Restrictions

You can apply restrictions to an entire incident, an entire report, or to specific report sections, such as information about a person, vehicle, or property.

Each restriction has three privileges associated with it that control how users can access information associated with that restriction:

  • Access: Lets users view information associated with the restriction
  • Add: Lets users add that restriction to information
  • Remove: Lets users remove that restriction from information

If you want a user, team, or Command Hierarchy group to view a specific item that has been restricted, but you don't want to give them access to view all items containing that restriction, you can create a restriction exception.

Restriction types and restriction exception lists are managed from the Restrictions tool in the Administrator Console.

When managing and using restrictions, you can take the following actions:

Restrict incidents

To apply a restriction to an entire incident:

  1. Open either the incident profile or a report contained within the incident.
  2. Select More Actions [...] > Manage Restrictions.
    The image shows two screenshots. The top image shows an incident with the more actions menu expanded. The highlighted option is Manage Restrictions. The bottom screenshot shows a report with the More Actions menu expnded and the Manage Restrictions option highlighted.
  3. Select Add Restriction.
  4. Choose a Restriction Classification.
    • You will only see restriction types for which you have the Add privilege.
  5. Select Entire Incident from the Information Restricted field.
  6. Select Save.
    The image shows the Manage Restrictions window with a view-only exception list at the top. The option to Add Restriction is highlighted. Below, an active restriction is displayed and the information restricted as the Entire Incident. There is an option to remove the restriction, and the changes can be saved by selecting the Save button.
Note

The Audit Log tool shows any unauthorized access attempts to a fully restricted item. This does not apply to items with partial restrictions.

When users with the necessary restriction privileges open a restricted item, a Restricted label is displayed at the top of the profile. Hovering over the label reveals the name of the restriction that has been applied. When users who do NOT have the necessary restriction privileges attempt to view restricted items, a message displays instead of the profile, explaining that they cannot view the item.
Two screenshots show what users with different privileges see when attempting to view a restricted item. The top image shows a user with privileges who sees a Restricted label. The bottom image shows a user without privileges who sees a restricted information message.

Restrict reports

In Axon Records, you can restrict an entire non-incident report without also restricting other reports that have been added to an incident. Note that this functionality only applies to non-incident reports. To restrict an incident report, you must restrict the entire incident. Similarly, the ability to restrict a single report is not available in Axon Standards. Instead, you must restrict the entire event.

To apply a restriction to an entire report:

  1. Open the report.
  2. Select More Actions [...] > Manage Restrictions.
    The image shows a report with the More Actions menu expnded and the Manage Restrictions option highlighted.
  3. Select Add Restriction.
  4. Choose a Restriction Classification.
    • You will only see restriction types for which you have the Add privilege.
  5. Select Entire Document from the Information Restricted field.
  6. Select Save.
    The image shows the Manage Restrictions window with a view-only exception list at the top. The option to Add Restriction is highlighted. Below, an active restriction is displayed and the information restricted as the Entire Document. There is an option to remove the restriction, and the changes can be saved by selecting the Save button.

When users who do NOT have the necessary restriction privileges open a restricted report, a message displays instead of the report, explaining that they cannot view it.
The image shows a message indicating that the report is restricted. It displays a red lock icon with the word Restricted in red text.

Partial restrictions

To partially restrict a report and make specific information in that report accessible only to authorized users:

  1. Open the report section you want to restrict.
  2. Select Actions > Manage Restrictions.
    The image shows an incident report. The Actions menu is expanded, showing the option to manage restrictions.
  3. Select Add Restriction.
  4. Pick a type of restriction under Restriction Classification.
  5. Use the Information Restricted menu to select the exact information you want to limit access to.
    • If you select Entire Person, any relationships between that person and any other people, vehicles, etc. are also restricted.
    • If you select Personally Identifiable Information, the restriction will apply to:
      • Name (first, middle, last, suffix)
      • Aliases
      • Date of Birth
      • Birthplace (city and state)
      • Contact information (address, phone, etc.)
      • Identification documents (driver's license, passport, etc.)
  6. To add additional restrictions, select Add Restriction again.
  7. Select Save to apply the restrictions.

When users with the necessary restriction privileges open a restricted item, a Restricted label is displayed at the top of the section where the restriction was applied. Hovering over the label reveals the name of the restriction that has been applied. A lock icon appears beside each restricted section of the report.

Note in the image below that although a restriction was applied to a single person, additional report sections also display a lock icon because the entire person was restricted, thereby hiding their relationships with the other people in the report.

When users who do NOT have the necessary restriction privileges attempt to view restricted sections of the report, they also see lock icons and a Restricted label. Instead of showing the restricted information in the report fields, [REDACTED] is displayed.
The top image shows an incident report where the person involved is marked as a restricted person, indicated by a lock icon. The bottom section shows what non-privileged users see, signified by the word redacted in brackets.

