Common use of Regulation of Investigatory Powers (Scotland) Act 2000 Clause in Contracts

Regulation of Investigatory Powers (Scotland) Act 2000. 6.6.1 The use of covert surveillance or covert human intelligence sources (CHIS) by public authorities in Scotland is strictly controlled by the provisions of Regulation of Investigatory Powers (Scotland) Act 2000 (RIP(S)A). The Common Services Agency is a named authority under RIP(S)A. Director of P&CFS and the Head of CFS may authorise directed surveillance and the use of CHIS’s in respect of activities affecting NHS Scotland. (See HDL (2003) 30 Regulation of Investigatory Powers (Scotland) Act 2000), CEL 40 (2010) Regulation of Investigatory Powers (Scotland) Act 2000 and SSI 2014/339 the Regulation of Investigatory Powers (Authorisation of CHIS) (Scotland) Order 2014). 6.6.2 Pursuant to and in terms of HDL (2003) 30 all cases of potential fraud against NHS Scotland (as listed in Appendix IV) must be referred to CFS. Where appropriate, CFS will authorise and conduct directed surveillance and the use of CHIS on behalf of Health Boards. 6.6.3 On the grounds of the health and safety of its employees and its duty of care for any CHIS, should CFS require to use its powers under RIP(S)A, it will not inform the relevant Health Board until after the directed surveillance, or covert human intelligence source work, has been completed. The exceptions would be where covert surveillance equipment requires to be installed or where CCTV is being utilised for the purpose of a specific investigation, in such a manner likely to result in the obtaining of private information about a person and otherwise than by way of an immediate response to events or circumstances, which would be done with the cooperation of the FLO. 6.6.4 Where Health Boards are considering the use of directed surveillance or the use of CHIS in cases which do not involve fraud (falling out-with the remit of CFS) in respect of public safety or the prevention of disorder, or for the purposes of protecting public health, then they should contact the appropriate public body as outlined in HDL (2003)

Regulation of Investigatory Powers (Scotland) Act 2000. 6.6.1 The use of covert surveillance or covert human intelligence sources (CHIS) by public authorities in Scotland is strictly controlled by the provisions of Regulation of Investigatory Powers (Scotland) Act 2000 (RIP(S)A). The Common Services Agency is a named authority under RIP(S)A. Director of P&CFS and the Head of CFS may authorise directed surveillance and the use of CHIS’s in respect of activities affecting NHS Scotland. (See HDL (2003) 30 Regulation of Investigatory Powers (Scotland) Act 2000), CEL 40 (2010) Regulation of Investigatory Powers (Scotland) Act 2000 and SSI 2014/339 the Regulation of Investigatory Powers (Authorisation of CHIS) (Scotland) Order 2014). 6.6.2 Pursuant to and in terms of HDL (2003) 30 all cases of potential fraud against NHS Scotland (as listed in Appendix IVII – Fraud Offences) must be referred to CFS. Where appropriate, CFS will authorise and conduct directed surveillance and the use of CHIS on behalf of Health Boards. 6.6.3 On the grounds of the health and safety of its employees and its duty of care for any CHIS, should CFS require to use its powers under RIP(S)A, it will not inform the relevant Health Board until after the directed surveillance, or covert human intelligence source work, has been completed. The exceptions would be where covert surveillance equipment requires to be installed or where CCTV is being utilised for the purpose of a specific investigation, in such a manner likely to result in the obtaining of private information about a person and otherwise than by way of an immediate response to events or circumstances, which would be done with the cooperation of the FLO. 6.6.4 Where Health Boards are considering the use of directed surveillance or the use of CHIS in cases which do not involve fraud (falling out-with outwith the remit of CFS) in respect of public safety or the prevention of disorder, or for the purposes of protecting public health, then they should contact the appropriate public body as outlined in HDL (2003) 30. This will normally be Police Scotland. However, CFS may be able to assist the relevant Health Board in certain instances (for example where there has been a theft of property). 6.6.5 CFS has a website to assist health boards, in addition to allowing referrals to be made. Health Boards should consult their Data Protection Officer to ensure that all surveillance (including CCTV and monitoring of employee emails/internet usage) and other activities, is carried out in accordance with Data Protection Legislation and all relevant Codes of Practice.