hintcatcher Knowledgebase

Information on the end-to-end encryption of the hint data

Further information and notes on end-to-end encryption of the hint data and the effects on your work with hintcatcher

Reports submitted by whistleblowers to responsible caseworkers at your company may contain sensitive information. Therefore, hintcatcher uses end-to-end encryption to protect this data between whistleblowers and case workers, so that only whistleblowers and case workers have access to the plain text of the reports.

What does “real” end-to-end encryption mean?

With end-to-end encryption, as used by hintcatcher, the data between the communication partners (on the one hand the whistleblowers, on the other hand the case workers of your company) are encrypted in such a way that the plain text of the hint data can only be decrypted and viewed by these communication partners. As the provider of the hintcatcher whistleblower system software, it is not possible for us to decrypt and thus access the plain text of your reports.

Further general information on the principle of end-to-end encryption can be found in this article.

Does end-to-end encryption make working with hintcatcher more difficult?

At hintcatcher, we attach great importance to an intuitive, easy-to-use whistleblower system. Processing hints with hintcatcher is not made more complicated for the whistleblower or for you as the case worker due to the end-to-end encryption used. The whistleblower system hintcatcher carries out the encryption and decryption transparently in the background, so that in most cases you don’t notice anything.

It is important, however, to protect your case worker credentials from loss since access to your cases will no longer be possible without your credentials. Further information on this is described in the following section.

What other effects does end-to-end encryption have with hintcatcher and what should be considered?

The end-to-end encryption of the hint data ensures that only the respective whistleblower and the case workers in your company have access to the plain text of the reports.

Additional case workers that are added to your hintcatcher system via the user management can only decrypt, view, and work with hints that are submitted to your hintcatcher system after the case worker was added. Reports that already exist at the time a case worker joins are displayed with a lock icon and cannot be opened by that case worker. If this case worker should gain access to existing reports, the case access for the new case worker can be renewed by an administrative case worker who has access to and can decrypt all cases in the system. You can find instructions on how to do this further down on this page.

Access to the plain text of the reports is not possible for us as the provider of the hintcatcher whistleblower system software. Since in the event of a password loss by a case worker, access to your reports cannot be restored by us as the provider due to the end-to-end encryption used, it is important that you as the case worker reliably protect your hintcatcher system credentials and don’t lose your password.

In addition, we recommend adding at least two people as administrative caseworkers to your hintcatcher system via the user management. This allows the additional administrator caseworker to still access the reports in the system if the first caseworker’s password is lost and, after the first caseworker’s password has been reset (via the “Forgot password” functionality), to restore case access for this caseworker.

Refresh case access for a case worker

The function to refresh the case access for another case worker_ is intended for the following cases:

  • After receiving hints, you add another case worker to your system via the user management and want to give this case worker access to the existing cases in the system.
  • One of your caseworkers has lost their password and is resetting their password using the “Forgot Password” feature, causing the caseworker to lose access to all cases in your system. You now want to give this case worker access to the existing cases in your system again.

Prerequisites for using this feature

  • You are an administrator caseworker in your hintcatcher system
  • You have access to all cases in your hintcatcher system. Note: If you do not have access to (some) cases in your system, you will not be able to refresh / restore access to those cases. As the provider of the hintcatcher whistleblower system, we are unable to refresh / restore access to cases due to the end-to-end encryption described above.
  • The other case worker whose case access is to be refreshed is a member of your hintcatcher system

Refresh case access

  1. In case management, switch to the Settings page
  2. You will see an overview of all current users in the system Overview of all users in your hintcatcher system
  3. Open the dropdown menu of the user whose case access you want to refresh User dropdown menu
  4. Choose Refresh case access
  5. Follow the on-screen instructions to refresh the user’s case access

After the case access has been refreshed for the case worker, he can access the corresponding cases (again).

Summary

The end-to-end encryption used protects your report data from unauthorized access. To be prepared for cases such as a lost password of a caseworker, we recommend setting up a second administrator caseworker in your hintcatcher system.

Do you have further questions and need technical support?

Contact us