What functions should a whistleblower system have?

The EU Whistleblower Directive specifies both technical and organizational requirements for a digital whistleblower system at various points. Due to the digital structures and the numerous functions of these whistleblower systems, there are also significant advantages over conventional communication methods, such as e-mail, telephone or a mailbox. We will show you the most important functions of a whistleblowing system.

Comprehensive reporting functions for corporate stakeholders

A digital whistleblower system allows not only employees to report information about violations, but also suppliers or business partners. This is because the whistleblower system can be freely accessed via a website. This can be another factor of trust in a functioning compliance management system (CMS). Independently of this, our Hintbox technology makes it possible for only employees of a company to have access to the digital whistleblower system, if the company or the authority so wishes.

Anonymous dialogue

The inhibition threshold for employees or third parties to report violations with their identity is often very high. This can deter many whistleblowers from making reports. As a result, the company may not have the opportunity to initiate appropriate measures to prevent or minimize damage. The Hintbox also allows whistleblowers to submit reports anonymously, as required by the Whistleblower Protection Act. In addition, the case handlers can even communicate with the anonymous whistleblower. For example, they can ask for more specific information or additional documents. 

Security and confidentiality preservation 

Technical and organizational IT security to ensure confidentiality plays a crucial role in digital whistleblower systems. The EU Whistleblower Directive stipulates that reporting channels must be designed and operated in such a way that the confidentiality of the identity of the whistleblower and third parties mentioned in the report is maintained and unauthorized employees are denied access to them. Through modern encryption methods, secure 2-factor authentications and a limited number of authorized employees (clear and limited authorization concepts), these requirements are implemented in the Hintbox. 

Automatic deadline management functions

Hintbox's case management includes automatic deadline control. This means that the deadlines specified in the EU Whistleblower Directive can be met without any problems. The case handler is continuously informed about the time frame and deadlines so that he can implement appropriate measures in time. 

Case support functions with processing steps

The EU Whistleblower Directive not only requires companies with 50 or more employees to implement internal reporting channels, but also to establish procedures for follow-up. Such follow-up actions may include, for example, review of tips, internal investigations or inquiries. Using the case management functions of Hintbox, these processes for follow-up actions can be stored. The responsible compliance officer and any other persons involved can use this process documentation to process the cases in a structured manner. 

Compliance with data protection

In particular, digital whistleblowing systems such as Hintbox offer an effective option and necessary functions for implementing data protection law. The external container solution enables access by authorized persons only. This enables the actual implementation of data protection law authorization concepts. In addition, the data can be deleted from the Hintbox - after various security processes. This enables the implementation of data protection-related deletion concepts. 

User friendly usage option

Digital whistleblower systems should be designed to be user-friendly. This is the only way to ensure that such whistleblower systems are accepted with trust and thus offer added value for the company. In addition, it is important that whistleblowers are adequately informed about the legal and actual consequences of their whistleblowing before submitting a report. For example, companies can inform their whistleblowers in the Hintbox that they must have sufficient reason to believe that their tips are true.