Iestyn David is our Head of Licensing and Service Delivery. Here, he writes about our work to make sure that licences end up in responsible hands.
The SIA doesn’t just grant licences – although last year we granted 160,000. We make sure that only the right people hold an SIA licence. That means we refuse licence applications and revoke licences from those who are not fit to carry out the important role of protecting the public. It’s a key responsibility that we have as the regulator of the private security industry.
Our work to safeguard the integrity of the SIA licence begins with the application process. Our checks are thorough; last year we refused 1,362 licence applications for reasons such as criminality, or not having the right to work in the UK.
We won’t hesitate to remove licences from licence-holders who fail to live up to the standards required of them. Last year we suspended 917 licences and revoked 1,049 licences. Maintaining trust in the SIA licence is a top priority that involves teams across the SIA, from our Legal and Criminal Investigations teams to our Decisions officers and Intelligence staff.
We have close ties with police forces throughout the UK. They provide us with valuable intelligence relating to licence-holders or applicants involved in criminality. Our Intelligence team gathers relevant information and passes it to our Integrity team for detailed assessment, which may lead to us deciding to suspend or revoke a licence. This information can also come in from employers or members of the public via the ‘Report a Crime or Concern’ page on our website.
Our Inspections and Enforcement teams conduct enforcement operations across the UK with the police, local authorities and other government agencies. These operations may be conducted because of something we have been told (intelligence-led), or they may be random inspections to check compliance in a particular area.
We regularly prosecute those who commit offences under the Private Security Industry Act 2001. This is the Act of Parliament that established the SIA. It created several new offences, which include contravening licence conditions (you can see a full list of offences under the Act here). Last year we brought 39 prosecutions against individuals and businesses who chose to operate illegally.
We also prosecute for offences that could have a detrimental impact on the private security industry. These include fraud, forgery and counterfeiting in cases where people use forged or cloned licences. At the end of November 2022 our Criminal Investigations team had 119 open investigations, as you can see in our monthly SIA Enforcement Report.
We take our licensing responsibilities very seriously. The safety and security of the public depends on a professional and well-regulated private security industry that everyone can trust.
John Sandlin leads the Security Industry Authority’s Compliance & Inspections teams. Here he talks about the additional work that Christmas brings as the night time economy gears up for the busiest time for bars, restaurants and entertainment venues.
John Sandlin leads the Security Industry Authority’s Compliance & Inspections teams. Here he talks about the additional work that Christmas brings as the night time economy gears up for the busiest time for bars, restaurants and entertainment venues.
When does planning for Christmas start? Pretty much as soon as we’ve drawn a breath from the summer events season which finishes around the end of September. Then we start thinking about Christmas. We look at what inspection activity we might want to do and consider requests from partners (such as police, local authorities, and the HMRC) to undertake operations to support their own objectives too. We draw on the huge amount of expertise across the team from colleagues who know the environment well and can help identify issues we need to consider.
London, UK – November 3 2022: Christmas lights in Oxford Street, view at night
So what issues do we need to consider? In the run up to Christmas there’s more footfall in venues. This creates an increased risk of harm to the public which in turn requires a bigger police presence supported by a larger private security resource. It’s the increased private security deployment that requires our involvement to make sure those working in licensable roles are complying with the necessary regulation.
Although there are variations across the UK, the police tend to focus on ensuring venues are licensed and adhere to the terms and conditions of that licence. This might cover maximum occupancy, fire controls, health and safety considerations and security provision. The police and local authorities are increasingly engaging with venues about protecting the vulnerable alongside checking venue licences. Actually, whenever they are out and about, most agencies talk about protecting the vulnerable as part of protecting the public.
Watch our ‘Helping people in vulnerable situations’ video here
How many of your team are involved in Christmas specific activity? It’s fair to say all teams are doing some form of activity that directly supports or is impacted by Christmas, so most team members will be involved in that.
