Joe Murphy – Compliance & Ethics Professional – April 2015
Sometimes we accept things that make no sense. Consider how EU privacy regulations have been used to hinder employees calling to report corporate misconduct. How can they distinguish the following scenarios.
Three employees make calls to report the same incident of misconduct by their boss. One calls something labeled a “helpline”—part of a system committed to preventing and detecting misconduct. The system is supervised by a compliance officer responsible to the board of directors. It conforms to the best practice standards of the OECD Good Practice Guidance. But for this helpline call, there are strict privacy restrictions. Acceptable calls are limited to topics issued by the privacy regulator; nothing else can be accepted. This is so highly regulated that in the Iberian Peninsula, the poor worker calling the helpline cannot even call anonymously. Her call is refused if she is too afraid of retaliation to disclose her name. Throughout the EU, every part of the call process is tightly regulated under the banner of protecting privacy.
. . .