How To Claim Compensation For A Data Breach At Work
Learn how to claim data breach compensation if your personal data has been breached at work.
£85 million in compensation
How To Claim Compensation For A Data Breach At Work
Learn how to claim data breach compensation if your personal data has been breached at work.
Experiencing a data breach at work is not only a serious invasion of privacy but can also have negative consequences on your mental health and finances. By claiming data breach compensation with one of our specialist No Win No Fee solicitors, you could be compensated for the damage to your emotional health and finances.
This guide includes essential information regarding a personal data breach, including how to pursue a claim and how a compensation payout could be awarded. It also outlines all data protection laws so you can be clear on what is legal and what you can claim for.
Key Takeaways
- A workplace data breach is a security incident involving information that can identify you as the data subject, either directly or indirectly. It affects the confidentiality, availability or integrity of your personal data.
- Your workplace may be the data controller (generally an organisation that decides why and how personal data is processed). However, they may instruct a data processor to do this on their behalf.
- Data processing refers to anything that is done with personal data. This includes collecting, storing, recording, organising, structuring, adapting, altering, erasing and destroying.
- Workplaces will need to store certain personal data about their employees. Some of this may include their special category data, which is given extra protection under the law due to its sensitive nature.
- How much compensation you receive will depend on the severity of the effects of this breach of your personal data.
- There is a six-year time limit to make a data protection breach claim.
- One of our data breach solicitors could offer their No Win No Fee service to help you with a claim.
Unsure whether you can claim data breach compensation? See if your claim is valid by contacting our expert advisors.
- Fill in our online contact form.
- Call us on 0151 375 9916
What Is A Workplace Data Breach?
As mentioned above, a personal data breach is a security incident. A breach can be intentional (such as through criminal activity) or unintentional (caused by human error). As we’ll discuss shortly, your employer will need to process certain personal data to carry out admin duties, such as paying you. If this information is compromised, a data breach at work has occurred.
What Is The UK GDPR?
The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA) are the pieces of legislation that protect personal data in the UK. Some of the main aspects of GDPR and the DPA include:
- Personal information should be taken with full transparency.
- Personal information needs to be collected for legitimate and specific purposes.
- Personal information needs to be relevant at all times.
- Personal information is required to be up-to-date.
- Personal information should only be kept for necessary purposes.
These acts also include strong protection for factors like race and ethnicity, religious and political beliefs, genetics, health, and sexual orientation (as well as other protected characteristics). Both pieces of data protection law replace previous data-related acts.
Am I Eligible To Claim Compensation For A Data Breach At Work?
In addition to stating how personal data can be processed, the UK GDPR sets out the requirements that must be met to have a valid data breach compensation claim.
Under Article 82, you could claim for a compromise of your personal data if you can prove that:
- The data controller or processor did not adhere to data protection legislation. In this case, the controller is your employer, although they may have instructed a processor to act on their behalf.
- The integrity of your personal data was compromised as a result of this failure.
- You suffered material or non-material damage (or both) due to this breach of your personal data. Material damage is harm to your finances, whereas non-material damage is harm to your mental health. We further discuss this and how compensation could be awarded later on.
An advisor can answer any questions you have about this eligibility.
Can My Employer Store My Personal Data?
Your employer can keep the following types of personal data for their records. Note that your employer does not require consent for this data.
- Your name.
- Your address.
- Your National Insurance Number.
- Your tax code.
- Your date of birth.
There are additionally other types of data your employer can keep. Furthermore, they need to ensure this data is kept up to date. For example, if you move and inform your employer of your new postal address, they will need to change this in the records they keep for you.
Your information does not have to be deleted even if you no longer work for an employer. However, as outlined in the above acts, your former employer must keep your information only for relevant and necessary purposes.
What About Special Category Data?
Special category data is particularly sensitive data that is given further protection under the law. Some examples are:
- Your race and ethnicity.
- Your religion.
- Your biometrics (such as fingerprints).
- Your health history.
- Your sexual orientation.
If there has been a data breach at work and you think your personal data was compromised, speak to one of our advisors to find out if you could be eligible to claim compensation.
Established, Experienced, Dependable, Responsive and Committed
We strive to provide the highest level of service possible. Our sole aim is to get you the best result we can and one you’re satisfied with. Get in touch today to find out how we can help you.
How Can A Data Breach At Work Happen?
There are several ways a data breach at work can occur, including information being sent via email to the incorrect recipient, a device containing sensitive data being mishandled, passwords being handed out, or hacking attempts.
Any employee with personal data access needs to be given data protection training to prevent breaches occurring through human error. For example, the human resource department should know to keep all paperwork relating to specific employees secured, such as in a filing cabinet. Failure to do so could result in another employee seeing personal data or even stealing it.
Additionally, only staff that need to have access to personal data should be granted this access. The department responsible for payroll require some personal data to ensure that employees get paid. However, an employee working the shop floor would not need access to this personal data to carry out their job-related duties.
There are also other ways a workplace data breach can occur. If you’re unsure whether what happened to you is considered a data protection breach, contact our advisors today for confirmation.
Compensation For A Data Breach At Work
You can be awarded compensation for up to two types of harm for a successful data breach at work claim. We discuss each of these below.
One type of harm you could claim for is your non-material damage. By non-material damage, we mean the harm caused to your mental health as a result of the compromise of your personal data, such as psychiatric harm or post-traumatic stress disorder.
To help assess the value of your non-material damage, those responsible for calculating data breach claims may refer to your medical records alongside the Judicial College Guidelines (JCG).
