Protected Disclosures Act 2014
What is a protected disclosure?
The Protected Disclosures Act 2014 as amended by the Protected Disclosures (Amendment) Act 2022, provides a statutory framework for the protection of workers who raise concerns about relevant wrongdoing in their workplace from dismissal, penalisation or other sanctions by their employers.
The Protected Disclosures Act Statutory guidance for public bodies and prescribed persons
Making a protected disclosure is also known as “whistleblowing”.
A protected disclosure is defined by section 5 of the 2014 Act as a disclosure of information by a worker, which in their reasonable belief, tends to show one or more relevant wrongdoings, which came to the worker’s attention in a work-related context and is disclosed in the manner outlined in the Act as amended.
Actions that constitute relevant wrongdoings under the Act include:
- criminal offences;
- failure to comply with any legal obligation (other than one arising out of a worker’s contract of employment or contract for services);
- a miscarriage of justice;
- endangerment of an individual’s health or safety;
- damage to the environment;
- unlawful or improper use of funds or resources by a public body;
- oppressive, discriminatory or grossly negligent behaviour or gross mismanagement by a public body;
- breaches of European Union law set out in the 2022 Act linked above;
- concealment or destruction of evidence relating to any of the above wrongdoings.
The Act allows for disclosures to be made about past wrongdoings, current wrongdoings, and wrongdoings that are likely to occur in the future.
Matters concerning interpersonal conflict between the worker and another colleague, or their employer, does not generally constitute a wrongdoing under the Act. Such conflicts should be dealt with through the internal grievance procedure provided for by the employer.
Who is protected under the legislation?
A “worker” is defined by the Act as an individual working in the private or public sector who acquired information on relevant wrongdoings in a work-related context and includes:
- employees and former employees,
- persons who provide or provided services to another party under contract,
- agency and former agency workers,
- board and former board members (including non-executive members),
- shareholders and former shareholders,
- trainees and former trainees,
- volunteers and former volunteers,
- job applicants,
- individuals involved in pre-contract negotiations, and
- members and former members of the Defences Forces (including the Reserves).
The Act also protects workers who make a disclosure by way of an anonymous report. If a worker makes an anonymous report and is subsequently identified and penalised for doing so, for the purposes of the Act, that worker will be considered to be a worker who made a protected disclosure and is therefore entitled to the full protections of the Act.
Making a Protected Disclosure to the IPOI
The person making the disclosure should make sure that they disclose the information to the prescribed person only and not to any other IPOI officials. The Controller of the IPOI has been nominated by the Minister for Public Expenditure and Reform, as a prescribed person in the Protected Disclosures Act 2014 (Disclosure to Prescribed Persons) Order 2020 to receive complaints in relation to all matters pertaining to the functions of the IPOI or of the Controller of the IPOI under the 1992 Patents Act, as amended. (The Intellectual Property Office of Ireland was established as the Patents Office under the Industrial and Commercial Property (Protection) Act 1927 and continues to operate under the Patents Act 1992).
A protected disclosure to the IPOI should be made in the manner as specified by section 7 of the Act. A protected disclosure may be made to the Controller if the reporting person objectively and reasonably believes that the relevant wrongdoing falls within the description of matters for which the Controller has jurisdiction, (namely “IPOI functions”) and that the information disclosed, and any allegation contained in it, is substantially true.
Please be aware that the IPOI is a statutory body, which can only act within the remit of the 1992 Patents Act, as amended, which sets out its functions. The IPOI cannot investigate every complaint of wrongdoing.
The contact details of the prescribed person to whom a report may be made:
The Controller
Intellectual Property Office of Ireland
Government Offices
Hebron Road
Kilkenny
R95 H4XC
Ireland
Any such report should be marked as “strictly confidential”.
Alternatively, you may use the following phone number or email:
Tel: (00353) 56 770112
Note that whilst voicemails are recorded, phone calls to the IPOI Prescribed Person phone line above are not recorded.
or by
Email: protecteddisclosure@ipoi.gov.ie
How do I make a protected disclosure to the IPOI?
