When it comes to whistleblowing the trust of reporters is the key success factor. A company gains the trust by different actions, from secure intake of reports to fair decisions and remediation actions.
All messages should be kept confidential. The confidentiality is the best source of reporters protection and hotline promotion.
The company should:
- guarantee that all information will remain confidential and no-one except for designated investigation team and ethics committee will be informed about the existence of the report, the case or its details.
- train top managers, investigation team to keep confidentiality during investigation, interviews, document requests or reporting.
- establish responsibility for breaching the confidentiality
- establish controls over information assets which store confidential information.
The best way to keep reporters protected is let them stay anonymous. The anonymity is one of the ways to keep confidentiality.
The best way to keep reporters anonymous is to make sure that it will be impossible to trace them (by phone, by digital footprints, by voice, by metadata). This can be achieved engaging an independent third-party like Ethicontrol.
Third-party providers don't depend on the owners, management, security services and any other employees of a company. Ethicontrol's autonomy allows us to call things by their proper names and not deviate from the main task of our company - preservation of reporters anonymity and confidentiality.
The best way to protect whistleblowers for Ethicontrol is to know nothing about them not being technically to uncover, log or analyse. That is why as a part of Ethicontrol's "Zero-knowledge policy" we came up with the architecture of our system which separates physically reporters' portal from a case management system. The reporters portal does not collect any digital footprints and is script free, meeting that reporters can use identity blockage tools and still be able to use the whistleblowing tool.