You may be eligible to make a personal data breach claim if an organisation has breached your personal information. According to the ICO, a personal data breach can happen when personal information is involved in a security incident that sees personal data lost, stolen, destroyed, altered, accessed or dislocsed to those without authority.
Many organisations collect personal data to operate or for business purposes. However, when the UK was still part of the EU, organisations had to follow the rules of the General Data Protection Regulation now since the withdrawal the UK have created their own version of these regulations and updated the Data Protection Act 2018. Importantly, the UK GDPR requires organisations (data controllers) to protect the personal information they process. Failure on the part of the data controller to protect your personal data, breaches the rules of the UK GDPR.
However not all personal data breaches qualifies those affected to make a data breach claim. Read on to learn more information.
In this guide, we will explain how data breaches can happen. Moreover, we will explain why you may be eligible to claim data breach compensation. And we will look at the types of damages that might be awarded. To begin your data breach compensation claim, please call us today on 0800 408 7825. Alternatively, contact us via our website. Our panel of data protection No Win No Fee solicitors could offer to handle your compensation claim.
Select A Section
- Who Could Make A Data Breach Claim?
- How Could A Data Breach Impact You?
- How The Law Protects Data Breach Victims
- Have You Been Notified Of A Data Breach?
- Calculating Data Breach Claim Payouts
- Contact Us To Check If You Are Eligible To Make A Data Breach Claim
As we mentioned previously not all data subjects, those whose information is processed will be eligible to make a claim after a data breach. You must be able to demonstrate how the data controller failed in some aspect to protect the personal data they hold about you.
Under the following circumstances, you could potentially make personal data breach claims for compensation:
- An organisation collected your personal data. Therefore the organisation was legally obliged to protect your personal or sensitive information.
- A personal data breach took place. Consequently, the breach exposed your personal data to an insecure environment. This happened because the organisation did not correctly secure this information.
- As a result of the data breach, you experienced emotional distress or a psychological injury. On the other hand, you may have suffered financial losses.
Personal data is information that distinguishes one person from another, such as names, addresses or dates of birth. All sorts of organisations collect personal data to operate or for commercial purposes.
Under the UK GDPR, organisations must explain why they process personal data. Furthermore, the organisation must not use the data for any other purpose without a lawful basis. Doing so would be a breach of the UK GDPR.
Organisations that decide why and how to collect personal data:
- A public body, such as a council or government department
- An NHS trust or healthcare provider
- The police or social services
- A private business or service provider
- Charities and not for profit organisations
- Schools and universities
Please get in touch with Public Interest Lawyers to see if you can make a data breach claim for compensation. Our advisors could connect you to our panel of data breach lawyers once they can see your case has a good chance of being awarded compensation.
When you make a data breach compensation claim, if you have chosen to use a solicitor they will consider the breach’s impact on you.
In extreme circumstances, a data breach can be a security threat. Therefore, many data breach victims experience emotional distress after their personal or sensitive information has been exposed. Sometimes a data breach victim may experience psychological injuries after a particularly traumatic data breach, such as post-traumatic distress disorder (PTSD).
Unfortunately, cybercriminals may use personal information to target the data breach victim for identity theft or fraud after a data breach. Consequently, victims may also lose money or assets.
The UK General Data Protection Regulation and the Data Protection Act 2018 requires organisations to take responsibility if they breach your personal data. What happens if an organisation discovers a UK GDPR data breach has occurred, which puts your rights and freedoms at risk? Firstly, the organisation must send you a UK GDPR data breach notification without undue delay and they must inform the ICO within 72 hours about what has happened.
The ICO can investigate and fine organisations when a data protection breach occurs.
The Rights Of Data Subjects
These are the rights of data subjects under data protection legislation:
- Firstly, the right to be informed
- Secondly, the right of access
- Thirdly, the right to rectification
- Fourthly, the right to erasure
- Fifthly, the right to restrict processing
- Sixthly, the right to data portability
- Seventhly the right to object
- And finally, rights about automated decision making and profiling
If an organisation has breached your personal data, they should send you a data breach notification. The data breach notification will inform you of the following:
- The notification will explain the nature of the data protection breach. The notification will also explain what personal information was exposed in it.
- Explain what the consequences of the personal data breach could be for you. For example, if criminals steal your name or address, you may be targeted for phishing scams.
- The organisation should share its data protection officer’s name and contact details.
- The organisation should explain the steps they have taken to mitigate the harmful steps of the data breach. Moreover, the organisation should explain what you can do to protect yourself from further harm. For example, change the passwords on your online accounts.
You can use your data breach notification as evidence to support your data breach claim. In addition, your lawyers may use financial documents and medical records to support your claim. Please contact us today to inquire about making a data breach claim for compensation.
You may be wondering how much is a data breach claim worth? When you make a data breach claim in the UK, you can receive up to two heads of claim.
Firstly you can receive material damages. Material damages will reimburse you for any financial losses or costs you suffered. Secondly, you can receive non-material damages. Your non-material damages payout is compensation for the data breach’s harmful effects on you. Including the emotional distress you have suffered and any mental health-related injuries, such as anxiety or PTSD.
The table includes compensation brackets for non-material damages. However, the table excludes material damages. We have used guidelines from the Judicial College to create this table.
|Type Of Psychiatric Injury
|Information About This Injury
|Post-Traumatic Stress Disorder
|There are permanent effects caused by the trauma. The person will not be able to either return to work or to education or at least not near pre-trauma levels.
|£56,180 to £94,470
|(b) Moderately Severe
|With professional care and treatment there is scope or some improvement and there is a better prognosis than above.
|£21,730 to £56,180
|Recovery will mostly have taken place.
|£7,680 to £21,730
|Psychiatric Damage / Injuries
|A poor outlook/ prognosis has been given. It is unlikely that treatment will help and there could be problems with all parts of this person’s life.
|£51,460 to £108,620
|(b) Moderately Severe
|Whilst there is a better prognosis for recovery, the person may have been affected in similar ways to the category above.
|£17,900 to £51,460
|The person should already have made a ‘marked’ degree of recovery and has a better outlook than the 2 categories above.
|£5,500 to £17,900
Depending on several factors, you may receive more or less compensation than the amounts in the table. You can call our claims helpline, and an advisor will provide you with an accurate compensation quote.
To get more information about your data breach compensation claim, please contact Public Interest Lawyers today. Our panel of data breach solicitors has solid experience handling data breach claims. If they take on your case they will handle your claim from start to finish. And will negotiate hard with the defendant to make sure you receive the right amount of compensation.
What’s more, you will have the option to make a No Win No Fee data breach claim. When you make a claim with a No Win No Fee solicitor, you enjoy the following advantages:
- You will not pay an upfront solicitors fee
- You will only pay a success fee if our panel of solicitors win your claim
- The success fee is capped.
Please read our online guide to learn more about making a No Win No Fee claim.
We hope this guide has been helpful. To begin your data protection breach claim, please get in touch with us.
- Call our claims helpline on 0800 408 7825
- Use our contact form to contact us
- Or type a question into our Live Support widget, and an advisor will answer it
Related Data Protection Breach Claim Guides
You can read more about making a data breach compensation claim here.
How to report a data breach to the ICO.
How to make a complaint about an organisation that has failed to protect your personal information.
A guide to reporting and avoiding online scams and phishing attacks.
We appreciate you reading this guide to a data breach claim. Please get in contact with us if you have any questions.