A protected disclosure to the Controller can be made orally and/or in writing. Where a disclosure is made orally, by telephone, the reporting person may request a meeting with the Controller or a contact person, which will be facilitated within a reasonable period following the making of the request.
It is important that the disclosure includes as much information as possible about the alleged wrongdoing. It is recommended that reports should, at a minimum, include the following details:
- that the report is a protected disclosure and is being made under the Protected Disclosures Act 2014 (as amended) and its relevant procedures;
- the reporting person’s name, position in the organisation, place of work and confidential contact details;
- the date of the alleged wrongdoing (if known) or the date the alleged wrongdoing commenced or was identified;
- whether or not the alleged wrongdoing is still ongoing;
- whether the alleged wrongdoing has already been disclosed and if so, to whom, when, and what action was taken;
- information in respect of the alleged wrongdoing (what is occurring or has occurred and how) and any supporting information;
- the name of any person(s) allegedly involved in the alleged wrongdoing (if any name is known and the worker considers that naming an individual is necessary to report the wrongdoing disclosed); and
- any other relevant information.
Some persons may wish to make an anonymous disclosure. The IPOI will accept and follow-up on any anonymous disclosure received. However, the IPOI may be constrained in its ability to investigate the matter in the absence of knowledge of the identity of the reporting person. Furthermore, not having contact information on the identity of the reporting person may make it difficult or impossible to apply certain procedures, such as keeping the reporting person informed on the outcome of their report. If the reporting person does not wish to be contacted, they should make this clear in their report to the IPOI.
Protected Disclosure Procedures
Protected disclosures made to the Controller of the IPOI will be dealt with through an independent and autonomous external reporting channel. The reporting channel is run by an impartial person or persons, known as a “designated person(s)”. Designated persons are appointed by the Controller are responsible for handling reports and maintaining contact with the reporting person. Designated persons working on a protected disclosure delegation have been trained in the handling of such reports. The reporting channel and its procedures are designed and operated in a manner that ensures the completeness, integrity and confidentiality of the persons and information concerned.
Once a report of a protected disclosure has been received, in accordance with section 7A of the Act, written acknowledgement of the report within 7 days of receipt will be provided, unless the reporting person specifically requests that no acknowledgement is sent, or the Controller reasonably believes that acknowledgment of receipt would jeopardise the protection of the reporting person’s identity.
The reporting person will be kept up to date with the progress of the investigation into their reported disclosure, including being provided with information on the following steps in the process:
Initial assessment
The first step in the investigation of reported disclosures is an initial assessment as to whether there is prima facie evidence that a wrongdoing may have occurred, and that the reported disclosure concerns matters that fall within the remit of the Controller of the IPOI’s responsibility, namely the 1992 Patents Act, as amended.
During the initial assessment, the designated person may ask for further information from the reporting person relating to the disclosure.
Conclusion of initial assessment
After carrying out the initial assessment, if the Controller decides that there is no prima facie evidence that a wrongdoing may have occurred or that the matter falls outside his remit, the investigation procedure shall be closed and notification of the decision and the reasons for the decision shall be given to the reporting person, in writing, as soon as practicable.
An investigation into a reported disclosure may also be closed following an initial assessment if the Controller decides that there is prima facie evidence that a wrongdoing may have occurred, but the wrongdoing is clearly minor and does not require further follow up.
In the case of repetitive reports, the investigation may also be closed if the reported disclosure does not contain any meaningful new information about a wrongdoing compared to previous reports which have since concluded. In both instances, notification of the decision to close the procedure and the reasons why will be given to the reporting person, in writing, as soon as practicable.
Action taken to address the relevant wrongdoing
After carrying out the initial assessment, if the Controller decides that there is prima facie evidence that a relevant wrongdoing may have occurred, and that the report concerns a matter that falls within the scope of matters for which the Controller has responsibility, the reporting person will be notified of the action taken to address the wrongdoing.
Transmitting the report to a more appropriate prescribed person or the Protected Disclosure Commissioner
Following the initial assessment, if the Controller decides that the disclosure concerns matters are not within the scope of his/her jurisdiction, he/she will transmit the reported disclosure to a more appropriate prescribed person, or where there is no such appropriate person, he/she will transmit it to the Protected Disclosure Commissioner.