When users with the necessary restriction privileges open the incident profile the report is associated with, a Partially Restricted label is displayed at the top. A Restricted label appears on the information that has been restricted. Hovering over the label reveals the name of the restriction that has been applied. When users who do NOT have the necessary restriction privileges attempt to view an incident profile that contains restricted items, the Partially Restricted label appears and the restricted information is hidden entirely.
This image shows two screenshots of an incident that contains restricted information. The image on the left shows what a person with privileges to view the information would see and the image on the right shows what a person without privileges would see

Edit and remove restrictions

If an entire report or incident has been restricted, you can remove the restriction by taking these steps:

  1. Open the report or incident from which you want to remove a restriction.
  2. Select More Actions [...] > Manage Restrictions.
    The image shows two screenshots. The top image shows an incident with the more actions menu expanded. The highlighted option is Manage Restrictions. The bottom screenshot shows a report with the More Actions menu expnded and the Manage Restrictions option highlighted.
  3. Select Remove on the restriction you wish to remove.
  4. Select Save to finalize your changes.
    The image shows the Manage Restrictions window, where a view-only exception list is displayed, allowing members to have view-only access to restricted information. Three restrictions are listed: Sensitive Case, Minor Victim or Witness, and Juvenile Suspect, all applying to the entire document. Each restriction has a Remove option on the right, and there is an option to add a new restriction at the bottom. A Save button is available to apply changes.

To edit or remove a partial restriction:

  1. Open the report section that contains the restriction.
  2. Select Actions > Manage Restrictions.
  3. Adjust the Restriction Classification or Information Restricted.
  4. Remove a restriction entirely by selecting Remove.
  5. Select Save.

Manage restriction exceptions

If you want a user, team, or Command Hierarchy group to view a specific item that has been restricted, but you don't want to give them access to view all items containing that restriction, you can create a restriction exception.

Restriction exceptions can be created only when the entire report or incident has been restricted. Exceptions can't be created for partial restrictions. All restriction exceptions that have been created for the organization appear in the Administrator Console Restrictions tool.

Users and groups who are given restriction exceptions can only view the restricted information; they can't manage the restrictions themselves. If you instead want the user or group to be able to add or remove that restriction type, you should instead give them the corresponding restriction privileges.

To view or manage existing restriction exceptions, take these steps:

  1. Open the report or incident from which you want to remove a restriction.
  2. Select More Actions [...] > Manage Restrictions.
    The image shows two screenshots. The top image shows an incident with the more actions menu expanded. The highlighted option is Manage Restrictions. The bottom screenshot shows a report with the More Actions menu expnded and the Manage Restrictions option highlighted.
  3. The current restriction exceptions appear at the top of the Manage Restrictions pane, and are broken out by different icons:
    • The image shows the icon for Users. Individual users
    • The image shows the icon for teams. Teams
    • The image shows the icon for Command Hierarchy Groups. Command Hierarchy groups
      The image shows the Manage Restrictions pane with a view-only exception list at the top. Members in this list are granted view-only permission to restricted information.
  4. Select Manage Exceptions to see which users, groups, and teams have been granted restriction exceptions and adjust as necessary:
    • Pencil: Select to edit the allowed restrictions or duration
    • Trash can: Select to delete the restriction exception
      The image shows the Manage Restriction pane, allowing users to manage the view-only exception list. At the bottom, there is a list of existing exceptions, showing groups or users with their allowed restrictions, duration, and the date they were added. Each entry has options to edit or delete the exception.

To create a restriction exception:

  1. After opening the Manage Restrictions pane, Select Manage Exceptions.
  2. Search for a user, team, or Command Hierarchy group in the User or Group field.
    • You can add multiple users, teams, and groups to this field.
  3. When multiple restrictions have been applied, you can select which restrictions to include in the exception:
    • All restrictions: Lets the user or group view all restricted information
    • Selected restrictions: Lets the user or group view information only associated with specific restrictions
  4. Set a duration for which the exception will apply. Options include:
    • 1 week
    • 2 weeks
    • 1 month
    • 2 months
    • Custom: Set a custom time frame.
    • Until Removed: The exception will remain in place until someone opens the item and manually removes it.
  5. Select Add.
    The image shows the Manage Restrictions window. The highlighted Manage Exceptions button opens a window where users or groups can be added to the view-only exception list. A user or group must be selected, and options are provided to apply the exception to all restrictions or selected restrictions. The duration of the exception can also be set, with the current duration being 1 week. At the bottom, there is a table listing existing exceptions, showing the user's name, allowed restrictions, duration, and the date they were added. Options to edit or delete the exception are available.