Both the provisions of the European Union directive and the Polish act on the protection of Whistleblowers contain specific guidelines on how to report irregularities by people who witness violations occurring in organizations. Before the directive came into force, employees could communicate the breaches they had observed by phone or e-mail. Currently, regulations force employers to provide safer channels to signal problems.
The new draft act on the protection of Whistleblowers presented in April 2022 by the Ministry of Family and Social Policy defines in detail internal reports. Employers subject to the provisions of the directive are responsible for creating and ensuring that employees can report irregularities through an internal channel. Moreover, they must establish internal reporting rules that define the methods of reporting, receiving, and managing tickets. Pursuant to the Act, the created set of guidelines should enter into force after 2 weeks from the date on which it was presented to all employees. Employers are obliged to ensure that Whistleblowers protect the confidentiality of their identity in such a way that they cannot be identified by others.
It is also important that the internal channel is the first step in signaling problems in the workplace. The new draft act on the protection of Whistleblowers mentions the method of reporting internal breaches and is to be only an electronic channel.
One of the most popular and used communication channels is e-mail. An e-mail account is cheap, easily accessible, and not requiring specialist knowledge way to contact both inside the company and external customers. Unfortunately, this solution has several significant drawbacks and, most importantly, does not meet the guidelines of the Whistleblower Protection Directive.
First of all, it is worth noting the low level of security of correspondence exchanged via e-mail. E-mail accounts are much more prone to hacking and do not make it easier to control the actual access to them. What's more, you never know if a person will at some point delete a piece of correspondence containing important files or documents. Another issue concerns the protection of the confidentiality of the identity of correspondents, which in principle does not exist in the case of communication by e-mail, because all information about the sender is contained in the metadata of the e-mail header, which is unacceptable in the context of the provisions on Whistleblower protection. In this case, Whistleblowers are also uncertain in which country or even in Europe the e-mail server is located.
In the case of telephone communication, the situation is similar. In this day and age of very advanced technology, checking whom a given phone number belongs to is not a problem. Whistleblowers are also uncertain as to the issue of recording the conversation and whether the transmitted, relevant information will not be heard by outsiders. In this case, there are also risks of misinterpretation or misinterpretation of words.
Contrary to e-mail and telephone communication, the IT system is safe, tested, and compliant with the requirements of the Whistleblower protection directive a tool for handling reports. Access to all information regarding the reported case is properly secured and made available only to persons authorized to verify it. Whistleblower is this type of software that meets all the legal requirements of the directive and guarantees the protection of the confidentiality of the identity of persons reporting irregularities.