Iowa security and surveillance regulations: what businesses must know

Iowa is a one-party consent state for audio recording under Iowa Code 808B.2. The Iowa Consumer Data Protection Act (Iowa Code 715D), effective January 1, 2025, classifies biometric data as sensitive data at covered controllers. The Iowa Department of Public Safety licenses private investigative agencies and private security business operators under Iowa Code Chapter 80A. Iowa Code 715C governs data breach notification including biometric records.

Camera-related state law

The governing audio statute is Iowa Code 808B.2, which makes intentional interception of wire, oral, or electronic communications a felony unless a party to the communication consents. Iowa is a one-party consent state for audio recording.

Video-only surveillance of common areas with posted notice is generally lawful. Iowa Code 709.21 (invasion of privacy) reaches hidden cameras in places where privacy is reasonably expected. Posted notice at the entrance is the industry standard.

Security business licensing

The Iowa Department of Public Safety regulates private investigative agencies and private security business operators under Iowa Code Chapter 80A and Iowa Admin. Code 661-121. Companies providing security services for compensation must hold a current state license. Local jurisdictions add alarm permits and registration requirements.

Biometric data and the ICDPA

The Iowa Consumer Data Protection Act (Iowa Code 715D) took effect January 1, 2025. ICDPA applies to controllers conducting business in Iowa or producing products targeted to Iowa residents above defined thresholds. The Act classifies biometric data as sensitive data and requires consent before processing.

For commercial security buyers, the practical reach is fingerprint and facial-recognition access control. ICDPA compliance requires consent, privacy notice, consumer-rights handling, and a data protection assessment for sensitive processing. Enforcement is by the Iowa Attorney General; there is no private right of action. ICDPA is generally less restrictive than CCPA, VCDPA, or CTDPA.

Privacy in the workplace

Iowa does not have a single workplace electronic-monitoring statute. Pure video surveillance of common work areas with posted notice is the routine pattern. Most IA employers issue a single workplace surveillance notice in the handbook. Manufacturing and food-processing employers across Iowa (Tyson, Smithfield, JBS, Cargill, Deere) commonly add badge-tied access control and integrate with USDA-required audits.

Video retention requirements

Medical cannabidiol. Iowa Admin. Code 154A sets retention for licensed manufacturers and dispensaries.
Healthcare. HIPAA Security Rule (45 CFR Part 164) governs PHI-touching footage.
Retail and hospitality. PCI-DSS Requirement 9 specifies 90-day retention for the cardholder data environment.
Federal contractors. NDAA Section 889 controls vendor selection.
Schools. FERPA reach for K-12 districts and higher education.
Food processing and meatpacking. USDA FSIS audits and HACCP records can pull camera evidence into food-safety compliance.

Default retention for IA commercial systems with no specific industry rule is 30 days.

What Tec-Tel does to comply with Iowa regulations

Video-only on cameras unless audio is documented with one-party consent under Iowa Code 808B.2.
Posted surveillance notice at every public entrance.
No cameras in restrooms, locker rooms, dressing rooms, or any space where privacy is reasonably expected.
ICDPA consent and notice language coordinated with the customer's privacy team for any biometric capture at covered controllers.
Retention configured to the regime that governs the industry (HIPAA, PCI, 154A, NDAA, USDA).
NDAA Section 889-compliant vendor selection on federal-touching installs.
DPS-licensed work where the install scope or service triggers Iowa Code Chapter 80A.

This is a buyer-facing reference, not legal advice.

Security service in Iowa

Tec-Tel deploys AI-era security across Iowa with one accountable project manager owning design, install, and service to one standard. The cities below have local service detail, deal sizing, and a free consultation. Don't see yours? We cover the whole state.

Security in Des Moines, IA

Or browse the full city directory and nationwide coverage map.

Frequent buyer questions

Is Iowa a one-party or two-party consent state for audio recording?

Iowa is a one-party consent state. Iowa Code 808B.2 makes interception of wire, oral, or electronic communications a felony unless a party consents. A participant can lawfully record. Most IA commercial camera installs go video-only on the cameras.

Does Iowa license alarm and security contractors?

The Iowa Department of Public Safety licenses private investigative agencies and private security business operators under Iowa Code Chapter 80A and Iowa Admin. Code 661-121. Companies providing security services for compensation must hold a current state license. Iowa does not have a separate statewide alarm-installer license, but local jurisdictions impose alarm permits and registration on alarm businesses.

What does the Iowa Consumer Data Protection Act require for biometric data?

ICDPA (Iowa Code 715D) took effect January 1, 2025. The Act applies to controllers conducting business in Iowa or producing products targeted to Iowa residents above defined thresholds (100,000 consumers, or 25,000 consumers and 50 percent of gross revenue from sale of personal data). ICDPA classifies biometric data as sensitive data and requires consent before processing. Enforcement is by the Iowa Attorney General; there is no private right of action. ICDPA is generally less restrictive than CCPA, VCDPA, or CTDPA.

What's the data breach notification rule in Iowa?

Iowa Code 715C (Personal Information Security Breach Notification) requires entities to notify Iowa residents and (in many cases) the Iowa Attorney General following a breach of personal information. Personal information includes name combined with Social Security number, driver's license, financial account information, biometric data, or similar identifiers.

Do I have to give Iowa employees notice before monitoring them?

Iowa does not have a statute as specific as New York Civil Rights Law 52-c. The general rule is posted notice for common-area camera surveillance, no cameras in restrooms or other private spaces, and one-party consent on any audio capture under Iowa Code 808B.2. Most IA employers issue a single workplace surveillance notice in the handbook.

Does Iowa have a cannabis program with surveillance rules?

Iowa operates a limited medical cannabidiol program under the Iowa Department of Health and Human Services. Camera coverage and retention rules for licensed manufacturers and dispensaries are published in Iowa Admin. Code Chapter 154A. Adult-use and broad medical cannabis programs are not legal in Iowa. Operators in the medical cannabidiol program should pull the current rules before designing the install.

Are there special rules for cameras in Iowa schools?

Iowa public schools follow federal FERPA (20 U.S.C. 1232g). The Iowa Department of Education and the Iowa Department of Public Safety provide school safety guidance. SVPP and NSGP grant-funded camera projects in IA carry NDAA Section 889 procurement requirements.

Start with a free consultation.

Tell us what you're protecting and what's already in place. The Tec-Tel team reviews it and comes back with a written plan.

Tell us how many sites you run and what's already in place. We'll show you what a build or upgrade looks like.

Straight answers from the team that does the work. We're platform-agnostic, so you get the system that fits your sites, not one brand's catalog.

Since 2010 · 1,000+ deployments nationwide · ISN-accredited

Book a free consultation 855-577-0400

Iowa security and surveillance regulations: what businesses must know

Camera-related state law

Security business licensing

Biometric data and the ICDPA

Privacy in the workplace

Video retention requirements

What Tec-Tel does to comply with Iowa regulations

Security service in Iowa

Frequent buyer questions

NDAA Section 889

Illinois regulations

Wisconsin regulations

Nebraska regulations

Missouri regulations

Start with a free consultation.

How can we help?