Whistleblower law in Ireland #
Ireland implemented Directive (EU) 2019/1937 through the Protected Disclosures (Amendment) Act 2022, building on the older Irish protected disclosures regime. For most private organisations, the main trigger is 50 workers, while Ireland’s external reporting structure combines a Protected Disclosures Commissioner with a long list of sectoral prescribed persons.
Applicable law #
- Protected Disclosures (Amendment) Act 2022 — official Irish Statute Book text
- Department of Justice — protected disclosures guidance
Who must establish an internal channel #
Private organisations with at least 50 workers must establish an internal reporting channel. Public bodies are also covered under the Irish protected disclosures framework.
External reporting authority #
Ireland does not rely on a single universal subject-matter authority. The Office of the Protected Disclosures Commissioner acts as a routing channel when the worker is unsure of the correct recipient, while many sectoral prescribed persons also receive external disclosures directly.
Data protection authority #
For complaints about the processing of whistleblower data, the relevant authority is the Data Protection Commission .
Key compliance points #
- Irish law still uses the “protected disclosures” terminology rather than “whistleblowing” as the primary legal label.
- The external-reporting map is broad, so internal procedures should tell workers whether they should go to a prescribed person, the Commissioner, or another route set out in the Act.
- The Data Protection Commission expects complainants to first raise the data issue with the organisation where appropriate before escalating.
Official sources #
- Protected Disclosures (Amendment) Act 2022 — official law text
- Department of Justice — protected disclosures
- Government list of prescribed persons
- Data Protection Commission — making a complaint
- Data Protection Commission — complaint handling
Deploy your reporting channel →
Last updated: