Attorney General of Kansas — Opinion
March 27, 2001
Re: Legislature — Legislative Post Audit — Definitions; Duty of Confidentiality Imposed by Law; Audit Work Papers
Public Records, Documents and Information — Records Open to Public — Public Policy That Records be Open; Definitions; Custodian; Public Records; Certain Records Not Required to be Open; Records Obtained by Post Audit
Synopsis: Legislative Post Audit may publicly report information it receives from nongovernmental persons by authority of K.S.A. 46-1114(c)(2)-(4) and (d)(1)-(3), as long as there is no law requiring such information to be confidential. This is so even if such entities are not otherwise covered by the Kansas Open Records Act (KORA). Such records are subject to disclosure under the KORA when in Post Audit’s possession. Cited herein: K.S.A. 45-217; 45-221; 46-1106; 46-1114; 46-1128; 75-4318; 75-4319.
* * *
Carla J. Stovall, Attorney General of Kansas
Barbara J. Hinton Legislative Post Auditor 1200 Mercantile Bank Tower 800 S.W. Jackson St. Topeka, Kansas 66612-2212
Dear Ms. Hinton:
You ask whether Legislative Post Audit may publicly report information it receives from nongovernmental persons by authority of K.S.A. 46-1114(c)(2)-(4) and (d)(1)-(3) when such persons are not otherwise covered by the Kansas Open Records Act (KORA). Your question assumes that there is no law requiring such information to be confidential.
Your request originates from an audit that involved, in part, the Kansas Technology Enterprise Corporation (KTEC) and several holding companies with which KTEC had invested money. However, the question has much broader implications. There is an increasing trend in state government to contract for services. In some instances the KORA might not apply to the contractor, and the only possibility for an in depth review of the performance of the contractor, other than by the state agency entering the contract, will be Legislative Post Audit through its statutory powers to examine records.
Statutes grant Post Audit broad authority in conducting audits. They provide that the Post Auditor “shall have access to all books, accounts, records, files, documents and correspondence, confidential or otherwise, of any person or state agency subject to the legislative post audit act or in the custody of any such person or state agency.”
Concerning such records, the Post Auditor generally has the same duty “of confidentiality imposed by law on any such person or state agency with regard to any such books, accounts, records, files, documents and other correspondence. . . .”
Legislative Post Audit’s authority to conduct audits goes beyond state agencies in some instances. K.S.A. 46-1114(c), provides:
“(c) Audits authorized by this section are the following:
. . . .
“(2) Audit of any person who receives any grant or gift from or through the state.
“(3) Audit of the contract relationships and the fiscal records related thereto of any person who contracts with the state.
“(4) Audit of any person who is regulated or licensed by any state agency or who operates or functions for the benefit of any state institution, except that this subsection (c)(4) shall not include audit of any person regulated by the state corporation commission.”
In conducting audits under subsection (c)(2)-(4) of a “nongovernmental person,” Post Audit has the right to all documents of that “person,” “confidential or otherwise,” as is described above in their general authority. But that right of access to a private entity’s books is “limited to those books, accounts, records, files, documents and correspondence, confidential or otherwise, of such person to which the state governmental agency” administering the grant or contract or licensing such person would have. Post Audit’s authority to obtain such records from private persons is not dependent in any way on whether the private entity is covered by the KORA. Of course, as with any audit, the general confidentiality provision-“as imposed by law” -would apply to documents received from a nongovernmental person, so if there is a statute or regulation, state or federal, prohibiting disclosure of a record, Post Audit is prohibited from publically disclosing it.
There is nothing in Post Audit’s statutes that prohibits Post Audit from disclosing records obtained from private persons under its audit authority. In fact, in order for Post Audit to be able to properly report to the Committee, this information must be disclosed. There is no statutory authority in Post Audit’s statutes or the KORA for Post Audit to present such information to the Post Audit Committee only, without subsequent public disclosure. Likewise, there is no general authority under the Kansas Open Meetings Act, or in current House and/or Senate rules, allowing for the Committee to meet in executive session to be briefed on such information. It would make little sense for the Legislature to give Post Audit authority to obtain such records from nongovernmental persons, but then not allow Post Audit to report such information to the Committee.
Moreover, the Kansas Open Records Act must be considered. Legislative Post Audit is a public agency as defined by K.S.A. 45-217(e). K.S.A. 45-217 defines a public record to mean:
“[A]ny recorded information, regardless of form or characteristics, which is made, maintained or kept by or is in the possession of a public agency.”
Because the documents of nongovernmental persons obtained by Post Audit in the course of such an audit are in Post Audit’s possession, we do not believe the exclusion from the definition of public records for “records owned by a private person” is applicable. The documents, then, would be subject to the KORA and any limitations or discretionary closure provisions imposed by the KORA.
We note that audit reports only become public records once completed and presented to the Committee. The documents obtained in the course of an audit would likewise be closed until the audit is completed and presented to the Committee.
In summary, we believe Legislative Post Audit may publicly report information it receives from nongovernmental persons by authority of K.S.A. 46-114(c)(2)-(4) and (d)(1)-(3) even though such entities may not otherwise be covered by the KORA, assuming there is no law requiring such information to be confidential. Such records are subject to disclosure under the Kansas Open Records Act when in Post Audit’s possession.
Very truly yours,
CARLA J. STOVALL Attorney General of Kansas
Steve Phillips Assistant Attorney General