By Danielle Newton. Last Updated 6th April 2023. Have you fallen victim to a dental medical data breach? If you have given your personal data to your dentist, or they have collected it throughout your time with them, they have a legal duty to protect that data. A dental data breach or medical data breach could be quite traumatic for a person to go through. It could cause them emotional harm, and depending on the information that is exposed, could also cause them financial harm. If you suffer harm from your personal data being exposed you could be in a position to claim compensation. However, you will need evidence that those you hold responsible for the data breach allowed this to happen by something they did or did not do.
How This Guide Could Help
In this guide, we explain what you may need to know if your personal health information has been breached by your dentist or dental practice. We explain the legal requirements of a dentist to protect patients’ records and explain what happens if you want to make a medical data breach claim for the harm you’ve suffered due to your data being exposed. In the sections below, you’ll find out all the information you may need to know to make such claims. We explain how compensation could be calculated, how a breach could happen, and the effects it may have on you.
We also explore the data protection legislation that protects your personal data, and describe how we could help you get started with a claim. If you would like to ask us anything about making such claims, you can call our team today. You can reach us on 0800 408 7825 or complete the contact form here.
Select A Section
- Dental Medical Data Breach Claims Explained
- What Are Dental Medical Data Breaches?
- How Could Private Medical Data Get Breached?
- Types Of Damages Paid Out For Data Breaches
- How Much Could I Claim For A Dental Medical Data Breach?
- No Win No Fee Claims For A Dental Medical Data Breach
- Talk To Our Team About Your Dental Medical Data Breach Claim
- Essential Resources
Your personal health information should be protected by any healthcare provider that collects it. Those who collect personal data are known as data controllers, whereas those who supply such information, are known as data subjects.
There are data protection laws in force in the UK. The UK GDPR ensures those who have your medical information have a legal duty to protect it. Should you fall victim to a dental medical data breach due to wrongdoing on your dentist or dental practice’s part, the Information Commissioner’s Office, or ICO, which enforces data protection law in the UK could investigate.
Moreover, if you can prove that the dental data breach, which meant personal information was exposed, was caused because those who should have been protecting it never took the right steps to keep it secure you may have the foundation of a claim.
How Could A Dental Data Breach Occur?
The sections below explain how a dental medical data breach could happen. They also discuss how it could affect you. We explain how common such breaches are, and how much compensation could be appropriate for such claims.
In addition, we describe how No Win No Fee solicitors could help you. If you decide you want the help of a solicitor to help you pursue your claim it may be an option to opt for No Win No Fee data breach solicitors. Under a No Win No Fee agreement, you would not have to pay legal fees until your claim was successfully settled. Even then, the legal fees you’d pay would only amount to a small percentage of your compensation.
How many people are affected by data breaches?
Between 2014 and 2015, the ICO visited a variety of dental practices to ascertain information on the risks and challenges dentists face when it comes to data protection. They found that there was some confusion about registering with the ICO. There was a lack of written contracts at some practices with those providing IT services, as well as a lack of control regarding data on personal devices. Further to this, it was found that there was evidence that best practice was not always followed when it comes to data governance. It is important to note that this was some time ago.
If we look at the data security incidents statistics from the ICO for Q2 2021/22 we can see that 435 of the 2,431data security incidents that were reported during this period related to the health sector. You can see other sectors figures in the graph below.
Your personal health information contained in your medical records is something that your dental practice may have collected. To provide a patient with services, the dental practice may need to access your health information and other personal information such as your card details if you are paying for your treatment.
Unfortunately, if you suffer a dental data breach or a medical data breach, this could expose your personal data. If this happens you can be affected in two ways; card details may be stolen, and cybercriminals could commit fraud or theft using your details and your private and personal medical information may be exposed. This could affect you psychologically.
But what is the definition of a data breach and when could it lead to a claim?
Definition Of A Data Breach
The definition of a data breach is a security incident leading to personal data being stolen, lost, transmitted, disclosed, altered, deleted or accessed unlawfully or through human error. It could happen if cybercriminals use nefarious means to hack into systems. However, the biggest cause of such breaches is human error.
If you suffer a dental medical data breach that causes you financial loss or expense and/or psychological harm, and you could prove wrongdoing on your dentist’s part, you could be eligible for compensation.
There are lots of different ways in which personal information stored by a data controller could be exposed whether by accident or a deliberate act. As we have already mentioned, it could be due to cybercriminals launching a cyber attack, or using phishing to gain access to private information. It could also be due to human error.
Human error that causes a dental medical data breach could stem from:
Poor administrative practices – If your dental practice does not keep data securely, someone without authorisation could access it. For example, if someone leaves a laptop containing personal health information open and in full view of others, with patient records on the screen, other unauthorised parties could see it.
Misdelivery of data – For example, someone could send patient records to the wrong recipient by fax, e-mail or letter (a postal data breach).
