Send a report with the outmost confidentiality.

WHISTLEBLOWING FAQ

1. WHAT IS WHISTLEBLOWING, AND WHO IS A WHISTLEBLOWER?

Whistleblowing is a tool that allows employees or third parties (for example, suppliers) to confidentially report any wrongdoing detected during their work activity.

A whistleblower is a person who identifies an offence or irregularity in the workplace, in the course of his or her duties, and decides to report it to the company or relevant body to resolve the issue.

The whistleblower is protected by law. For further information, read the “Whistleblowing Regulation”, available on the Internet. Useful links are available on this page.

2. HOW CAN I SUBMIT A REPORT?

Through the reporting system “Segnalazioni.net”, UPMC Italy, ISMETT and SMIH (hereinafter referred to individually as the “Company”) provide two ways of reporting:

  • Registered user: the whistleblower creates an account to access the system with a username and password (chosen by the whistleblower). In this case, the whistleblower’s identity is available to the Supervisory Body of the Company receiving the report, but it remains separate from the report and is hidden.
  • Non-registered user: the whistleblower creates a reporting request and accesses using a code generated by the system. In this case, the whistleblower is responsible for keeping the code and password safe (in the event of loss, he or she will no longer have access to his or her report). In addition, it is advisable not to mention references that could allow to trace the identity of the whistleblower. In particular, any attached files should not contain references to personal identity, also within the metadata. If requested by the Supervisory Body receiving the report, the whistleblower may subsequently communicate his/her identity via the message area.

3. WHO MANAGES MY REPORT, AND HOW IS IT MANAGED?

The report is managed by the Supervisory Body of the Company receiving the report. Further details are available in the Whistleblowing Policy.

HOW CAN I MONITOR THE PROGRESS OF MY REPORT?

If the whistleblower is a registered user or has provided an e-mail address as a non-registered user, he or she will receive an e-mail notification if the Supervisory Body requires further information or clarification on the report. If the whistleblower does not receive notifications, he or she should check the spam folder. Whistleblowers should periodically access their reports in the system to check if there are any requests or to consult the processing status. For confidentiality reasons, business email addresses should not be used.

4. HOW CAN I INTEGRATE MY REPORT?

After sending the report, the whistleblower can integrate it, accessing the report and entering a communication in the "Messages" section.

5. WHAT TYPE OF FACTS OR BEHAVIOURS CAN I REPORT?

There is no exhaustive list of offences or irregularities that can be the subject of whistleblowing. Reports concerning conduct offences or irregularities to the detriment of the public interest are considered relevant.

Whistleblowing does not cover personal complaints from the person reporting, which are usually managed according to other policies.

The reporting form includes a list of topics that can be selected by the whistleblower. Further details are available in the Whistleblowing Policy.

6. WHO CAN VISUALISE MY IDENTITY?

The whistleblower’s report and identity are confidential; for this reason, they are hidden by the software. Access to the whistleblower’s identity shall be granted only to the Supervisory Body of the Company receiving the report through a safety procedure that records access to the identity and the rationale. In the event that the Supervisory Body of the Company receiving the report views the whistleblower’s identity, the latter will be notified by the system. The system does not use log systems to identify the person issuing the report.