As we speak there’s a multi agency operation in Belfast around the ‘ask Angela’ campaign. We’ll be undertaking licence checks, whilst supporting the initiative with messages about the campaign.
Manchester, United Kingdom – November 25, 2011 – Big wheel in the City center of Manchester with beautiful lights during christmas preparation
What additional activities do we deploy for Christmas, is it more of the same or different actions? We may undertake specific activities, especially if we have solid intelligence that provides a clear aim or benefit. However, Christmas is generally doing more of the same, but with a stronger focus on the night time economy. There’s a huge upshift in volumes and that’s the biggest difference. There’s still a need to continue with other work, for example we’re working in Oxford Street in London during the day, although, to be fair, that’s also connected to the increase in footfall in the run up to Christmas.
What do we do on the front line? It will depend on the site and any objectives for an operation. However, primarily we’re interested in compliance with the Private Security Industry Act. So, we’re mainly checking individuals are correctly licensed and ascertaining the businesses that operatives work for to build our understanding of the makeup of the local economy. This is especially useful when newly formed companies emerge. We’re also interested in in how labour is deployed and what the labour chain looks like; the more links in a labour chain, the higher the risk of noncompliance. We also check individuals’ employment status which helps identify possible exploitation. Where possible we push other messages and support campaigns to promote awareness and conversations across the industry.
How do security operatives and venues react to your teams’ presence? Mostly, we get a positive response. Generally, licence holders like to see us out checking licences as they don’t want rogue people in the industry. We occasionally meet one or two unlicensed operatives that may be a little reticent for want of a better word but using our skills we overcome those hurdles.
Do other agencies do similar tasks around Christmas? The Police and local authorities will be undertaking checks based around venue licensing and will want to assure themselves that venues are complying. Sometimes they may support us on our operations, it depends on specific operations, or sometimes the location. For example, I’d be fairly happy undertaking checks in Westminster without police support but wouldn’t want to do so in other areas without them. That goes not just for London, but anywhere else, you get a good feel for what risks maybe posed in undertaking checks without partners.
How much does the night time economy grow over the festive period? We always hear that businesses are at their busiest and it’s very true, there are more people in more venues over more nights of the week. There are additional Christmas get togethers with friends, socialising after work, organised office parties – it’s difficult to put a figure on, and it will vary from location to location, but it’s noticeably much busier. Let’s not forget this is the first Christmas without any COVID restrictions.
On top of venues being busier, there are additional entertainment venues and events to consider; pop up fairs, Christmas markets, ice rinks, entertainment offerings, temporary licensed premises.
How stable is resource in the night time economy? If more door supervisors are needed because a company has a shortfall, then most companies will contract in staff from another to match the demand. However, what sometimes happens is the supplying company will in turn go to another to fulfil the request. This is not a problem as such, but it is a concern. With each company’s loan of resource comes a charge. This can lead to a squeeze on profit margins which is where corners can be cut. When that happens to the risk of improper employment and unlicensed personnel can start to emerge.
How effective are the operations we undertake? Of course, we have limited resource and we can’t visit every venue. However, what we do has a definite ripple effect. When we’re in a large town or city, just by visiting a few premises, word gets around very quickly that we’re out and about undertaking checks and looking at licences. That has a great deterrent effect within the security community. So, we enlarge the size of our footprint. In addition, we work with colleagues in the Communications team to get the message out and again, this spreads across the community well.
What does it take to deploy an operation? That’s a good question; lots of work.
Before we set foot on the ground, we undertake pre-inspection activity. This could be meetings with partners, considering intelligence we or our partners have received and undertaking a recce in the locality. We then need to work up aims and objectives before putting an operational order together. Information needs to be created within our database (CRM). Risks also need to be considered and risk assessments completed. We also need to secure resource from across the team and make sure everyone is available for the operation. In addition to staff on the ground, we always have an operational control to assist with licence checks on the STeP database, as well as then inputting the checks onto CRM. This can be quite a laborious task, especially if there are a voluminous amount.
