What's the maximum video retention allowed under GDPR?

GDPR doesn't specify a maximum, but the principle of data minimization suggests you should not keep footage longer than necessary. Most EU organizations use 7-30 days for public areas. Banks and public security may use longer periods with business justification. Italy's Garante requires max 7 days for most cases, max 24 hours for banking.

Can I place cameras in employee areas under GDPR?

Yes, but only if there's a legitimate business purpose (security, loss prevention). You cannot monitor restrooms, changing rooms, or medical facilities. Employees must be informed via signage and privacy policies. Retention should be minimal (7-14 days for most cases).

How does HIPAA affect security camera design?

HIPAA requires: (1) no cameras in patient care areas, restrooms, or private spaces; (2) secure network isolation if cameras access patient networks; (3) audit logs for all access to video; (4) minimum 6-year retention for evidence; (5) encryption of stored and transmitted video if it contains PHI.

규정 준수 · CCTV 플래너

규제 검증을 거친 보안 시스템 설계

GDPR, HIPAA, PCI-DSS, NDAA 및 지역별 규정 준수 요건에 맞춰 보안 설계를 검증하세요. 카메라 배치, 보존 정책, 장비 제한 및 네트워크 아키텍처를 자동으로 점검합니다.

6가지 기능 · 규정 준수 F IR ST

완벽한 규정 준수 검증

Multi-Region Standards

Support for GDPR (EU), HIPAA (US Healthcare), PCI-DSS (Payment Systems), ISO 27001, and industry-specific regulations.

Data Retention Validation

Automatic checking of video retention periods against regulatory minimums and maximums. Alert when retention violates compliance.

Camera Restrictions

Validate camera placement against privacy laws: no restrooms, changing rooms, medical procedures. Different rules per region.

Network Architecture

Ensure VLAN segmentation, firewall rules, and network isolation meet compliance requirements for data protection and access control.

Equipment Restrictions

Validate that equipment (cameras, NVRs) meets NDAA, sanctions, and government procurement restrictions by region.

Audit & Documentation

Generate compliance reports, equipment certifications, and design documentation for audits and client presentations.

지원 프레임워크

당사가 지원하는 규정 준수 기준

GDPR (EU)

General Data Protection Regulation: video retention, consent, right to privacy. Max retention 30 days for most cases.

HIPAA (US)

Healthcare compliance: secure camera placement, network isolation, audit trails, and 6-year minimum retention for PHI.

PCI-DSS (Payment)

Payment Card Security: camera coverage of payment terminals, 1-year retention, quarterly compliance checks.

ISO 27001

Information Security: risk assessment, access controls, network segmentation, and incident response documentation.

NDAA Compliance

US Government: equipment restrictions on Huawei, ZTE, and other sanctioned manufacturers for federal projects.

Industry-Specific

Education, Transportation, Finance, Healthcare, Government: unique requirements per vertical and jurisdiction.

규정을 준수하는 보안 시스템 설계를 시작하세요

지역 및 규정 준수 요건을 선택하세요. 설계 단계에서 실시간으로 검증을 받으세요. 감사 및 고객 프레젠테이션을 위한 규정 준수 보고서를 생성하세요.