The EU Whistleblower Directive came into force on 16 December 2019. With the directive, the EU wants to set uniform standards for better protection of whistleblowers. The directive sets the European framework, which must then be transposed into the national law of the member states. The deadline for this is 17 December 2021.
In Germany, the implementation is to take place via the so-called Whistleblower Protection Act (HinSchG). However, this has not yet been passed.
Regardless of the national design, however, the following applies:
- According to the Directive, Member States must ensure that legal persons in the private and public sectors establish channels and procedures for internal reporting and follow-up.
- Reporting channels must be designed, established and operated in a secure manner that preserves the confidentiality of the identity of the whistleblower and third parties mentioned in the report and prevents unauthorised employees from accessing them. access to them. This is a key element.
- The reporting channels must allow for reporting in written (e-mail. letter etc.) or oral (telephone or meeting) form, or both. Certain deadlines and responses must be adhered to.
But it is confidentiality that poses challenges for internal solutions. Therefore, it is advisable to set up an IT-supported whistleblowing system or to have an ombudsperson receive the whistleblowing. This person can also be the external data protection officer.
We can offer you both solutions. Feel free to contact us in this way and get in touch.