Any last words? The team are very committed. We have had a fair few new staff so as well as preparing and undertaking activities, experienced team members are also helping to train and guide their new colleagues in this crucial area of work. Everyone in the Compliance & Inspections team plays a part in what we do from the MST to the investigators themselves, supported by colleagues from other teams. The inspection activity being centred on the night time economy requires staff to work evenings and weekends to attend operations, which at this time of year means being out in the cold. I want to thank the teams, I appreciate everyone’s effort and support in keeping the public safe.
About the author
John Sandlin served for 30 years with the Metropolitan Police. He worked as an Investigating and Senior Investigating Officer for over 11 years investigating homicides and other serious crimes. He’s worked at the SIA since early 2015.
This month, one of our Criminal Investigations Managers, Nathan Salmon explains how the SIA uses the (Proceeds of Crime Act (2002) to recover the profits made from offending within the private security industry.
Our blog aims to discuss developments in the private security industry and to provide further insight and opinion on our work. We look forward to having an on-going discussion with you; share your comments and opinions.
__________
Over the last 12 years, the SIA has been investigating and prosecuting anyone who repeatedly shows that they do not care about being licensed or working within the law. Our Partnerships and Interventions department does this by encouraging those working in the private security industry to stay within the law (the Private Security Industry Act). You can find out more about our enforcement activity on our website.
The SIA licence is a way to safeguard the industry and general public, and it is our responsibility to make sure that only ‘fit and proper’ people work in the industry. Those who ignore us and disregard the importance of licensing could be barred from operating in private security and prosecuted.
We do not always prosecute but investigate and consider whether there are public safety risks or if we need to protect the integrity of the private security industry or our licensing system.
The Proceeds of Crime Act (POCA) and repeat offenders
In recent years, we noted that some security companies were being investigated repeatedly. We had to do something because we didn’t want businesses treating court fines as a type of tax where the level of profit for working outside the law is worth the potential penalties any judge or court may give.
In 2015, the government amended POCA to include to regulatory bodies like us and we applied to take advantage of these powers. POCA is a law that means any money made from criminal activity can be recovered. It is also used by the likes of local authorities, HMRC and the Police to name a few.
We started using POCA in November 2015 to financially investigate companies and individuals who make a profit from criminal activity in the private security industry. Since then, we have employed financial investigators. They are accredited to use POCA to investigate and confiscate assets.
A recent example of our use of POCA is the case of Billy Jones, a security director who continued to work despite having had his Security Industry Authority (SIA) licence revoked. He was ordered to pay £300,000 at Cardiff Crown Court, in April 2019. This kind of conviction removes the benefit of working outside the law in the private security industry.
How does the SIA use POCA?
Our Criminal Investigations Team, is part of our Partnerships and Interventions department and is responsible for the SIA’s criminal investigations. This includes Accredited Financial Investigators (AFIs) who are able to legally present financial information in court. AFI’s are unique and very important because they have the power to ask financial institutions for information and use this to build a clear picture of someone’s financial status.
There are currently two main ways that our AFI’s can use POCA:
Restraining assets
AFI’s can apply to the court to restrain the assets of people under financial investigation. This makes sure that the money or assets of anyone we are prosecuting cannot be sold or dissipated before a court case ends. For example, for someone who is being investigated, the amount they can withdraw from their bank account can be restricted and their assets frozen.
Confiscating assets
Once convicted, a court can order a person to pay an amount of money based on how much they made through criminal activity. If they fail to pay this money, they could end up in prison and when released they would still need to pay this amount. In some cases, life-changing amounts of money can be confiscated by the courts. How POCA figures are calculated is shaped by case law, meaning specific cases determine how the calculations should be applied. We’re really pleased to have contributed to this and case law specific to the security industry exists.
