Whistleblowing Policy
Legislative Decree No. 24 of 10 March 2023, implementing EU Directive 2019/1937 of the European Parliament and of the Council of 23 October 2019, has introduced new provisions for the protection of individuals who report violations of European Union law and national regulations.
The primary rationale for adopting this legislation was not only to consolidate all regulations regarding reporting channels into a single legal document but also, and more importantly, to establish protective measures for people working for public or private organizations reporting crimes or irregularities they encounter during their work activity (commonly known as whistleblowers).
A whistleblower is an individual who reports information about breaches he or she has become aware of within his or her workplace. This includes government employees, private sector workers, self-employed individuals, professionals, consultants working with public or private entities, persons in administrative, management, control, supervision, or representative roles, volunteers, trainees (whether paid or unpaid), and all other individuals covered under Legislative Decree 24/2023; protection extends to them during probation periods and both before and after establishing an employment or other legal relationship.
Whistleblowing is the procedure available to a worker to report any illegal conduct he or she finds in the course of his or her work.
According to the new framework and related ANAC guidelines and the positive opinion expressed by the Regulatory Authority for Privacy ("Garante"), the procedures for whistleblowing must have specific characteristics. Specifically, they should "include the use of electronic methods and encourage the use of encryption tools to guarantee the confidentiality of the whistleblower's identity, as well as the content of the alerts and associated documentation."
To meet these regulatory requirements, UPMC Italy and its subsidiary (Istituto Mediterraneo per i Trapianti e Terapie ad Alta Specializzazione - ISMETT) or owned companies (Salvator Mundi International Hospital - SMIH) and the divisions created in Italy as part of the UPMC Hillman Cancer Center network (i.e. San Pietro FBF and Villa Maria) have implemented a dedicated IT platform as an internal reporting channel, considered essential to provide employees with a secure and user-friendly tool for reporting.
The characteristics of this new whistleblowing method are as follows:
- reports are submitted completing a questionnaire and can be submitted anonymously. If submitted anonymously, it will be processed only if sufficiently substantiated;
- the report is received and managed by the Supervisory Body, which maintains strict confidentiality of the whistleblower;
- when the report is submitted, the whistleblower receives an alphanumeric code that he or she must retain to access the report. This code also allows the whistleblower to review the Supervisory Body's response and request clarifications or additional information.
- the report can be submitted from any digital device (PC, tablet, smartphone), whether from within the company premises or externally. Anonymity is guaranteed under all circumstances.
Behaviors, acts, or omissions that harm the public interest or the integrity of the company are reported. For this purpose, these shall detect:
- administrative, accounting, civil, or criminal offenses;
- retaliatory measures taken against the whistleblower.
The following may NOT be reported: disputes, claims, or requests related to personal interests of the whistleblower or complaints lodged with judicial or accounting authorities solely pertaining to individual employment relationships or relations with higher ranking staff members.
Reports can be submitted via the website upmc.segnalazioni.net.