Here at WhistleB, we started readying our whistleblowing system to be fully compliant with the new EU regulations some six years ago. From the beginning, Karin and I were fully behind this move to more secure management of personal data as we knew that this one principle, above all others, is fundamental to the proper working of an organisational whistleblowing system. Top security in whistleblowing systems is what we thought lacked in the systems we came across in our former roles, and it is one of the reasons why we started WhistleB.
At the end of the day it’s all about trust. A whistleblower needs to trust that they can remain anonymous as many people fear repercussions from blowing the whistle on misconduct. An organisation needs to trust that their system protects everybody’s integrity, and therefore, that they have full control over who has access to information in the system. Trust, integrity, protection… these are the values that the GDPR seeks to reinforce and they are so important for any whistleblowing service.
So, instead of seeing the arrival of the GDPR as a cumbersome compliance matter, Karin and I decided to make it into a competitive advantage for our product, and thereby our customers.
So what have we done?
- We have chosen the most secure cloud platform on which to run our service, Microsoft Azure.
- We have a close working relationship with TrueSec, Sweden’s leading company in the field of cyber security and secure application development.
- We developed the tool to support our users to do right and comply with GDPR.
- We have completed an analysis of GDPR compliance by leading consultancy ROTE Consulting, project team including former Head of Swedish Data Protection Agency.
And by the way, we’re not stopping with GDPR. We follow IT security development constantly and have made it our mission to always provide market-leading IT security in our service.