The City Law Department today presented findings and recommendations from a review of the Wichita Police Department’s policy and practice involving limited access files. This fall, City Manager Robert Layton asked for the review to determine if there had been any unlawful or inappropriate practice. City Attorney Jennifer Magana performed the review.
The main WPD software system receives all police reports. More than 800 WPD employees have access to it, and it is a searchable database. This review focuses on a separate database set aside for cases that are more sensitive in nature, for example: homicides, vehicular fatalities, and cases in which police officers, city employees, etc. are either suspects or victims. Approximately 92 individuals from five different agencies or departments have access. These individuals are granted access by WPD, on a need-to-know basis, as determined by the Captain of the Records Bureau.
- The practice does not violate any ordinance, state statute or federal law.
- The investigative records demonstrate that these cases are investigated comprehensively, just like other cases.
- Limiting access to certain files recognizes that all employees do not have a business reason to have access to all files. This practice is similar to those by which other organizations store medical, personnel and financial records.
- The intent, and the result, is to limit internal access, but not external access that is otherwise legally allowed. The informal name of the database, “Confidential Files,” is a misnomer and invites a misconception that these files are secretive.
- The files are subject to disclosure under Kansas Open Records Act (KORA), disclosure under criminal and civil discovery, and pursuant to any other court order for disclosure.
- Identification of suspects as “Known Suspect” or “Known Officer” is not an accepted WPD protocol. WPD leadership has developed a plan to address this issue.
- WPD should continue to limit access to certain files through the use of a limited access database.
- WPD executive staff should develop a policy that includes:
WPD should communicate to all staff why this database exists and distribute the policy.
WPD should fix the Crystal Reports code to ensure that all reports are pulled for daily media briefings, regardless of when the case is “cut.” (This action was completed several weeks ago and announced to the media. This should be randomly tested in an ongoing manner to ensure that the code is accomplishing the goal.)
- a stated business need for the database;
- a stated purpose;
- a change of nomenclature to reflect that this database does not inhibit legal access to records;
- criteria for which cases are designated for this database;
- identification of systems administrators and/or custodians
- annual audit requirements;
- criteria for who has access, both internally and externally, with an annual review of the personnel with access to ensure that the list reflects personnel changes, clearly defining and limiting the number of employees;
- controls to ensure compliance with state law and KBI regulations; and
- any other provisions deemed appropriate by WPD staff.