The Protected Disclosures Act 2014 makes provision for the protection of workers, from the taking of action against them, in respect of the making of certain disclosures. Any worker may make a protected disclosure where they believe they have information that tends to show one or more relevant wrongdoings, and such information came to their attention in connection with their employment.
The information below provides guidance on making a protected disclosure to the Health and Safety Authority.
The Protected Disclosures Act 2014 (Section 7(2)) Order 2014, (SI 339 of 2014) states that the Chief Executive Officer (CEO) of the Health and Safety Authority has been prescribed as a recipient of protected disclosures in relation to “All matters associated with legislation enforced by the Health and Safety Authority, and accreditation of laboratories, certification bodies and inspection bodies through the Irish National Accreditation Board within the Health and Safety Authority.”
3. The Protected Disclosures Act 2014
Under the Protected Disclosures Act 2014, a person, the discloser, is protected when they make a protected disclosure. In order to qualify for protection under the 2014 Act, the following conditions apply:
(i) The discloser must be a worker and the information must come to their attention in connection with their employment.
(ii) The information disclosed must tend to show one or more ‘relevant wrongdoings’. The full list of relevant wrongdoings is available in section 5(3) of the 2014 Act . There are also certain exceptions in section 5.
(iii) The discloser must have a reasonable belief that the information is substantially true and comes within the categories of matters for which the CEO of the HSA is a prescribed person.
(iv) The disclosure must be in the manner prescribed in section 6, 7, 8, 9 or 10 of the 2014 Act.
4. How to make a protected disclosure to the HSA
Protected disclosures may be made to the HSA by email, post, telephone or via a physical meeting at the following:
Health and Safety Authority, Metropolitan Building, James Joyce Street, Dublin 1, D01 KY08.
Email: CEO_Office@hsa.ie , indicating protected disclosure in the subject line
Ph: 0818 289 389
- While it is preferable that a protected disclosure be made in writing, it can also be made verbally
- All protected disclosures made to the HSA are communicated to the CEO
- Although we accept anonymous protected disclosures, the CEO may decide on a case-case basis as to whether these should be investigated or not
- Record keeping and data protection requirements are complied with throughout the process.
5. What to provide in a protected disclosure
When making a protected disclosure to the HSA, it is recommended to confirm the following:
- that the disclosure is being made as a protected disclosure
- the discloser’s name, position in the organisation, place of work and confidential contact details
- the date of the alleged wrongdoing (if known) or the date the alleged wrongdoing commenced or was identified
- whether or not the alleged wrongdoing is still ongoing
- whether the alleged wrongdoing has already been disclosed and if so, to whom, when, and what action was taken
- information in respect of the alleged wrongdoing (what is occurring/has occurred and how)
- the name of the person(s) allegedly involved in the alleged wrongdoing (if a name is known and the discloser considers that naming an individual is necessary to expose the wrongdoing disclosed); and
- any other information that the PD maker believes relevant.
6. HSA procedure after a protected disclosure has been received
- The HSA will promptly, and in any event within seven working days, acknowledge receipt of the PD
- The CEO reviews the PD to determine if it relates to a matter for which the HSA is prescribed
- Where the PD is outside of the HSA’s mandate, the CEO informs the discloser of this within 14 working days of receipt of the PD
- Where the PD relates to a matter for which the HSA is prescribed, within 14 working days of receipt of the PD, the CEO informs the PD maker that their PD has been assigned for investigation
- The HSA will endeavour to provide feedback on the outcome of the investigation to the discloser within three months, or six months in duly justified cases, of receipt of the PD
- While feedback may be provided, the need to maintain confidentiality may prevent the HSA from providing specific details of the investigation and/or any actions taken to the PD maker.
Section 16 of the 2014 Act provides that a person to whom a protected disclosure is made, and any person to whom a protected disclosure is referred in the performance of that person’s duties, shall not disclose to another person any information that might identify the discloser. There are exceptions to this, as outlined in the 2014 Act.
All reasonable steps will be taken to protect the identity of a discloser and to ensure the disclosure is treated in confidence in line with the provisions of the 2014 Act. If a decision is taken which may identify the PD maker, they will be informed that this may occur in advance, unless there are exceptional reasons not to do so.
8. Record keeping and data protection
Records will be maintained in compliance with relevant confidentiality requirements. Any personal data collected will be processed in accordance with the provisions of the Data Protection Act 2018, Regulation (EU) 2016/679, Directive (EU) 2016/680 and Regulation (EU) 2018/1725. The discloser’s identity will be protected in line with the obligation in section 16 of the Protected Disclosures Act.
9. Annual PD Report
Section 22 of the 2014 Act requires the publication of a report by public bodies no later than 30 June each year relating to the number of protected disclosures made in the preceding year, and of the actions, if any, taken in response to such disclosures. The HSA provides the details on protected disclosures in our annual reports. None of the information provided in the HSA annual report of protected disclosures will be provided in a form that enables the identification of the persons involved.