At the end of the day it’s all about trust. A whistleblower needs to trust that they can remain anonymous as many people fear repercussions from blowing the whistle on misconduct. An organisation needs to trust that their system protects everybody’s integrity, and therefore, that they have full control over who has access to information in the system. Trust, integrity, protection… these are the values that the GDPR seeks to reinforce and they are so important for any whistleblowing service.
So, instead of seeing the arrival of the GDPR as a cumbersome compliance matter, Karin and I decided to make it into a competitive advantage for our product, and thereby our customers.
So what have we done?
- We have chosen the most secure cloud platform on which to run our service, Microsoft Azure.
- We have a close working relationship with TrueSec, Sweden’s leading company in the field of cyber security and secure application development.
- We developed the tool to support our users to do right and comply with GDPR.
- We have completed an analysis of GDPR compliance by leading consultancy ROTE Consulting, project team including former Head of Swedish Data Protection Agency.
And by the way, we’re not stopping with GDPR. We follow IT security development constantly and have made it our mission to always provide market-leading IT security in our service.