Failure to BCC – If someone fails to blind copy you into an email address and uses CC instead, this could expose your email address.
Lack of training – If a dentist or dental practice doesn’t train staff in best practice when it comes to data protection, errors could occur.
Data breach claims when successful can be awarded two main types of damages. For example, you could claim material damages for money that someone steals from you. They could do this as a result of getting your card details due to a breach. You could also claim damages for the money it costs you to restore your credit file.
If you suffer emotionally and psychologically because of a dental data breach, you could claim compensation for this too. Non-material damages for the exposure of your personal data could be awarded for any mental trauma suffered as a result of the data breach. It could also compensate you for anxiety, post-traumatic stress disorder, and even loss of sleep.
As stated above, if your protected personal data was compromised in a dental or medical records data breach, you could be eligible for compensation. In this section, we are going to look at how your settlement could be awarded.
Your dental or medical data breach compensation amount could be made up of an award for both material damage and non-material damage, or you may only claim for one of these. This is due to the Court of Appeal 2015 ruling in the Vidal-Hall and others v. Google Inc. case. Prior to this ruling, if you wanted to claim for mental health injuries, you would have needed to demonstrate that you also suffered a financial loss.
This is the name given to psychological injuries caused by the compromise in your protected personal data. Due to the Gulati and Others v. MGN Limited ruling in 2015, your non-material damage will be assigned value in the same way as mental harm in personal injury claims.
This is done by legal professionals using the Judicial College Guidelines (JCG) to help them assign value to mental suffering. The JCG is a document that is used to guide injury values in varying severities with compensation brackets.
Our table below contains figures from the JCG. It is only to be used as guidance and is not representative of what you could be awarded.
|Injury type||Compensation Bracket (Approximate)||Level of severity|
|General psychological injury||£54,830 to £115,730||Severe|
|General psychological injury||£19,070 to £54,830||Moderately severe|
|General psychological injury||£5,860 to £19,070||Moderate|
|General psychological injury||£1,540 to £5,860||Less severe|
|Post-traumatic stress conditions/PTSD||£59,860 to £100,670||Severe|
|Post-traumatic stress conditions/PTSD||£23,150 to £59,860||Moderately severe|
|Post-traumatic stress conditions/PTSD||£8,180 to £23,150||Moderate|
|Post-traumatic stress conditions/PTSD||£3,950 to £8,180||Less severe|
If the compromise in your protected personal data caused material damage, your compensation could recover your losses as part of your medical data breach claim. Material damage refers to any financial hardship caused by the breach.
For example, if criminals gained access to your banking information and used this to spend money from your account, you could recover this amount. However, you will need to present evidence of your losses.
Call our advisors for a free valuation of your potential claim. They can also advise you on what financial losses you could recover.
A solicitor may offer to represent your dental medical data breach claim under a No Win No Fee Agreement. What this means is that you would not pay any money upfront to obtain the services of a data breach lawyer for your data breach compensation claim.
Instead, your data breach solicitor would send you a Conditional Fee Agreement. This would contain details of the success fee that you would have to pay them if your claim was successful.
This is a small percentage of your eventual payout, and is subject to a legal cap. It would only be payable in cases where your claim resulted in compensation. Should your claim fail for any reason, you would not pay the mentioned success fee.
Could I Use A No Win No Fee Solicitor?
To ascertain whether your claim could be taken on by a No Win No Fee solicitor, the legal professional would have to ascertain whether:
- A breach occurred
- It was due to wrongdoing by your dental practice or dentist
- The breach exposed your card details, health information or any other personal information
- You suffered financial loss or expense and/or psychological injuries as a result
- Your claim fell within the limitation period set out by the Limitation Act 1980. Claims not involving public bodies would usually have a limitation period of six years.
Would you like to speak to us about making a No Win No Fee Claim? If so, why not get in touch. We could offer you further advice over the phone.
We hope this guide covering dental medical data breach claims has been useful to you. If you would like to speak to you us about your case you can call our team for free. Alternatively, there are other ways in which you could contact us to get help and guidance and free legal advice about your case.
- Call 0800 408 7825
- Use Live chat to chat to an online advisor
- Complete our contact form to request a call back.
Data Breach Cases Related To Lost Or Stolen Devices– This guide covers all you may need to know if your personal data has been exposed due to the loss or theft of a personal device containing your data.
Data Breach Compensation (General Guide) – We have created a general guide to claiming data breach compensation. You can access it here.
Dental Injury – We also provide advice on claiming for dental injury. You can find out more about this here.
Your Data Matters – The ICO has produced a range of articles relating to your data. You can access them here.
Find Information On The Data Protection Act – You can find out more about the Data Protection Act 2018 and how it affects you here.
The UK GDPR – Find out more about the regulation that protects the security and privacy of your personal data here.