Legal and compliance violations: Problems for every company
A Post-it on a monitor with a password, an expensive wine from a business partner, an apprentice who has to operate a heavy machine in his first week, or social injustices among colleagues. Violations of legal regulations or compliance requirements are manifold and are rarely brought to the attention of management or company executives.
What good are the best compliance guidelines if a breach goes undetected? The reasons for this behavior are just as varied as the types of violations themselves. First and foremost, employees are often afraid of the consequences, true to the motto "Shooting the Messenger". They therefore often prefer not to inform those responsible.
In order to counteract this situation and provide companies with new opportunities to improve these conditions, the EU has once again taken action with a uniform regulation.
Whistleblower system
With Directive (EU) 2019/1937 - on the protection of persons who report breaches of Union law, commonly known as the Whistleblower Directive - the legislator is making new demands on companies above a certain number of employees.
Requirement of the directive
Companies with 50 or more employees must implement a system that enables employees to report incidents to the employer anonymously. The fact that employees can enter into dialog with the employer anonymously is the most important requirement of the directive and is at its heart.
Benefits and synergies in the standardized management tool HITGuard
We support you, as an affected company, in the structured recording and processing of incoming notifications, compliance with deadlines and workflow-based processing. Involve knowledge carriers and task addressees in the guideline-compliant processing and documented recording of these activities.
Configure your whistleblowing system according to your requirements by defining key topics, such as IS incidents, data protection breaches, compliance violations or occupational health and safety issues, which can be selected by the whistleblower. The report can then be processed quickly by the right person responsible.
Define deadlines for dealing with the incident in good time and specify who is responsible and who should deal with the incident. To ensure that a deadline is not overlooked, you can also define reminders for a deadline that remind those responsible of the processing.
To ensure that communication does not end after a one-sided report because it has been received anonymously, the reporter can set up an anonymous mailbox. This allows queries from the processor to be clarified, the reporter can provide additional information about the report and can be informed about the progress of processing - without ever having to give a name.
HITGuard supports you in the structured, documented and timely processing of incoming reports without overlooking expiring deadlines. With HITGuard and the whistleblower system, you enable your employees to uncover compliance violations, which you can then respond to quickly so that any damage or penalties can be avoided.
If you are planning to introduce a whistleblower system in accordance with the Whistleblower Directive,
then use our integrated case management.
Request a non-binding demo now
Find out what the GRC software HITGuard can do for you
Learn more about other modules of HITGuard!
Where, among other things, HITGuard is already proving its worth
Construction industry
approx. 20,000 employees
Auditor
approx. 700 employees
Health service
approx. 18,000 employees
IT Security Solutions
approx. 100 employees
IT Security Solutions
approx. 100 employees
Software House
approx. 400 employees
Event Management
approx. 500 employees
Hospital Operators
approx. 1,600 employees
approx. 6,000 employees
IT Service Providers
approx. 40 employees
Is your industry not listed? Do you need more information? We would be happy to put together individual reference examples for you – please contact us.