Secure and centralised Whistleblow system

Granite Whistleblow

ISO 27001 and GDPR-compliant, secure and user-friendly whistleblowing channel that meets the requirements of the EU directive.

EU Whistleblowing Directive — what is it about?

The EU Whistleblowing Directive is intended to ensure that whistleblowers who detect breaches of EU law in their work can report them without being subject to negative measures. The Directive requires acknowledgement of receipt and feedback to be given within a specified time limit.

What does the Whistleblowing Directive require?

The EU Whistleblowing Directive obliges the creation of a whistleblowing channel in which the whistleblower’s identity is protected. All reports of suspicions of misdemeanours must be recorded and processed professionally, and an acknowledgement of receipt must be given to the person submitting the report within seven days of receiving the report. A whistleblower must be given feedback on the handling of the report within three months.

Granite Whistleblow features

Receive whistleblower reports
Document the investigation and tasks
Meet the requirements of the Directive and legislation

With the Granite Whistleblow reporting tool, reports can be made anonymously via the channel or by the organisation’s own investigation or audit. Process the reports in a timely manner and conduct the investigation with high-quality documentation. The whistleblower receives a link and a PIN code to have an anonymous conversation with the processor. IP addresses are not stored in the Granite environment.

Secure and regularly audited service

A comprehensive data protection impact assessment (DPIA) has been carried out on Granite’s Whistleblow channel. The information security of Granite’s technical platform is audited comprehensively once every 12 months by an external expert
The data of all services is located in Finland in an ISO27001-certified data centre. The backups are located in another data centre in Finland
All data traffic between the user and the service is encrypted. The data on the servers is encrypted
No logs are created for activities performed by anonymous whistleblowers
Investigators’ and administrators’ actions, on the other hand, are recorded in detail, and there is an automatic audit trail for them, making it easy to check the activities performed by the users

Automate management measures and reporting

Granite’s Whistleblow channel also includes a comprehensive investigation and processing process. The investigation process guides the investigator to take into account the requirements of the Directive and GDPR with regard to deadlines and the processing of personal data, among other things
Our product automatically gives alerts of new reports and situations in which an investigation is not started fast enough
Granite Whistleblow also includes an anonymous real-time chat function between the whistleblower and the investigator. This makes it possible to request additional information and inform the whistleblower, even in completely anonymous notifications

Do you need a whistleblowing channel?

Granite tools are priced according to the customer’s needs

Request a quote

7 myths about whistleblowing

The EU’s new Whistleblower Directive has sparked a lot of discussion in both public and private sector organizations. This is understandable, and of course a

What on earth is Whistleblowing Directive?

Whistleblowing solution Granite Whistleblow is a service, which enables organizations to provide a channel that protects the whistleblower’s identity, i.e. a whistleblowing channel for exposing

The EU Whistleblowing Directive is coming, are you ready?

What is whistleblowing? It means that if a person notices or suspects abuse in the organization, he can, so to speak, report it by “blowing

Easy to use. Good reporting features. Well-structured templates.

Pauli S, Enterprise Architect, Government Administration