During POCA proceedings, the people we’re investigating may see their lifestyle change. Due to current case law and depending on the situation, how much we confiscate may be the entire value of a security contract and not just the profit. This is because the turnover from a security contract may be a significant figure, a business or person might have to pay back hundreds of thousands of pounds. Selling assets like houses, cars or investments, to pay back the proceeds of their crime may be required.
If you’re wondering where this money goes, most of it returns to the Treasury. A proportion is allocated to the investigating organisation, which we can use to fund future financial investigations. In practice, we get no more than 34%. The money can also be allocated towards good causes, and we are exploring opportunities that will benefit the private security industry.
What will the SIA do with POCA in the future?
Over the next few months, we want financial investigations to become increasingly a core part of the way we prosecute at the SIA. This is really important because it is how we can guarantee that criminal profits are not reinvested, into “phoenix” companies that are essentially the same companies with a different name that have been set up after a criminal conviction. Our ability to use POCA should act as a warning to businesses seeking to operate outside private security regulations – you risk not only your business, but potentially your personal assets as well.
We are making really good progress and the volume of criminal cases under consideration has never been higher. Our success with POCA strengthens our regulation of the private security and we will continue to work with Regional Asset Recovery Teams and Police partners so that those who want to profit from illegal and poor business practice are removed from the private security industry.
In the last months, two of our prosecutions cases have highlighted how we have tackled the fraudulent behaviour of some licence holders and the challenges we face.
This month, our Director of Partnerships and Interventions, Dave Humphries, discusses our counter fraud initiatives and the steps we took in these cases.
Our blog aims to discuss developments in the private security industry and to provide further insight and opinion about our work. We look forward to having an on-going discussion with you; please share your comments and opinions.
__________
Most licensing systems are based on a set of standards and for us at the SIA our system is designed to ensure only appropriate people are given the licence to operate. This involves a number of checks to prove identity that people have the relevant qualifications, checks on criminality and verifying that a person has the right to work in the United Kingdom. Most applicants provide the information we need to make a considered decision.
But what happens when someone knows they will not qualify for a licence, but is determined to get one? They may test the robustness of our checks and they may submit false documents to do so. We are constantly alert and we do all we can do to address specific threats.
One particular type of fraud that we face is identity theft. It is not the only category of fraud we have come across, but it was a feature in two recent cases.
These two recent investigations have involved fraudsters stealing the identities of others, but being prosecuted by the SIA for their actions. In both cases, the fraud involved not only an attempt to bypass our online licensing system, but the two individuals also tried to get around the requirement of proving their identity by taking on the full identity of another, to get an SIA licence.
The first fraudster was Moses Oshunkoya who knew the person whose identity he targeted. He used their personal information to the point that he was able to gain a passport under this new identity. Using this false identity Oshunkoya got as far as fraudulently gaining an SIA licence. Nonetheless, our investigation of him resulted in a criminal prosecution.
The second case was Kazeem Oladimeji who was more contrived in his approach. He sought out a former SIA licence holder no longer working within the industry. He adopted that identity by purchasing a fraudulent passport in the victim’s name. He changed the licence holder’s address, enabling Oladimeji to replace an SIA licence. Again, the outcome was a successful criminal prosecution.
Both examples show the real threat posed by identity theft. In both cases, the victims who had their identity stolen contacted us. Once we were aware, we investigated and prosecuted the offenders to ensure their fraudulent activity was brought to an end.
What are we doing to combat such activity?
Thankfully, processing changes in recent years have and will make future cases like this less likely. For example, we introduced personal online accounts which are password protected. This reduces the ability for fraudsters to engage with us without having access to the online accounts.
We have also made improvements to the way we verify documents. We have improved technology to better identify fraudulent identity documents. When we do find instances of fraud, we take robust action with our enforcement partners to ensure such documents are taken out of circulation. Finally, as these two cases highlight, we prosecute the fraudsters.
As the regulator of the private security industry, we play an important role in dealing with identify fraud and together with our partners, we take robust action to tackle such criminality.