Aside from the first entry, all figures in the table below have been taken from the Judicial College guidelines. This is a legal resource that features guideline compensation payouts for various injuries, including those which you could suffer to your mental health.
| TYPE OF INJURY | SEVERITY | GUIDELINE COMPENSATION | NOTES |
|---|---|---|---|
| Multiple Instances of Psychological Harm and Special Damages | Severe | Up to £250,000+ | Severe psychological harm or PTSD and several instances of special damages. |
| General Psychiatric Damage | Severe | £66,920 to £141,240 | Overall prognosis is poor, ongoing issues with relationships and work. Treatment may not have been successful. |
| Moderately Severe | £23,270 to £66,920 | As below but with a less positive prognosis. | |
| Moderate | £7,150 to £23,270 | Long-standing disability forcing a leave from work and other issues but with a more positive prognosis. | |
| Less Severe | £1,880 to £7,150 | Compensation will depend on everyday function and period of disability. | |
| PTSD | Severe | £73,050 to £122,850 | Patient likely cannot work again or function at pre-trauma level, everyday life badly affected. |
| Moderately Severe | £28,250 to £73,050 | As above but with a slightly better prognosis outcome. | |
| Moderate | £9,980 to £28,250 | Large recovery expected with small ongoing effects. | |
| Less Severe | £4,820 to £9,980 | Recovery within two years with minor symptoms is likely. |
This table should be used as guidance only. The amount of data breach compensation you are awarded will depend on the circumstances of your claim and could be higher or lower. Additionally, your overall settlement may also consist of compensation for your material damage, which we discuss next.
What Is Material Damage Compensation?
Material damage compensation refers to the funds you could recover via a claim when a financial loss has occurred. For example, if you required time off work due to the stress of knowing your personal data was compromised. These financial losses could materialise in the form of losing your job or needing to take time away from your place of employment.
You may also need to relocate due to the compromise of your data. In addition to any loss earnings related to moving, or leaving the area, you could also recover your removal costs.
Material damage compensation also covers areas like counselling for psychological harm or prescriptions for any new medication required. To claim this compensation, it’s unnecessary to go to court. You will likely only need to proceed to court if the organisation responsible for the data breach refuses to admit wrongdoing or reach a settlement.
Contact an advisor for a free valuation of how much compensation you could claim for a data breach at work. An advisor can discuss what items you could be compensated for as well as what evidence you may need to present to claim for them.
We pride ourselves
on providing the best service
possible for our clients.
We pride ourselves on providing the best service possible for our clients.
Proving A Workplace Data Breach Claim
Proving that you suffered mental harm due to a data breach at work is not enough to make a claim. You must show that your employer did not abide by the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. You can do this with:
- Medical reports that show you suffered psychological harm following a data breach.
- Correspondence between yourself and your employer regarding the breach.
- Proof of financial losses like bank statements.
- Correspondence to and from the Information Commissioner’s Office (ICO) that shows your situation if the breach was reported to them. In the case of larger data breaches, they may investigate and even fine the organisation responsible. The ICO is the independent regulator for data protection in the UK.
Some other evidence may be required. Your solicitor will tell you if this is the case.
If you think you have suffered due to a data breach at work, gather evidence as listed above. It’s also a good idea to contact the ICO and report a data breach if your workplace has not already done so, or if communication between yourself and the data protection officer has broken down. Next, contact our advisors via one of the listed contact methods.
Find Out How To Make A No Win No Fee Data Breach At Work Claim
If you are eligible to claim compensation for a data breach at work, you could seek support with your case from one of our specialist data breach solicitors. Our solicitors have many years of experience handling data breach claims. As part of their services, they could:
- Advise on gathering evidence and help you collect this to strengthen your case.
- Ensure that your claim is accurately valued with both non-material and material damage considered.
- Manage negotiations with the data controller.
- Make sure you are supported through the data breach claims process.
- Explain any sort of jargon related to your case.
Our solicitors do this and more on a No Win No Fee basis. They’ll offer these No Win No Fee services under a Conditional Fee Agreement (CFA). For you, this means that our solicitors:
- Will not take a payment for their services prior to starting work on your claim.
- Also won’t ask you to cover any ongoing solicitors’ fees.
- Furthermore, our solicitors don’t charge for their work should your data breach claim prove unsuccessful.
However, if your claim for a workplace data breach proves successful, your solicitor will collect a ‘success fee’. This will be taken as a pre-agreed percentage from your compensation. In addition to the percentage being agreed beforehand, it is legally limited with a legislative cap in place.
Contact Us
Thinking of claiming data breach compensation? Don’t think twice – contact us today to see if you can.
- Fill in our online contact form.
- Call us on 0151 375 9916
More Information
Check out the other types of claims that JFLAW can help you with:
- Learn about medical negligence claims with this guide.
- This page examines claiming personal injury compensation.
- Additionally, our solicitors can also help you make a criminal injury claim through the Criminal Injury Compensation Authority (CICA).
The following links may help you if your personal data has been breached:
- Learn how we can help you if your bank data had been breached.
- ICO.ORG.UK – Find out the next steps to take after a potential data breach.
- NCSC.GOV.UK – Read guidance regarding data breaches in the UK.
- NHS.UK – See how to manage anxiety and panic.
Thank you for reading our guide about what to do following a data breach at work. To get your compensation claim started, please speak to a member of the team today.
Our Latest Customer Reviews
AS SEEN ON
Contact Us
Our helpline is open 24 hours a day, 7 days per week.
All calls are free and there’s no pressure whatsoever to proceed with a compensation claim.
If you write to us, we aim to respond within an hour or two, and no more than a few hours.
Request a Callback
