Open Source Software

Platform to report and manage illegal conduct in an easy, safe and secure way

Piattaforma Whistleblowing Open Source
Piattaforma Whistleblowing Open Source

About Whistleblowing


Reporting of illegal conduct

Multilingual simple and intuitive Web Based platform accessible from any PC, Tablet and Smartphone, for the management of illegal conducts reports


Protection of the Whistleblower

Protects the whistleblower from possible discrimination, ensuring the confidentiality and separation of the identity and content of the report throughout the process


Anti- corruption tool

The whistleblower supports the identification and proper management of illegal conducts, contributing to the risk prevention for the Administration to which he/she belongs and preserving the collective public interest


L. 179/17 D.Lgs.231/01

Whistleblowing is governed by law to protect, in a simple and safe way, those who report illegal conducts in the workplace and in the Public Administration

Play Video

Platform main features

OpenBlow is an open source platform developed by Laser Romae to support the National Anti-Corruption Authority (ANAC), Public and Private Organizations to report illegal conducts in line with the current law


It simplifies the procedures for entering, managing and monitoring reports throughout the process, using an accessible and intuitive interface.

Completely customizable

It supports the complete customization of the contents, the graphic interface, the questionnaires, the process workflows and the corporate image. It allows the integration with pre-existing customer systems (i.e. authentication, documentation, workflow).


It adopts secure and encrypted protocols for the data transport over the network, it uses encryption for storing the contents of reports, documents and the identity also at rest.

Companies groups and holdings

It natively supports multiple instances for groups of companies and for holdings, managing communication and forwarding of reports and documents between platforms, ensuring safety and the necessary decoupling.

Law compliant

Natively complies with current legislation, European directives, guidelines on Whistleblowing (Law 179/17), Organizational Models (Italian Legislative Decree 231/01) and Privacy (GDPR).

Ready-to-deploy on SaaS or On-Premise

Available as an AgID qualified service in Software as as Service (SaaS) mode or in On-Premise mode, installed and integrated within the customer's infrastructure. It supports ready-to-deploy mode through a quick and guided activation process.

A norma di legge

Ottempera in modo nativo alla normativa vigente, alle direttive europee , alle linee guida in materia di Whistleblowing (L. 179/17), modelli organizzativi (D.Lgs.231/01) e Privacy (GDPR UE 2016/679).

Ready-to-deploy on SaaS e/o On-Premise

Disponibile come servizio qualificato AgID in modalità Software as as Service (SaaS) o in modalità On-Premise, installata e integrata sulle infrastrutture del Cliente. Supporta la modalità ready-to-deploy attraverso un processo di attivazione rapido e guidato.

Our platform is used by

open blow multi engine

Multi-Engine Architecture

The platform has a multi-engine architecture, to allow easy integration in heterogeneous environments. The modularity of the platform allows, for each of the core functionalities, the deployment of dedicated plugins to connect to pre-existing systems (for instance authorization systems, workflow managers, message queue systems, object storages).

Workflow with validation logic and reports approval

The platform implements an engine for the personalized management of the whole whistleblowing process. It is possible to define intermediate and final states and the logic of validation and transition from one state to the other.

openblow whistleblowing
open blow whistleblowing


The platform implements natively the operational roles foreseen by the legislation and by the related guidelines. The platform also allows you to create and configure customized roles in a simple and intuitive way, granting the desired access logic to the services and a clear separation of roles.

Whistleblowing process

After receiving a report, the instructor in charge proceeds with the acceptance and first assessment of its scope and validity. Afterwards, the investigation is started to define the outcome and corrective actions, involving the internal departments and / or the competent offices.

processo whistleblowing
open blow software whistleblowing documentazione

Project Documentation

The platform has a set of documents according to the quality standards required by LASER ROMAE and the development guidelines adopted: design, test plan, user manual, administration and management manual.


Anti-corruption law (L.179 /17) and EU Dir.19/1937

The platform complies with the Communitarian Legislation and the ANAC guidelines governing the provisions for the protection of the reporters of crimes or irregularities they have become aware of in the context of a public or private employment relationship.

AgID guidelines for secure software development and usability

The platform is designed and developed according to the AgID guidelines for the development of secure Software in the Public Administration sector, using secure-by-design techniques, supporting usability and accessibility as per the AgID design guidelines.

Organizational models (D.L. 231/01)

The platform is in line with the legal provisions that make Whistleblowing mandatory for public and private companies that adopt an organizational model according to Legislative Decree 231/01.

SaaS AgID Qualification

AgID qualification as a "Software as a Service (SaaS)" service for the PA Cloud pursuant to AgID circular no. 3 of 9 April 2018. The service is provided on Cloud Service Provider (CSP) and it enlisted in the Cloud Security Alliance STAR registry (Self Assessment documentation CAIQ v.3.0.1).

EU Regulation 679/2016 (GDPR)

The platform is in line with the general data protection regulation (GDPR - General Data Protection Regulation, EU regulation 2016/679).

Safety Certification

Vulnerability Assessment and Penetration Test (VAPT) sessions are conducted periodically and at new releases, supported by the main security certifications (ISO 27001, OWASP, CISA and CISM of ISACA).

Regolamento UE 679/2016 (GDPR)

La piattaforma è in linea con il regolamento generale sulla protezione dei dati (GDPR – General Data Protection Regulation, regolamento UE 2016/679).

Certificazione sulla Sicurezza

Sono condotti con cadenza periodica e in concomitanza di nuovi rilasci delle sessioni di Vulnerability Assessment e Penetration Test (VAPT), supportate dalle principali certificazioni (ISO 27001, OWASP, CISA e CISM di ISACA) in materia di sicurezza.​

What our clients say


Find out how simple and quick It’s to install

    I have read and understood the information about privacy

    Laser Romae operates in all the Information and Communication Technology (ICT) field by offering forefront solutions and services in all the IT sectors and providing project, analysis and support Engineering services.
    • Viale Cesare Pavese, 30500144 Roma
    • info@laserromae.it
    • +39 06 56 55 92 45
    • +39 347 010 5624
    © Copyrights 2021 Laser Romae s.r.l. All rights are reserved.