Legal, News

Polish DPA on Compliance with the Whistleblower Protection Act


Polish flag with text “Polish DPA provides guidance on Whistleblower Protection Act”

On August 7, the President of the Polish Data Protection Authority (UODO), together with other members of the Authority and external experts, organized a seminar to support companies in the implementation in their business processes. The main points of discussion are summarized here:

Expanding the definition of a Whistleblower

During the seminar, it was clarified that the identity of a whistleblower is not limited to their first and last name. Identity also includes all data that can indirectly identify the whistleblower, such as their place of work.

Types of reports that can be submitted

Questions have been raised about the form in which reports can be submitted and whether verbal methods of communication such as telephone calls, although controversial, are acceptable. However, it is important that whistleblowers can be sure that their identity will not be compromised, regardless of the type of report.

More clarity on the retention period for personal data

The seminar also looked at clear procedures for data retention, as the Whistleblower Protection Act brings ambiguity in this area. The retention period calculated for each breach report can vary depending on the breach reported, making it difficult for companies to implement consistent processes.

What you can do now

If your company operates in the EU Member States and employs more than 50 people, you are required to set up a secure and confidential whistleblowing channel.

consentmanager ’s whistleblower software offers you comprehensive support in complying with the EU Whistleblower Directive, including:

  • Secure and anonymous storage of messages
  • Management of incoming messages
  • Establishment of secure reporting channels

Click here to visit our dedicated page, and get started.


more comments

News

Newsletter 12/2024

New plugins for many CMS / shop systems With the latest update, we have taken a look at the plugins for the various CMS and shop systems and completely revamped them. In particular, we looked at how we can make onboarding to the plugins easier for clients: For example, instead of manually copying the code […]
Barrierefreiheit in Deutschland - consentmanager
Legal

Digital Accessibility in Germany: Requirements for Websites and Apps

Digital accessibility has already been introduced in Germany through regulations such as the Accessibility in Information Technology Ordinance 2.0 (BITV 2.0) and the Act on Equal Opportunities of Persons with Disabilities (BGG). Federal agencies, in particular, were obliged to make their websites and apps accessible to all users. The introduction of the Accessibility Reinforcement Act […]