Sometimes people see something at work that doesn't seem right, whether it’s something illegal, unethical, or otherwise. Our Whistleblower tool was built to allow Workers to anonymously report any inappropriate conduct. While we encourage Workers to bring issues they may have to their teams in the best way, sometimes there need to be reporting paths that protect the Worker if they fear retaliation or reprisal for reporting something they've experienced or seen.
This tool will always maintain anonymity of the sender, as well as have robust tracking tools including: having a selectable list of possible recipients, file attachment, private commenting, categorization, and related policies violated.
To get started, select the Whistleblower icon from the Admin Dashboard.
At the top of the window, you'll see four tabs, including Submissions, Possible Recipients, Permissions, and Settings.
Your first move should be opening your Permissions tab and adjusting the Permissions for the component.
As with all components, you will be able to adjust the Worker Default, the Admin Default, and the Custom Permissions from this tab.
For your Workers and Admins to be able to utilize the Whistleblower component from the Worker dash, you'll need to include the View permission.
For your Admins to be able to Administer Whistleblower, they'll need the View and Update permissions.
If any of your Positions have Custom Permissions, you'll need to click into the pencil icon and make those changes to each of those Positions.
Next, you'll want to set up your Possible Recipients. As this tool maintains anonymity, this step is necessary to ensure that a reported breach is delivered to the right person in the company.
From this tab, select Add Recipients.
This will bring up a list of people in your company. You can search a name here or scroll through to find it. Hovering over the Info column will show you the position, location, and permission of the person listed. You can check off the box under "Selected" and then click Add Selected to add these contacts to your recipients list.
Note: We recommend adding more than one possible recipient to this list, in case the person who is listed as your sole recipient is the subject of a policy breach.
Once added, you will be able to toggle them on or off as an active recipient. If you've added a recipient that does not have admin permissions, you will see an alert icon to indicate this.
In the Settings tab, you will see the options to Disable/Enable the component and a setting to Allow SMS Alerts.
If the Allow SMS Alerts setting is set to yes, the recipients will receive a text alert of the submission to the cell phone number listed in their profile. This message will not contain any details of the report itself, it is simply a notification that a report has been made, and the recipient must log in to Workhub to access it.
For reports which you may be the recipient of, you will be able to click on it from the list of submissions to view the submission details. When you first open the submission, it will show the status as New.
From here, you can set a priority and update the status of the submission. You can add a priority level, change the related policy, add additional attachments, and see if it has been viewed by other recipients. You can also add or reply to comments with other recipients. Don't forget to hit Save!
If there are submissions from Workers within the Whistleblower component, you will see a red message on the Admin dashboard component.
Any Admin with Whistleblower permissions will be able to view submissions in the list. However, none of these submissions will be clickable unless you have been selected as a recipient for that particular report. If an admin was not chosen as the recipient for the report, they will see a lock icon and they will not be able to view any details of the report.
We have gone to extra lengths to ensure that this tool is completely anonymous, therefore if an Admin was not chosen as a recipient of the report, they will not see the submission in the list right away. Instead, it will appear at random within 2-14 days of submission. This adds an extra layer of security to ensure that this information is protected.