Those working in the private security industry can support this by being our eyes and ears and reporting any fraud that they come across. As with other types of criminality within the security industry; if you suspect fraud please report online or contact Crimestoppers. Specific information and how the fraud was identified will enable us to take positive action.
Approved contractors currently using our Licence Assist service for more than six months now have the chance to move on to our Licence Management service.
This month Tony Holyland our Head of Quality & Standards talks about the ins and outs of our refreshed Licence Management service.
Our blog aims to discuss developments in the private security industry and to provide further insight and opinion on our work. We look forward to having an on-going discussion with you; please share your comments and opinions.
__________
I am pleased to share that our Licence Management service is now available to approved contractors who have been using the Licence Assist service for six months. Licence Management allows a business to manage the licence application process for its staff – just as people have been asking for.
In 2013, I joined the team that manages our Approved Contractor Scheme. Since then I’ve met a large number of people running businesses that are part of the scheme.
Many of you have told me that you would like to help your staff when they are applying for a licence, by being more involved in the licence application process. After all, it seems inefficient for a business to carry out the same checks that we do.
This new service gives security businesses the chance to be proactive and share responsibility in the licensing process. In essence, Licence Management allows us to work closely with approved contractors and make the process of getting a licence easier.
We have listened to the valuable feedback from our pilot exercise with nine approved contractors to inform and improve our service. For us, Licence Management has a strategic value that fits with how we drive business improvement via the ACS and how we seek to engage businesses using our licensing system.
We hope that the service will give us closer relationships with businesses and that this will help raise industry involvement in regulation.
What are the benefits of the Licence Management service?
If you don’t already know about our Licence Management service, it gives an approved contractor greater control over the licensing of its staff.
Similar to the Licence Assist service, Licence Management provides an approved contractor with the tools to enable them to manage employees’ licence applications online. To do this you will have had to have met certain criteria that are beyond the scope of the usual ACS requirements.
A significant benefit is that it enables an approved contractor to check and verify the identity documents of an applicant. This removes the need for a licence applicant to visit a post office and reduces the duplication of checks.
Other benefits include:
Online access to submit and manage licence applications for your workforce.
The ability for your business to update information e.g. Individual’s details directly onto the system.
The ability to assist licence applicants through the licensing process making your business more attractive to applicants.
Saving time, cost and reducing the risk of document loss as the need to send valuable documents to us is removed in most cases.
Receiving real-time alerts of revoked or suspended licences, when a licence is due for renewal and other relevant updates.
The ability to pay for a single – and multiple applications – online and by direct debit.
It is important to mention that all approved contractors using the Licence Management service are required to have Cyber Essentials Plus certification (or equivalent standard). This is a government scheme designed to verify implementation of a set of basic technical controls to help organisations protect themselves against common, online security threats and is in line with data protection legislation.
We have also developed a comprehensive library of resources available on our website here. This will provide additional information and guidance which includes:
The approved contractor scheme application form
Licence Management service customer journey
Code of Connection
Code of Connection guidance
Licence Management Partnership Agreement
Licence Management Operating Manual
The entire process from application to decision should take between three and six months.
I think that Licence Management is a significant step forward for both the industry and the SIA.
This initiative will strengthen our overall approach to driving up the quality and operational efficiency of businesses.
If you would like to know more, please send us a message through your SIA online business account using the phrase: “Tell me about Licence Management” and include a contact number.
This month Peter Selwyn Smith our stakeholder manager talks about our recent Manchester open day on 4 July.
Our blog aims to discuss developments in the private security industry and to provide further insight and opinion on our work. We look forward to having an on-going discussion with you; please share your comments and opinions.
__________
The opportunity to meet with people in the industry and learn more about their experiences and priorities, is something we value enormously.
The Manchester open day, at the Crowne Plaza, on 4 July was designed to create a space for people to meet and have a conversation with us and where possible for us to resolve any issues and concerns. The format of the day was similar to the London event we held last year with the London Night Czar Amy Lame.
