Cannabis surveillance — retention monitoring and incident timelines

Cannabis surveillance is a compliance requirement that doesn’t produce daily friction until something fails. WAC 314-55-082 (Washington), §1 CCR 212-3 R 3-110 (Colorado), Title 4 §15049 (California) — every state has a retention rule. Every state assumes the operator is checking. Most operators check retroactively, when a customer complaint or WSLCB inspection forces the issue.

• **Retention monitoring is silent until it isn’t.** A camera goes offline; nobody notices until the WSLCB asks for footage from 23 days ago.
• **Incident review is reactive.** Variance > $50 means somebody looks at footage. The lookup is a manual scrub through the relevant timeframe — guess + scroll + repeat.
• **Spreadsheet tracking** — most operators have a tab in a master spreadsheet listing each camera + its expected retention + when it was last verified. Updated when remembered, which means “monthly if you’re lucky.”
• **Inspection-prep panic** — the day before a WSLCB visit, somebody pulls every camera’s retention setting + checks a span of footage. That’s the worst possible time to discover a gap.

Stop tracking retention manually. Run a nightly probe against the DVR/NVR API that walks every camera + verifies the rolling window meets the regulator’s minimum + the operator’s internal target. Anything below threshold writes an incident; the morning email surfaces gaps before the operator’s first coffee.

1. 1**Probe each camera nightly at 2am store-local.** API call to the DVR/NVR for retention-window-end-date per camera.
2. 2**Compare to threshold.** WSLCB minimum is 30 days; operator-side target is usually 45-60 days for safety margin.
3. 3**Below threshold → incident write.** Camera offline, retention dropped, network glitch — all surface as a single “surveillance gap” incident with the camera id + the actual retention-end-date.
4. 4**Morning email surfaces gaps** to the compliance officer + the GM. One email; if no gaps, no email needed (or a single “all clear” line — operator preference).
5. 5**Write to audit_log on every probe** — even when clean. The audit trail is what the inspector wants to see. No probe = no audit row = inspector finding.

Surveillance review used to be: variance happens at 6:42pm Tuesday → manager reviews at 9am Wednesday → manager opens DVR → manually scrolls through 4-6 hours of footage looking for the moment. The fix is structural: every flagged transaction (variance, void, override, age-verify failure) auto-writes the camera-timestamp linkage at the moment of the action.

• **Every register transaction stamps an ISO timestamp into the audit_log row.**
• **The DVR/NVR exposes a timestamp-to-clip API** (most modern systems do; some legacy systems don’t — talk to your installer).
• **At the moment of a flag (variance > threshold, void, override), the platform writes the timestamp into the incident row** with a clip-fetch URL.
• **Manager opens the incident in the platform** + clicks “Review footage.” Single 30-second clip plays inline. No DVR login, no scrolling, no “was it 6:42 or 6:43.”
• **Debrief happens with the budtender within an hour, not next day** — the employee remembers the moment because the moment was 60 minutes ago, not yesterday.

The probe + the bridge automate the work that doesn’t need human judgment. Some things still need the human:

• **Don’t auto-classify what the footage shows.** Cameras don’t see motive. The platform surfaces the clip; the manager judges what happened.
• **Don’t auto-discipline.** A flagged transaction is a flag, not a finding. Manager reviews + decides. Per the v0.38 manager-write-up guide: documented response is the goal.
• **Don’t auto-share with regulators.** WSLCB asks → operator pulls + sends. Auto-sharing footage opens a privacy + chain-of-custody can of worms.
• **Don’t auto-delete past retention threshold.** Some incidents need longer retention than the rule (open arbitration, ongoing investigation). The platform should flag these and refuse the rolling-delete until cleared.

• **WAC 314-55-082 specifics** — minimum 45-day retention for retail (some sources cite 30 days; the safer interpretation is 45 days post-2025 LCB clarification). Confirm with your LCB liaison; document the answer.
• **Pickup-zone surveillance** — the pickup area for online orders has to be on camera. WSLCB has been explicit about this in 2026 inspection findings. The platform should know which physical zone is the pickup spot + ensure camera coverage.
• **Manager-PIN override audit-trail** — overrides should write the manager id + reason + timestamp into the audit_log AND link to the camera footage at the override moment. Inspector asks “why did you override on March 5 at 9:42pm” → 30-second answer with clip.
• **Sale-to-minor incidents** — if a budtender attempts to sell to someone with an obviously-fake ID, the platform’s gate refuses the sale + writes an incident. Footage at the moment of the attempt = the operator’s defense if WSLCB asks. Without it, the sale-to-minor allegation is harder to defend.
• **Per-store retention windows** — each store gets its own DVR. Don’t share a probe across stores; each store’s compliance officer needs their own surface.

Concretely: a spreadsheet that documents retention windows per camera + a manager who manually scrubs DVR footage when something flags. The platform takes those routines off the team’s plate; the team handles judgment + customer-facing follow-up.