Reports submitted by whistleblowers to responsible caseworkers at your company may contain sensitive information. Therefore, hintcatcher uses end-to-end encryption to protect this data between whistleblowers and case workers, so that only whistleblowers and case workers have access to the plain text of the reports.
With end-to-end encryption, as used by hintcatcher, the data between the communication partners (on the one hand the whistleblowers, on the other hand the case workers of your company) are encrypted in such a way that the plain text of the hint data can only be decrypted and viewed by these communication partners. As the provider of the hintcatcher whistleblower system software, it is not possible for us to decrypt and thus access the plain text of your reports.
Further general information on the principle of end-to-end encryption can be found in this article.
At hintcatcher, we attach great importance to an intuitive, easy-to-use whistleblower system. Processing hints with hintcatcher is not made more complicated for the whistleblower or for you as the case worker due to the end-to-end encryption used. The whistleblower system hintcatcher carries out the encryption and decryption transparently in the background, so that in most cases you don’t notice anything.
It is important, however, to protect your case worker credentials from loss since access to your cases will no longer be possible without your credentials. Further information on this is described in the following section.
The end-to-end encryption of the hint data ensures that only the respective whistleblower and the case workers in your company have access to the plain text of the reports.
Additional case workers that are added to your hintcatcher system via the user management can only decrypt, view, and work with hints that are submitted to your hintcatcher system after the case worker was added. Reports that already exist at the time a case worker joins are displayed with a lock icon and cannot be opened by that case worker. If this case worker should gain access to existing reports, the case access for the new case worker can be renewed by an administrative case worker who has access to and can decrypt all cases in the system. You can find instructions on how to do this further down on this page.
Access to the plain text of the reports is not possible for us as the provider of the hintcatcher whistleblower system software. Since in the event of a password loss by a case worker, access to your reports cannot be restored by us as the provider due to the end-to-end encryption used, it is important that you as the case worker reliably protect your hintcatcher system credentials and don’t lose your password.
In addition, we recommend adding at least two people as administrative caseworkers to your hintcatcher system via the user management. This allows the additional administrator caseworker to still access the reports in the system if the first caseworker’s password is lost and, after the first caseworker’s password has been reset (via the “Forgot password” functionality), to restore case access for this caseworker.
The function to refresh the case access for another case worker_ is intended for the following cases:
After the case access has been refreshed for the case worker, he can access the corresponding cases (again).
The end-to-end encryption used protects your report data from unauthorized access. To be prepared for cases such as a lost password of a caseworker, we recommend setting up a second administrator caseworker in your hintcatcher system.