At the Manchester event, our licensing experts were on-hand to provide one-to-one help and support to people renewing or applying for a licence. We also had experts from across the rest of the organisation; from our Training, Quality and Standards team, Partnerships & Interventions North team and our Stakeholder Engagement team.
The day started with a session run by our Director of Partnerships & Interventions, Dave Humphries. He first gave an overview of our key priorities for the next twelve months which included:
How our licensing system is working well
The completion of the review of the Approved Contractor Scheme
An upcoming review of the licence-linked qualifications
Enforcement activity we undertake to prevent continued lawbreaking.
After a few hours, the event came to life. Some of those attending took the chance to talk with our SIA staff including our Chair, Liz France.
Our partnerships and interventions team, based in the North, also spoke to businesses about initiatives in the region. They discussed how they are dealing with those businesses who don’t comply with regulation. The importance of telling us about any non-compliant businesses in the region, also came up in conversations with delegates.
Our customer support and decisions teams held one-to-one sessions with individuals and businesses, and anyone who needed help with their applications was able to speak to a specialist immediately.
It was clear that people had given up their time and, in some cases, travelled a long distance to talk to us about their needs. For our staff, who were able to help most of the people who came, it was satisfying to see people go home happy.
We met an applicant who did not understand why his application was being held up. Our decisions manager explained the situation was due to a more complex than usual set of circumstances. Before he left, he said he felt reassured that we had not forgotten about his application, understood the situation and was now confident it would be dealt with soon.
Another applicant whom we met had mistyped their name when applying. This meant our system couldn’t find and match his online account to his existing licence, holding up his application. Our customer support experts were able to deal with this quickly as he had ID to show that his licence was linked to him. As a result, his application was able to progress there and then.
We also met with an existing licence holder about our decision to suspend his licence. He brought his employer and a friend along and we spoke with them all to explain the reasons for our decision.
On the day, the training, quality and standards team spoke to a number of businesses. They came to the event to find out more about the Approved Contractor Scheme, whether it would be right for their company and what the application process involves.
All in all, it was a valuable, lively day. The feedback we received from the event was very positive. Some of the comments include:
‘Very pleased with the service and the staff were very friendly’
‘I commend the SIA for taking the initiative to do these workshops well done’
‘Useful information gleaned from each session’
It was good to see the clear difference the day made to the individuals and businesses who came along. On the day, 13 licences were granted and several more licence applications progressed to the next stage.
We would like to thank all those who came along as we know how precious your time is. We have already begun planning the next open day and will be canvassing views on what people would find most useful. We hope to be in Birmingham in the autumn. Do look out for more details on our website, in our newsletters and on our social media channels.z
This month our chief executive talks about the Home Office’s review of the SIA. He discusses the important role the private security industry plays in public safety.
This blog exists to discuss developments in the private security industry and to provide further insight and opinion on our work. Please share your comments and opinions and engage in an on-going discussion with us.
__________
On the 7th June the Home Office published the tailored review (formerly known as a triennial review) for the SIA. You can find it here.
For a number of reasons the review has been a long time coming. But now it is here, we welcome its publication and the important contribution the private security industry has made to its recommendations.
The private security industry is a thriving sector covering a range of services, many of which have a direct bearing on public safety. We are all used to seeing private security operatives in our everyday lives in shopping centres, pubs, leisure facilities, industrial settings and at events.
The review recognises the vital role the private security industry plays in public protection and national security. It also affirms that there is a clear need for regulation in the industry. The review acknowledges the role of the SIA in raising standards and our contribution to safeguarding, public protection and national security.
Many of the recommendations of this review reflect the SIA’s published priorities, some of which we are already delivering successfully. For example, we continue to focus on further reducing violence and criminality. As part our drive to improve standards and strengthen the Approved Contractor Scheme (ACS) we have recently completed a comprehensive review of the ACS. The outcomes of this review will be implemented in the spring of 2019.
