CCTV and Alarm Wiring: Cable Types, Power Over Ethernet, Part P & GDPR Considerations
Domestic CCTV and burglar alarms are SELV (low-voltage) systems not covered by Part P Building Regulations, but all work must follow BS 5979 (intruder alarms) and BS EN 50132 (CCTV). IP cameras use CAT6 cable with PoE (Power over Ethernet) — no separate power run required. Analogue cameras use RG59 coax for video and separate 12V DC for power. GDPR applies where cameras overlook public spaces or neighbouring properties — a privacy notice must be displayed.
Summary
CCTV and intruder alarm installation has evolved significantly in the past decade. The shift from analogue CCTV (coaxial cable, DVR) to IP/network-based CCTV (CAT6 cable, PoE switch, NVR or cloud storage) has simplified installation considerably — one cable per camera for both power and video. Intruder alarm systems similarly have shifted toward wireless/hybrid systems that reduce cabling requirements, though wired systems remain the gold standard for reliability.
As a tradesperson, CCTV and alarm installation can be offered as part of a smart home package alongside electricals and data cabling. The skills overlap substantially with electrical installation. The important regulatory points are: the systems themselves are SELV and not Part P notifiable, but if you break into existing mains circuits to power them, that may be notifiable. And any system that is monitored by an approved monitoring centre, or fitted as a condition of insurance, may need to be NSI or SSAIB certified — a certification regime that smaller contractors may not hold.
Key Facts
- IP CCTV cable — CAT6 UTP or STP. PoE standard (IEEE 802.3af/at) provides up to 15.4W (802.3af) or 30W (802.3at) per camera
- Analogue CCTV cable — RG59 coaxial (75 ohm) for video. Maximum run approximately 300m for composite video without amplification. Separate 2-core 0.5mm² cable for 12V DC power
- HD-over-coax (HDCVI, AHD, TVI) — Analogue camera format with HD video (1080p+) over existing RG59 cable. A useful upgrade path where RG59 is already installed
- IP camera resolution — Typically 4MP to 8MP (4K) for current domestic cameras. 2MP/1080p is the minimum worthwhile specification
- PoE switch — Managed or unmanaged PoE switch provides both data connection and power over CAT6. A 4-port or 8-port PoE switch is standard for domestic systems
- NVR (Network Video Recorder) — Standalone unit that records footage from IP cameras. Typically includes 1–4TB internal hard drive, HDMI output for live view, and remote access via app
- Cloud recording — Hikvision, Dahua, Ring, and others offer cloud storage. Subscription cost must be factored into any sales quote
- Intruder alarm grades — BS EN 50131 grades 1–4: Grade 1 (low risk), Grade 2 (most domestic/small commercial), Grade 3 (high risk), Grade 4 (very high risk)
- Alarm cable — 6-core 0.5mm² screened alarm cable (or 4-core unscreened for simple systems). Maximum resistance per metre: check PIR specifications
- PIR detection angle — Typical 90° horizontal, 45° vertical. Dual-technology PIRs (PIR + microwave) reduce false alarms
- Wireless alarm advantages — No cable runs, faster installation, less disruption to existing decoration. Disadvantage: battery dependence and RF jamming vulnerability
- GDPR — CCTV processing personal data (faces) is covered by UK GDPR. Domestic use for home security is exempt from GDPR notification, but cameras pointing at public spaces, roads, or neighbours' properties require privacy notice display and must be proportionate
Quick Reference Table
Quoting an electrical job? Describe the work and squote handles the pricing.
Try squote free →| System Type | Cable Type | Advantages | Limitations |
|---|---|---|---|
| IP CCTV (PoE) | CAT6 | One cable per camera; high resolution; easy expand | Requires PoE switch; IP knowledge |
| Analogue HD (HDCVI/AHD) | RG59 coax | Uses existing coax; simple DVR | Resolution limit vs IP; two cables per camera |
| Wireless CCTV | None (WiFi) | No cable runs | WiFi range/reliability; battery/mains power still needed |
| Wired alarm | 6-core screened | Most reliable; insurance-grade | Significant cable runs |
| Hybrid alarm | Mix | Flexible; reduces cabling | More complex programming |
| Wireless alarm | None | Fast install; no disruption | Battery dependence; RF jamming |
| CCTV Camera Location | GDPR Implication |
|---|---|
| Internal only | Low risk; domestic GDPR exemption |
| Front door/driveway (own property) | Low risk; post privacy notice if any neighbour/road visible |
| Garden (own property) | Low risk; avoid capturing neighbouring gardens |
| Road/pavement | Must display CCTV signage; may trigger data controller requirements |
| Common parts (flat/HMO) | Must register with ICO; display signage; retention period policy |
Detailed Guidance
IP CCTV System Design
Camera placement: Site cameras to cover the main access points — front door, back door, garage, and driveway. For a three-bed house, 4–6 cameras is typical. Additional cameras can be added to cover specific risk points (side gate, garden shed).
Cable routes: Run CAT6 from each camera position back to the NVR location (usually airing cupboard, utility room, or purpose-installed security cabinet). Star topology — each camera has its own home-run cable. Maximum cable length 100m per IEEE 802.3.
NVR/PoE switch location: Should be in a locked or concealed location to prevent smash-and-grab theft of the recording device. Some systems store footage in cloud backup regardless.
Power: NVR requires a standard 13A mains supply. A dedicated spur via a fused connection unit is good practice. If this mains work is in a kitchen, bathroom, or special location, it may be Part P notifiable.
