Search - National Standard Microsite

This document covers digital multimedia, inclusive of picture, video and audio in the proper capture and handling of digital data for police applications. This represents best practice to benefit the Police Service and Criminal Justice System (CJS).

Following the process set out within this document helps enhance the integrity of proper evidential gathering processes whilst reducing the risk of malicious manipulation. 

This document contains the National Incident Category List (NICL) and the principles, guidance and definitions for the National Standard for Incident Recording (NSIR). NSIR was introduced to replace the wide variety of incident recording (and non-recording) that differed from force to force so that common understanding and recording practices would result in effective data provision and use. NSIR now supports effective recording of over 80% of calls 
for service, ranging from messages to major incidents. 

The NPIA conducted a full review of NSIR in 2009 on behalf of ACPO. This review recommended that NSIR was rationalised and simplified. The NPIA, working closely with the Home Office and Her Majesty’s Inspectorate of Constabulary (HMIC), have moved the focus of NSIR from incident recording to risk 
assessment at the front end of service delivery. This aims to support improved identification and management of risks, threats to safety, vulnerability and repeat victims, particularly in relation to anti-social behaviour (ASB). 

This document was reviewed by the National Standard Assurance Board in September 2021 and was found to be the most up to date document available, still supported by the NPCC

ALGO-CARE has been created for policing to use as a decision-making framework for the deployment of algorithmic assessment tools in the policing context. This helps translate key public law and human rights principles into practical considerations and guidance that can be addressed by public sector bodies. Concerns around transparency and accountability cannot be addressed by a one-size-fits-all approach. The factors identified by Algo-care necessitate the careful drafting of procurement contracts with third party software suppliers to require disclosure of algorithmic workings in a way that would facilitate investigation.

ALGO-CARE is endorsed by the NPCC Business Change Council and the NPCC lead for Data Analytics. This was reviewed in September 2021 and found to still be current.

The Digital Case File national programme has established standards for how a case file is built and sent to the Crown Prosecution Service through collaboration with suppliers and police forces. 

This programme works with a number of organisations, such as the CPS, law enforcement agencies and suppliers to produce a set of standards, which suppliers can then use to produce compatible solutions, allowing law enforcement agencies to send case files digitally to CPS . This is the national standard required for any technical digital case file solution.

This DCF programme is being implemented in police forces now and the attached documents liable to be updated as it progresses.

The National Standards Assurance Board notes that the branding is CGI on the standards as this is reflective of their work in writing them, but this has been in partnership with policing who own and continue to contribute towards them.

These Digical Processing Notices (DPN) provide the basis for the minimum recommended level of information to be both captured and provided to victims, witnesses and suspects by police forces. These forms replace those issued in 2019, to better implement the principles set out in the 2020 Bater-James ruling.

• DPNa - Devices taken from victims/witnesses (capture template and information for victims/witnesses)
• DPNb - Victim/witness Frequently Asked Questions (Information for victims/witnesses)
• DPNc - Devices taken from suspects (capture template and information for suspects

The guidance at the end of each section is particularly relevant on how to best implement these requirements into a solution.

This document contains the agreed principles for redaction of information from digital (and physical) material by police for legal or security reasons. Material includes statements, documentary exhibits, audio and video recordings, digital material, and other sources of information such as crime reports. 

Effective redaction allows police and CPS to share and serve relevant information whilst complying with the Data Protection Act 2018 (DPA) and the Criminal Procedure and Investigation Act 1996 (CPIA 1996) / CPIA Code of Practice (CPIA Code) whilst protecting and safeguarding personal and sensitive data.

The AWS Police Assured Landing Zone (PALZ), is a set of configuration, code, security model and design decision rationale artefacts created specifically for policing workloads.  The goal is to enable policing organisations to get started using cloud services more quickly, with confidence that they are implementing an assured set of baseline controls, reviewed by National Police Technology Council (NPTC), Police Digital Service (PDS) and National Police Information Risk Management Team (NPIRMT). These control documents are available in the PALZ documentation set. This will allow them to focus their efforts on activities and assurances unique to their workloads.

PALZ provides a landing zone with a multi-account structure aligned with AWS best practice including standardised AWS account and organisational unit (OU) structure, best-practice centralised networking and additional preventative and detective guardrails. It also provides a series of AWS Service Catalogue portfolios and products, which provide a self-service capability that greatly simplifies tasks such as the provisioning of new AWS accounts and the creation of private networks within an AWS account. Finally, PALZ integrates with a number of AWS security services to provide dashboards and alerts which support ongoing compliance monitoring, plus alignment to NEP designs for IAM and NMC.

PALZ has been through the NPTC “Security by Design” process. This process identifies key design decisions which are related to form a series of risks identified with common policing data. NPTC have used an independent third-party assessor to review the design decisions and generate the assurance documentation. This has been reviewed by the Police assuror, National Police Information Risk Management Team (NPIRMT), to approve the security controls and the solution design.

Note: This blueprint is marked OFFICIAL-SENSITIVE, for enquiries on access please contact the National Standards team who can put you in touch with the relevant team

This Authorised Professional Practice (APP) provides guidance to forces on meeting the requirements of the Management of Police Information (MoPI) Code of Practice in relation to the review, retention and disposal of policing information and records. This APP is supplemented by the Manual of Guidance, which provides a further level of operational data.

Police information refers to all information obtained, recorded or processed for a policing purpose. The Management of Police Information (MoPI) authorised professional practice (APP) provides a framework and guidelines for managing police information, complying with the law and managing risk associated with police information including data retention.

• Policing information is information held for a policing purpose. The MoPI Code of Practice definition of ‘policing purpose’ is:
  • protecting life and property
  • preserving order
  • preventing the commission of offences
  • bringing offenders to justice
  • any duty or responsibility of the police arising from common or statute law
• Corporate information includes other organisational information, such as HR or finance records, minutes of meetings, policies and procedures.

There is further information on compliance with the Freedom of Information Act.

It should also be noted that the retention periods for biometric data are governed by the Protection of Freedoms Act 2012 and sit outside this APP.

This ACPO guide contains a set of golden principles for management of digital evidence and guidance on each stage in the evidence lifecycle: Plan, Capture, Analyse and Present. This guide represents good practice across a broad digital forensic landscape for policing.

Although dated, this guide has been reviewed in March 2021 by the National Standards Assurance Board and deemed current and relevant.

The National Policing Digital Strategy sets out a new digital ambition for UK policing. It presents a set of tangible digital priorities and outlines the key data and technology building blocks required to deliver them. 

The strategy contains 5 priorities:

1. Seamless citizen experience
2. Addressing harm
3. Enabling officers & staff through digital
4. Embedding a whole public system approach
5. Empower the private sector