911 dispatchers must be carefully vetted since they have access to confidential information that could be easily misused.
In October 2003, Michael Michalski was working as a 911 dispatcher at the Northwest Regional Communications center in Allegheny County, Pa., when his obsession with an ex-girlfriend turned deadly. According to court documents, Michalski used his position to surreptitiously search the center’s computer network to determine the whereabouts of Gretchen Ferderbar and her current boyfriend, Mark Phillips. Michalski’s supervisor became aware of the searches and suspended him. The suspension, however, was deferred and Michalski remained on the job for another week, continuing his illicit inquiries.
The next week when the suspension took effect, Michalski called the 911 center during the early morning hours seeking assistance in locating Phillips. Two of his co-workers allegedly complied with the request and searched the database. Michalski’s supervisor met with him the same day and fired the troubled 21-year-old. Court papers stated that “despite recognizing that Michalski had used the 911 center’s computer system to track Mark Phillips, [the supervisor] made no effort to detain Michalski, deter him from reaching Mark Phillips or to warn Mark Phillips of Michalski’s potentially violent behavior.”
A few hours later, Michalski again contacted his co-workers at the call center. He stated that he “had nothing to live for” and that Ferderbar and Phillips were going to “pay for putting him in his present position.” That afternoon Michalski murdered Phillips, Ferderbar and her sister. He pled guilty to the slayings and was sentenced to three life terms.
The Michalski case serves as a cautionary tale about protecting classified data within a public safety environment. Typically the image of a dispatcher is one where an individual sends the fire department, emergency medical services and/or police to an emergency in a timely, efficient manner. This generalization, while not entirely inaccurate, has led to the misnomer “telecommunicator.” In reality, dispatchers are information managers who are exposed to highly sensitive data. Criminal histories, terror alerts, Health Insurance Portability and Accountability Act (HIPAA) regulations, and the mundane vacation house check could be misused in the hands of an unscrupulous, desperate or disturbed person. As such, it’s imperative that employees understand their obligations regarding the protection and dissemination of information. Furthermore, the call center’s management team must be vigilant in identifying abuses and act swiftly to mitigate them.
No one can deny the importance of a thorough background investigation before hiring an employee
at a 911 call center. The selection of trustworthy, competent staff is an integral part of the process.
Pat Shumate, chief communications officer of the Roanoke County, Va., Emergency Communication Center, is ever vigilant in looking for the occasional bad apple.
“Some of the warning signs we find during the background [check] might be a criminal record, bad driving record, bad work history, inconsistencies in the application and poor credit rating,” Shumate said. “We look for people who are well thought of in their community with a good employment record and a reputation for honesty.”
Problems can arise after the hiring process when successfully vetted individuals later display contempt for the system and then abuse it.
In February 2009, Maury County, Tenn., 911 dispatcher Tamatha Taylor was charged with official misconduct, misuse of official information and accessory after she allegedly tipped off a drug suspect during a police investigation. The suspect was an acquaintance of Taylor’s whom she helped elude capture. She had worked at the center since 1994.
A month later in Steuben County, N.Y., 911 dispatcher Jacque Stetler also was charged with official
misconduct after allegedly providing sensitive information to an individual about an investigation. Stetler had been employed as a dispatcher for approximately five years. At the time of this writing, Steuben County’s 911 website identified Stetler as a recipient of its 2007 Lifesaving Award.
These examples shouldn’t be viewed as an indictment of the emergency dispatching profession. They are, however, important to understanding that an employee may change significantly over the course of five years. Drinking, gambling, drug abuse or financial difficulties could compel individuals to commit illegal acts that they would not have considered otherwise. Some might argue that such behavioral changes would have been noticeable in the close quarters environment of a 911 center. Ultimately such abuses may be the result of a lack of vigilance and a failure to address operational issues on a timely basis.
“As a 911 dispatcher, you live in a glass house,” Shumate said. “Everyone is watching you, and you must keep yourself above reproach.”
Steve Souder, director of the Fairfax County, Va., Department of Public Safety Communications, emphasizes the importance of a half-hour of structured daily roll call before each shift to discuss operational issues. “It is very interactive and a great opportunity to talk about events that have occurred.”
Every 911 center should have a clearly written confidential information policy that employees read, understand and sign annually. The policy must delineate the types of information dispatchers
will be exposed to, requirements for protection and restrictions regarding dissemination.
For dispatchers tasked with running database searches for law enforcement personnel, the information gleaned is often highly sensitive. A suspect’s criminal history frequently makes for compelling reading and the allure of easy access to such provocative material has led to abuses of the privilege.
It’s important to note that the misuse of law enforcement databases is not the line dispatcher’s exclusive domain. Sometimes management gets into the act. In October 2008, the Kane County, Ill., State’s Attorney’s Office issued a press release stating that Steven R. Cordes, director of the northern Kane County dispatch center, was indicted for misusing a criminal background search database. Allegedly “on multiple occasions in 2006, 2007 and 2008, Cordes accessed the state Law Enforcement Agencies Data System to gain information on four persons for his personal use.”
Ron Timmons, director of the Plano, Texas, Public Safety Communications Department, cites a department code of ethics that all employees are required to sign as an integral part of the information protection policy. Contained therein is a section stating that employees will not divulge confidential information that’s learned during the course of their duties unless such revelation is necessary to perform their jobs.
“We also have specific policies regarding the release of information that would be in violation of HIPAA laws, information obtained through criminal database services and information to the news media,” Timmons said.
In May 2008, Nadire Zenelaj, a former 911 operator for Rochester, N.Y., faced felony computer trespassing charges for accessing restricted law enforcement records, including a terrorism watch list. The concern was that Zenelaj, who is a Muslim of Albanian descent, was searching for information on herself, her family and friends.
“We think she was accessing this information to pass it on to others,” said Richard Vega, who at the time was the director of the city’s Office of Public Integrity. Zenelaj denied the charges, claiming that she was being discriminated against and that she had no terrorist ties. She had been employed by the city for nearly six years.
In September 2008, in Orange County, Calif., another 911 dispatcher was charged with providing
confidential law enforcement data to a white supremacist group.
Lissa Marie Domanic, who had worked at the Orange County Sheriff’s Department since February 2007, had allegedly “supplied members of the gang confidential [Department of Motor Vehicles] information, such as names and addresses and inmate information while she was working for the Sheriff’s Department.” Part of the investigation focused on whether Domanic had deliberately
targeted the Sheriff’s Department to penetrate a law enforcement agency.
To vet a possible employee, Plano’s Timmons examines an applicant’s judgment (or lack thereof) over the last five years. These inquiries include but are not limited to “attendance at social functions at which controlled substances are consumed and such activity is known or should have been known by the applicant; silent acceptance of known illegal conduct by others in his/her presence; workplace behavior/decisions that adversely affect the business or associates, etc.”
These incidents are disturbing, and although they rarely occur, they underscore the necessity for protecting confidential information within the dispatching environment. This requires scrutinizing policies, procedures and most importantly, having an effective vetting process for individuals who are charged with an often thankless, unseen job. To do otherwise makes a public safety answering point vulnerable to criminal activity and unwanted public scrutiny.
Eric Harne is a security consultant and writer in Harrisburg, Pa.