After the first year of the new external whistleblower scheme, it is clear that it is being used – but not for everything it can actually be used for. Two out of three reports concern data protection, which is why the scheme is now changing its name.
On 17 December 2021, a new whistleblower scheme entered into force. The scheme can be used to report various breaches of EU law, serious breaches of the law and other serious matters that you have become aware of through your work. The scheme is established in the Data Protection Authority, but functions independently from the rest of the supervision and covers many other violations than the GDPR.
A report on the activities of the first year (17 December 2021 – 31 December 2022) has now been published. During this period, the whistleblower scheme received 116 reports, and in 30 of these cases there were grounds to pass them on to relevant supervisory authorities for further follow-up.
New name to shift focus from GDPR
66% of the cases dealt with data protection.
“The figures from the first year show that many people associate the scheme with data protection – probably because the whistleblower scheme is located in the Danish Data Protection Authority. But GDPR is just one of many matters that you can report to the whistleblower scheme,” says head of the scheme Karina Kok Sanderhoff and continues:
“Therefore, we are now changing our name to The National Whistleblower Scheme. The new name should signal that the scheme has a wide scope of application and can be used to report on all matters covered by the Whistleblower Act – not just GDPR.”