PoE budget: Add up PoE power requirements of all cameras. Ensure the PoE switch has sufficient total PoE budget (typically 30–65W for a budget 4-port switch up to 200W+ for commercial switches). Cameras typically draw 5–12W each.
Wired Intruder Alarm System
A typical Grade 2 wired alarm system consists of:
- Control panel (usually in a lockable case, hallway or utility room)
- Internal siren (or communicator)
- External sounder with strobe (tamper-protected)
- PIR detectors (passive infrared) in each room/hallway
- Door and window contacts
- Panic buttons (optional)
- Keypad (entry point)
Cable runs: Run 6-core 0.5mm² screened alarm cable from each device back to the control panel. Zone-based architecture: typically 8 zones for a standard 3-bed property. Each PIR, contact, or device on its own zone. Cable screening should be connected at the panel end only (star earthing).
PIR placement: PIR should be in the corner of each room, 2–2.5m above floor, pointed diagonally across the room. Keep away from heat sources (radiators, south-facing windows) to prevent false alarms.
External sounder: Fix to a high point on the front and/or rear elevation. Most require 4-core cable (power, tamper, sounder output, strobe output). The sounder must activate within 3 minutes of alarm trigger and self-restore after 15 minutes per BS EN 50131. Fix with anti-tamper screws.
Programming: Every control panel requires programming to set zone names, entry/exit delay, alarm output behaviour, and optional monitoring station connection. Refer to the panel manufacturer's commissioning guide.
Wireless Alarm Systems
Wireless PIRs and contacts communicate via RF (typically 433MHz, 868MHz or 2.4GHz depending on system). The control panel receives RF signals from all devices.
Advantages: Fast to install. No disruption to finished interiors. Ideal for rentals and listed buildings.
Disadvantages: Batteries need replacing (typically 2–5 years per device). RF signals can be jammed (Grade 2 systems must detect jamming). Insurance companies may require wired or Grade 2+ hybrid systems for high-value properties.
Popular UK systems: Ajax (strong RF anti-jam), Texecom Premier Elite wireless, Pyronix Euro46, Galaxy Dimension.
GDPR for CCTV Installers
Under UK GDPR (retained from EU GDPR and the Data Protection Act 2018):
Domestic exemption: A householder operating CCTV purely for the security of their own home, where cameras cover only the immediate property, is largely exempt from GDPR registration requirements (the "purely personal" exemption).
Public space cameras: If any camera captures images of people on public roads, pavements, or neighbouring properties, the domestic exemption is reduced. The householder should:
- Display a CCTV warning sign at the property boundary
- Limit retention period (typically 28–31 days for domestic)
- Be prepared to respond to subject access requests
Common parts of buildings (flats, HMOs): Managing agents or landlords operating CCTV in communal areas are data controllers and must:
- Register with the ICO (Information Commissioner's Office) — currently £40/year for small businesses
- Display CCTV signage
- Have a retention and deletion policy
- Respond to subject access requests within 30 days
As an installer, you should brief your customer on their GDPR obligations — especially in flats and HMOs. Leaving a customer unaware of ICO registration obligations is a reputational risk.
Frequently Asked Questions
Is CCTV installation Part P notifiable?
The cameras, cabling, NVR, and PoE switch are all SELV (typically 12V or 48V DC) and are not Part P notifiable. However, if you install a new 13A mains spur to power the NVR in a kitchen, bathroom, or special location, that new mains connection may be notifiable. If you are simply plugging the NVR into an existing 13A socket, no notification is required.
Does CCTV installation need NSI or SSAIB certification?
For standard domestic CCTV with no monitoring centre connection, no certification is required. If the customer requires: (a) monitoring by an approved central station (which can dispatch police), (b) insurance certification, or (c) connection to a digital communicator for police response — then NSI Gold or SSAIB certification may be required by the monitoring company or insurer. Check the specific requirement before quoting.
How long should CCTV footage be retained?
For domestic: 28–31 days is standard. For commercial: check with a solicitor or the ICO. Longer retention increases storage requirements and GDPR obligations. Most NVRs are configured to overwrite on a rolling basis.
My customer wants to monitor their CCTV remotely on a phone. How?
All modern IP CCTV systems offer remote access via a smartphone app. The NVR connects to the home network (wired LAN port, not WiFi for reliability). Port forwarding on the router or a proprietary P2P cloud service allows remote access. Configure DDNS if the customer has a dynamic IP address. Set a strong password on the NVR and camera admin accounts — default passwords are a security risk.
Regulations & Standards
BS EN 50132-1 — Alarm systems — CCTV surveillance systems for use in security applications
BS 8418:2010+A1:2015 — Installation and configuration of detector-activated CCTV systems
BS EN 50131-1 — Alarm systems — Intrusion and hold-up alarm systems (grade classification)
BS 5979:2007 — Remote centres receiving signals from intruder alarm systems
UK GDPR (Data Protection Act 2018) — Personal data processing via CCTV
ICO CCTV Code of Practice — UK GDPR obligations for CCTV operators
NSI (National Security Inspectorate) — Approved inspector certification for security systems
SSAIB Approved Inspectorate — Security system certification scheme
data cabling — CAT6 cabling backbone for IP CCTV
smart home wiring — Integrated smart security and data infrastructure
gdpr for trades — GDPR basics for tradespeople
part p notifications — What requires Part P notification
Got a question this article doesn't answer? Squotey knows building regs, pricing and trade best practice.
Ask Squotey free →This article was generated and fact-checked using AI, with corrections from the community. If you spot anything wrong, please . See our Terms of Use.