VISITOR MANAGEMENT
Traditional visitor books were designed for a safety culture that no longer exists
​
VisiPoint visitor management system is a self-service, sign-in solution that complements your organisation's reception. It provides best-in-class site security, visitor tracking, ID management and reporting.
VISIPOINT
VisiPoint is a visitor management system that replaces the old-fashioned visitor book used at reception. It streamlines the sign-in process and allows your organisation to present a modern and professional image. It also offers staff sign-in functionality and contractor management, so you can profit from an all-in-one reception management system.
Is your Visitor Management System GDPR-compliant?
​
So making sure you'RE fully GDPR-compliant is not a small task. Making sure any visible part of your operations is not exposed to the new data privacy regulation is not easy, so have the thought of your visitor management system?
Do you have an auditor? have they discussed your GDPR compliance? Is your visitor management system compliant?
In short, GDPR stands for General Data Protection Regulation -this is a game-changing regulation adopted by the European Union that will take effect in May 2018.
What does this mean for me?
-
It aims to strengthen the rights of individuals regarding the handling and processing of their personal data while ensuring free flow of data in the EU digital single market
-
Builds on the existing legislation, but also amps up the role of several concepts such as consent, deletion period, etc.
-
It also introduces hefty fines of up to 4% of the annual turnover of organizations that fail to comply
-
It applies to any organization based in the EU but also any organization that processes data of EU customers (data subjects)
​
Visitor tracking, ID management and reporting.
VisiPoint visitor management system is a self-service, sign-in solution that complements your organisation’s reception. It provides best-in-class site security, visitor tracking, ID management and reporting.
-
Fail to provide an instant list of who is signed in
-
Are old-fashioned and inefficient
-
Store the information captured insecurely
-
Fall short of giving your visitors a good first impression
-
Difficult and time-consuming to pinpoint visitor history
-
Equips you with a real-time list of everyone signed in
-
Stores data and visitor history securely in the cloud
-
Delivers an outstanding visitor experience
-
Complies with GDPR
-
Provides a paperless entry process
-
HD CCTVClosed-circuit television is essential if you're serious about protecting your people, premises and property. CCTV has seen incredible advances in recent years, transforming its capability out of all recognition. These advances significantly improve security performance and vastly reduce installation and maintenance costs. High Definition cameras with up to 30 megapixel (7k) Wireless networking capability to link cameras to controllers and recording devices Improved image compression to reduce storage costs AI Artificial Intelligence is helping reduce crime, retrieving complex information in minutes or even seconds IP NRG design, install and maintain CCTV solutions that are fit for the purpose you intend. Based in Kent, we have a network of engineers across the UK. We offer moderate or high-end state of the art solution to fit all budgets using only the latest advanced systems. Our solutions are only specified after we have fully determined your needs with a thorough Security Risk Assessment. CCTV is the core element of an integrated system and can be integrated with access control, intruder alarms and fire systems. Whatever your application, and wherever your location. IP NRG has the field knowledge of CCTV solutions provide outstanding performance and value to help you achieve your security objectives.
-
1) Do you only collect client data that you absolutely need? (data minimization)Article 54 of GDPR provides: Personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. What this means for your video management: Any data you collect needs to pass the test of asking yourself whether there is a way to achieve the purpose without collecting the data. Even better, if you can tailor the check-in process to different profiles of visitors, you can ensure that you always only ask for the information you absolutely need.
-
2) When collecting your visitor data, do you ask their permission (consent) and explain how you will use it?Para. 32 of the preamble and Article 4 (11) of GDRP: Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of agreement to the processing of personal data. What this means for your video management: You need to be able to demonstrate that your visitors explicitly agreed to the processing of their data for specific purposes. Again, this can be achieved by allowing them to confirm reading the privacy policy, or by offering a toggle switch by which they allow you to store their data on your video management.
-
3) If one of your visitors changes their mind and no longer wants you to keep their data, is this easy to undo?Article 7 of GDPR: The data subject shall have the right to withdraw his or her consent at any time. What this means for your video management: Your organization needs to allow visitors to say at any point that they no longer want you to store their visit data and revoking consent to store their data should be as easy as giving it. You will find that the GDPR-compliant video management offers this by way of a toggle that allows visitors to change their mind during their subsequent visits.
-
4) Do you store visit details for no longer than what is needed?Article 5 of GDPR: Data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed. What this means for your video management: One way to tackle the question of data retention a.k.a. 'right to be forgotten' is to allow bulk selection and deletion of visits in the dashboard. A more elegant solution for this is automatic deletion after a specified number of days. Ideally, your video management will either have this feature or be built to easily integrate it in the near future.
-
5) Did you sign a Data Processing Agreement?Article 28 of GDPR: The controller shall use only processors [vendors] providing sufficient guarantees to implement appropriate technical measures in such a manner that processing will meet the requirements of this Regulation. What this means for your video management: Your video management provider must provide assurances that they comply with the GDPR stipulations in all applicable aspects detailed in Article 28, as well as the related provisions of articles 32 to 36. In practice, this implies that you have a binding written agreement, also called a Data Processing Agreement ("DPA") in place, ensuring a strict level of safety and security of the personal data processed on your behalf.
-
6) Did you appoint a Data Protection Officer?Article 37 of GDPR: The processor and the controller shall designate a data protection officer [in specific circumstances]. What this means for your video management: In case you or your visitor check-in system vendor have as their core activities processing operations which require regular and systematic monitoring of data subjects on a large scale, both you and your service provider/visitor check-in system vendor need to designate a DPO - Data Protection Officer. This is a person that has to carry out the tasks of informing and advising the company and its employees, monitor compliance with GDPR and other related laws, and act as a contact point with the supervisory authority in each Member state.
-
7) Do you know if your vendor has put in place a data breach notification plan?Article 33 of GDPR: The processor shall notify the controller without undue delay after becoming aware of a personal data breach. What this means for your video management: A reliable video management provider will have fast, foolproof and clear notification system in case any of your visitors data is accessed unauthorizedly by a third party. As a controller you have limited time to notify the supervisory authority in this event, hence, the processor that is equipped to deal with this is an important part of the puzzle. If you want to know how we can help you with your visitor management system have a look at Visipoint and see how it can help you.