Going forward we will be reviewing the qualifications and training of those working in the industry to further improve knowledge and skills to facilitate even more effective protection of the public.
The heightened security threats from terrorism in recent years have served to bring a sharper focus on the role that private security can play and whether its capabilities are being used by the state to the fullest potential.
We have been facilitating greater collaboration between the counter terrorism (CT) law enforcement community and the large numbers of security operatives in areas such as door supervision, guarding and CCTV. We are also exploring with the CT community how the private security industry can be better equipped with knowledge and skills to reduce the threat to the public from a terrorist attack.
A key part of our plan remains the delivery of excellent services at the lowest possible cost. We strive to keep fees for those we regulate as low as possible and have reduced our costs by 27% since 2010. Further efficiencies have enabled us to keep the licence fee at £220 over the last six years, despite costs rising with inflation. We have recently moved to a joint Government Hub and will continue to seek efficiencies. We are currently working with the Home Office to review fee levels.
We are aligned with the review in continuing to take an even more risk-based approach to regulation with a sharper focus on non-compliant individuals and businesses, placing less of a regulatory burden where standards have been met or exceeded.
We will work with the Home Office and Devolved Administrations to implement all parts of this review that the Government wishes to take forward. We also stand ready to take on any additional areas of regulation, should the Government ask us to do so.
Ultimately our work is dependent on partnership not just with the police and other public bodies, but with the industry itself. We seek, and continue to benefit from, the support and cooperation of those working in the private security industry and our many partners to provide effective regulation. We are grateful for that support and cooperation.
As we look to the future we look forward to continuing to work with the private security industry and our partners to deliver high quality regulation and public protection.
This month we are relaunching our corporate blog. We have launched our corporate blog to discuss developments in the private security industry and to provide further insight and opinion on our work.
To kick-start our blog again, our Chair, Elizabeth France, is talking about the upcoming changes to data protection law and opportunity this gives the private security industry.
We hope you will engage in an on-going discussion with us; provide comments and share your opinions.
__________
Tomorrow (Friday 25 May), the General Data Protection Regulation (GDPR) comes into force; it is the first time in 20 years that this legislation has been updated. The principles will be familiar to those of you who were complying with the 1998 Act but it recognises the increased damage which can be done, with the changes in technology, when personal information is not processed as it should be.
You all have your personal data processed by others. If we are processing information about you then I want you to have confidence that we are doing so in accordance with the law. We have been working hard to make the changes necessary to ensure you know what we do with your information. We are ready to deal with any requests for that information (the time scales for meeting individual subject access requests are tighter under the new law), we have provided training for all our staff and we have appointed a Data Protection Officer, whose details are on our website.
If you process information about individuals, perhaps as a security industry employer, what have you done? If you are a small business the changes you have to make may not be huge If you were complying fully with the 1998 Act. What should you do? My suggestion would be that you go to the Information Commissioner’s website www.ico.org.uk) and start by looking at the helpful guidance: Preparing for the GDPR: 12 steps to take now.
Have you got a lawful basis for processing the personal data you hold? Who in your organisation is responsible for your compliance? Did you know that fines for breaches can now be up to 20,000,000 Euros or 4% of turnover?
Data protection rules can sometimes be used as an excuse for not thinking about how we manage information; it is easier to say we cannot share for example, than to consider how we might do so lawfully. This is an opportunity for us all to take stock. To think about what we hold and why we need to keep it, to make sure we have told those whose information we collect just what we are doing with it.
If you have queries or concerns about the way we are processing personal data, please let us know and our privacy notice is available here for your use. As a Regulator we are well aware that there are many of you who have to give us the information we ask for; you have no choice. That places a particular obligation on us to earn your confidence, and to show not just compliance with the letter of the law but a respect for the information you entrust to us.
Security Industry Authority Blog 