Chances are, every organisation in Poland with employees is now familiar with the term “whistleblowers”. We have been aware for quite some time that Poland was required to implement the EU Directive by December 17, 2021; however, we still do not know the final version of the Act.Rafał Wyziński, partner
Therefore, employers need to prepare their organisations now for the changes to come. It’s better to take action right away rather than wait for the Act to be passed, as this can prove to be a big challenge for organisations.
Know your responsibilitie
How can you prepare your company to implement the rules of the Directive? What responsibilities do you need to bear in mind? What is the responsibility of the management board versus the HR departments? Where do you place the issue of whistleblowers within your organisation?
- Training for the management board;
- Training for HR departments.
It will be vital for each and every organisation to decide whether and how it regulates the measures it takes as regards whistleblowers who report irregularities in the field of labour law, such as harassment or discrimination. This, however, will not be the only important aspect. The new legislation establishes a number of prohibitions on measures to be taken with whistleblowers. It imposes severe restrictions on employer’s as regards not only dismissing such a person, but even simply modifying the conditions of their work.
The Directive indicates the importance of protecting the whistleblower’s data. It should be protected both in terms of record keeping and technology. And yet, there is more when it comes to our data protection obligations, since we also need to protect the data of individuals indicated in whistleblowers’ reports. This is where the many years of experience of the RK RODO team in the field of comprehensive data protection services for our clients will come in handy.
The legislator intended for the obligations concerning whistleblowers to be borne, for example, by employers involved in anti-money laundering (AML) and anti-terrorist financing activity. RK Legal has experience in this regard and offers parallel support to employers in the area of the compliance of their businesses with applicable AML regulations.
The Directive clearly defines what a reporting tool should look like. Most importantly, it needs to ensure confidentiality and anonymity and provide a secure channel for further communication with the whistleblower. The tool should be independent of the organisation, preferably being made available on external servers.
Our offer comprises a channel that meets all of the above requirements. What is more, it provides an intuitive user experience for both the whistleblower and administrators, while allowing for analysis of the data collected and viewing statistics. Moreover, it may be adapted to the internal procedures of a particular organisation.
Passing the messege to employees
An inherent part of a “whistleblower project” in every company is an awareness campaign. In order for the initiative to be clearly understood, employees need to be aware that the project constitutes a response to EU and government regulations rather than being an initiative of the organisation as such. It is also of importance to emphasise the data security and confidentiality aspects.
Report verification subscruption
We help companies identify the type and priority of reports. We suggest which ones you should address within a smaller group, and which ones should be dealt with using experts and dedicated tools.
Legal support in handling problematic reports
For reports that require the involvement of a legal team, we are able to support the company with a dedicated group of experts in various legal fields, such as labour law, commercial law, GDPR, AML, etc.