Chance Jackson and Brandon Kent, two victims of a school shooting in Martinsville, Indiana, can sue the Metropolitan School District of Martinsville for not doing enough to prevent the March 25, 2011, shooting, WBIW reports.

A panel of judges released its decision Monday to reaffirm a lower court’s decision to allow the families of the two injured boys to sue the district. The families argue that the district knew the gunman, Michael Phelps, was a threat and should have taken more precautions. Jackson’s attorney, Ian Thompson, says that the school’s security plan was carried out poorly in light of the known danger.

The lawsuit alleges that at the time of the shooting, Phelps was not supposed to be on school property, and that the school knew or should have known that he posed a threat to the safety of other students.

Tony Overholt, the attorney for the school district, says anyone can say the school should have done more, adding that governmental agencies are immune from this sort of accusation according to the state legislature, the article says.

Phelps, who was 15 at the time of the shooting, was convicted of attempted murder and sentenced to 30 years in prison.