Notification of the decision to transmit the report, and the reasons for transmitting the report, will be given to the reporting person, in writing, as soon as practicable. The designated person will provide notification of the decision to the reporting person.
Feedback
The designated person will provide feedback to the reporting person on their reported disclosure within three months of the date of acknowledgement of receipt, or within six months of the date of acknowledgment in complex cases. If no acknowledgment of receipt was provided to the reporting person, the designated person will provide feedback within three months from the date of expiry of the period of seven days after the report was made, or within six months in complex cases.
If it appears unlikely that feedback will be provided in the prescribed three-month period, the designated person will write to the reporting person as soon as practicable to inform them of the extension of time for providing feedback. If a reporting person wishes, they can request, in writing, that further feedback be provided by the designated person at the interval of every three months until the report is closed.
Data Protection and Protected Disclosures
The processing of all personal data provided in the reported disclosure will be processed in accordance with data protection law, including the General Data Protection Regulation. The Act provides a lawful basis for the collection and processing of personal data and requires the IPOI to keep certain records and refer reports onto other public bodies in certain circumstances. However, any personal data that is not relevant to the handling of a specific report will not be collected or if collected accidentally, will be deleted without delay.
In accordance with section 16B of the Act, the rights of data subjects can be restricted to the extent necessary and proportionate for the purposes of safeguarding the general public interest, the protection of the data subject or the rights and freedoms of others. Rights can also be restricted to the extent, and for as long as is necessary, to prevent and address attempts to hinder reporting or to impede, frustrate or slow down follow-up, in particular investigations, or attempts to find out the identity of reporting persons.
The restrictions also apply where it is necessary and proportionate to prevent the disclosure of information that might identify the reporting person, where such disclosure of identity would be contrary to the protections of the Act; or where exercise of the right would prejudice the effective follow-up, including any investigation, of the relevant wrongdoing.
Remedies against penalisation for making a protected disclosure
Section 12 of the Act prohibits an employer from penalising or threatening to penalise an employee for having made a protected disclosure. Penalisation is defined by the Act as any direct or indirect act or omission which occurs in a work-related context, is prompted by the making of a report and causes or may cause unjustified detriment to a worker, and includes:
- suspension, lay-off or dismissal;
- demotion, loss of opportunity for promotion or withholding of promotion;
- transfer of duties, change of location or place of work, reduction in wages or change in working hours;
- the imposition or administering of any discipline, reprimand or other penalty (including a financial penalty);
- coercion, intimidation, harassment or ostracism;
- discrimination, disadvantage or unfair treatment;
- injury, damage or loss;
- threat of reprisal;
- withholding of training;
- a negative performance assessment or employment reference;
- failing to convert a temporary employment contract into a permanent one, where the worker had a legitimate expectation that they would be offered permanent employment;
- failing to renew or early termination of a temporary employment contract;
- harm, including to the worker’s reputation, particularly on social media, or financial loss, including loss of business and loss of income;
- blacklisting on the basis of a sector or industry-wide informal or formal agreement, which may entail that the person will not, in the future, find employment in the sector or industry;
- early termination or cancellation of a contract for goods or services;
- cancellation of a licence or permit; and
- psychiatric or medical referrals.
If an employee suffers penalisation as a result of making a protected disclosure, the employee can apply to the Circuit Court for interim relief within 21 days immediately following the date of the last act of penalisation by the employer. An “employee” for the purposes of section 12 of the Act also includes trainees, volunteers, and job applicants.
A claim for penalisation may also be brought before Workplace Relations Commission (WRC) within 6 months of the penalisation complained of. Where there is ‘reasonable cause’ a complainant may ask the WRC Adjudication Officer to extend the deadline by an additional 6 months.
More information is available www.workplacerelations.ie and from the Information and Customers Service of Workplace Relations Commission 0818 80 80 90.
Immunity from civil liability for making protected disclosure
Under Section 14 and 15 of the Act persons are protected from any civil or criminal liability for reporting confidential information, provided it is done so in accordance with the law.
Non-disclosure agreements cannot be used to prevent a person reporting a wrongdoing.
Contact Details for Support Services