3. Understand the core service
Once you have come up with a list of potential providers, you’ll need to look more closely at the specific services on offer and the differences between them. The fastest way to do this will be to visit their website service pages.
What’s the difference?
Broadly speaking, all ‘whistleblowing hotlines’, ‘speak up hotlines’ and ‘ethics helplines’ serve the same purpose: to facilitate the sharing of sensitive disclosures between an individual (usually an employee) and an organisation.
However, once you begin to delve into the detail you will find a number of important differences between vendors that will influence the success of your programme. These will relate to things like:
- Reporting Channels (and how they’re managed)
- Approach
- Process
- Security and Data Privacy
- Technology
- Additional (or complementary) services
Reporting Channels
Ask about the reporting channels offered by each vendor, and look for specifics about how they are administered. For instance, “telephone reporting” could mean voice messaging, live call handling in only one language, multilingual live call handling – or a combination of these.
Also try to discover whether their intake channels will be dedicated only to your organisation, or shared between customers (e.g. one phone number shared among all customers, or a generic web reporting form). Shared channels can pose a data privacy risk and require deeper investigation.
Approach
Look for clues about how the provider approaches the reporting process, and consider whether it matches your requirements.
For instance, your overriding goal may be to give your employees confidence and reassurance about speaking up. If it is, you might prioritise providers with a range of reporting options, anonymous reporting processes and channels that are dedicated specifically to your organisation.
Process
The providers’ standard processes are also likely to differ slightly – both in the way reports are captured and processed, and in how they are shared with your organisation. Look for details on both of these points.
You may also find that some providers will allow you to tailor elements of these processes, while others will follow a more rigid procedure.
Security and Data Privacy
Recognised certifications can provide reassurance about the security of a vendor’s solution, but check specifically what they relate to (is it the company, a process, or a piece of software that meets the standard, for example?)
Find out how we protect data »
Be sure to find out how (and where) your data will processed and stored, and that this complies with the laws and regulations to which you are subject (e.g. GDPR).
Technology
The technology behind the reporting process and incident management software services will differ between providers. Try to discover whether technology offers the key features you require, appropriate security controls and ease of use.
You will be able to take a closer look at the systems on offer by requesting a demonstration from the provider.
Additional Services
In addition to a whistleblowing hotline solution, most providers offer other complementary services, such as online employee training, case management software, or policy and procedure management.
This can be useful in the medium to long-term – especially if your hotline programme is an first step in the development of a more comprehensive risk and compliance programme.