage longer than necessary. Most EU organizations use 7-30 days for public areas. Banks and public security may use longer periods with business justification. Italy's Garante requires max 7 days for most cases, max 24 hours for banking.

Can I place cameras in employee areas under GDPR?

Yes, but only if there's a legitimate business purpose (security, loss prevention). You cannot monitor restrooms, changing rooms, or medical facilities. Employees must be informed via signage and privacy policies. Retention should be minimal (7-14 days for most cases).

How does HIPAA affect security camera design?

HIPAA requires: (1) no cameras in patient care areas, restrooms, or private spaces; (2) secure network isolation if cameras access patient networks; (3) audit logs for all access to video; (4) minimum 6-year retention for evidence; (5) encryption of stored and transmitted video if it contains PHI.

コンプライアンス · CCTVプランナー

規制当局の承認を得たセキュリティシステムの設計

セキュリティ設計をGDPR 、HIPAA、PCI-DSS、 NDAA 、および地域ごとのコンプライアンス要件に照らして検証します。カメラの設置場所、データ保持ポリシー、機器の制限、ネットワークアーキテクチャを自動的にチェックします。

6つの機能 · コンプライアンスIR ST

コンプライアンス検証を完了する

Multi-Region Standards

Support for GDPR (EU), HIPAA (US Healthcare), PCI-DSS (Payment Systems), ISO 27001, and industry-specific regulations.

Data Retention Validation

Automatic checking of video retention periods against regulatory minimums and maximums. Alert when retention violates compliance.

Camera Restrictions

Validate camera placement against privacy laws: no restrooms, changing rooms, medical procedures. Different rules per region.

Network Architecture

Ensure VLAN segmentation, firewall rules, and network isolation meet compliance requirements for data protection and access control.

Equipment Restrictions

Validate that equipment (cameras, NVRs) meets NDAA, sanctions, and government procurement restrictions by region.

Audit & Documentation

Generate compliance reports, equipment certifications, and design documentation for audits and client presentations.

サポートされているフレームワーク

当社がサポートするコンプライアンス基準

GDPR (EU)

General Data Protection Regulation: video retention, consent, right to privacy. Max retention 30 days for most cases.

HIPAA (US)

Healthcare compliance: secure camera placement, network isolation, audit trails, and 6-year minimum retention for PHI.

PCI-DSS (Payment)

Payment Card Security: camera coverage of payment terminals, 1-year retention, quarterly compliance checks.

ISO 27001

Information Security: risk assessment, access controls, network segmentation, and incident response documentation.

NDAA Compliance

US Government: equipment restrictions on Huawei, ZTE, and other sanctioned manufacturers for federal projects.

Industry-Specific

Education, Transportation, Finance, Healthcare, Government: unique requirements per vertical and jurisdiction.

準拠したセキュリティシステムの設計を開始しましょう

地域とコンプライアンス要件を選択してください。設計と同時にリアルタイムで検証結果が得られます。監査や顧客プレゼンテーション用のコンプライアンスレポートを作成できます。