Evidence access control overview

This article provides an overview of evidence access control and the access list in Axon Justice, including information on user access to evidence and role permissions, access list information, providing access outside your organization, and access classes and categories.

Axon Justice uses access classes to control access to evidence. Each piece of evidence in Axon Justice is assigned to one of the following access classes:

Unrestricted
Restricted
Confidential

Evidence can only be assigned to one access class at a time. Evidence normally enters Axon Evidence with the Unrestricted access class. The access class can be changed to Restricted or Confidential manually, by assigning the evidence to a Restricted or Confidential category, or by adding it to a Restricted or Confidential case.

Note

There are no Axon Evidence specific definitions for the Restricted and Confidential access classes. Your organization should determine how these classes are used within your organization.

User access to evidence and user permissions

Default access to evidence is based on the permissions for a user's assigned role. The role-based permissions affect a user's ability to search for, view, and change the access class for evidence.

Additionally, each piece of evidence has its own access list, which allows your organization to manage evidence access inside and outside your organization on an as needed basis. Users and groups inside your organization can be granted access to evidence by being added to the access list. The access list is additive to role-based access. So, both users with role-based access and users on the access list are granted permission to search for and view the evidence. Being added to an access list allows a user to access the evidence, but it does not grant them any additional permissions beyond what is already included in their role.

The following table provides information on a user's ability to search for, view, and change the access class for evidence for the different permission settings.

Evidence search page views

The information shown to users on the evidence search page and in reports depends on the permissions for the user's assigned role and if the user has been added to an access list. If a user does not have list permission for an access class and is not on the access list for evidence in that access class, then no evidence in that access class is shown on the evidence search page or in reports.

Example: If a user's assigned role has the List Unrestricted Evidence permission set to Only Their Own and the user is not on any access lists, then the user will not see any evidence that is in the Restricted or Confidential access class on the evidence search page.

If a user has list permission for an access class set to Only Their Own, then the user will only see the evidence they are assigned as the owner.

If the user has list permission for an access class set to Any Evidence and has view permission set to Only Their Own, then the user will see all the evidence in that access class but only be able view their own evidence. The user can request access to other evidence, as shown in the following image.

Access list information

You can get a snapshot view of the number of users that can access an evidence file by looking at the manage access section of the evidence details page.

A detailed view of user access can be found by clicking Manage Access to view the Manage Access screen for the evidence. The upper portion of the Manage Access screen shows the number of users and groups on the access list, the number of users that can view the evidence due to their role-based permissions, and the access class for the evidence. The upper portion of the page also includes the link to the evidence page, allowing users to easily copy the link so it can be pasted into reports, documents, and other applications. Note that anyone using the link must still sign into their Axon Evidence account and must either be on the access list or have permission to view the evidence.

The Manage Access screen is also used to add and remove users and groups from the evidence access list and to change the evidence access class. Users must have the appropriate permission to apply or remove an access class. The lower portion of the Manage Access screen shows the users and groups on the access list for the evidence. The list shows the user or group name, access level, evidence access duration, and when the user or group was added to the list. If the evidence is in the restricted or confidential access class, then only users in roles that grant them access to evidence in the restricted or confidential access class and the users and groups on the access list can view the evidence.

Providing access to evidence outside your organization

A detailed view of access outside your organization can be found by clicking Manage Shares - Outside My Agency to view the Manage Shares screen for the evidence.

Users with the appropriate permissions can provide access to the evidence for partner agencies and users outside your organization using the Manage Shares screen. Additionally, users can provide access to evidence using an unauthenticated download Link from the evidence search page.

The Manage Shares option does not provide a copy of the evidence to the partner agency. This is unlike sharing evidence by case to partner agency, which does provide a copy of the evidence and allows the agency to manage the video based on their own retention policies.

Access classes and categories

The Categories feature provides the ability to apply a Restricted or Confidential access class to evidence. When evidence is assigned to a category that applies an access class, the evidence access class is automatically changed. Because evidence can only have one access class assigned at a time, if evidence is assigned to a Restricted category and to a Confidential category then the access class is changed to Confidential.