European Data Protection Digest

Analysis: Whistleblowing Systems Uncovered


January 20, 2012

International Law Office analyses the legal requirements surrounding whistleblowing systems in Sweden. In addition to requiring that employers process reported information using data protection rules, instances of criminal offences generally need to be processed by Swedish authorities. However, the exception to the rule is when management is involved in criminal activities. In such cases, the employer does not need to provide the employee with prior authorisation when processing personal data. The report outlines additional rules that employers must observe after an instance of wrongdoing is reported in the workplace, including employee notification obligations, sensitive personal data restrictions, third-party data transfers and information storage. (Registration may be required to access this story.)
Full Story