In this guide, we will explain how to make a breach of data protection claim for compensation. Throughout the guide, we will explain what makes a person eligible for damages after their personal data has been breached.
When you use a service or interact with an organisation, they may collect and process your personal and sensitive data. Organisations that decide how your data is to be collected and why are referred to as data controllers.
Data subjects are those that have their personal data processed. Organisations could be public bodies or private businesses. In the UK, legislation such as the UK General Data Protection Regulation and the Data Protection Act, 2018 requires organisations to protect the personal data they collect.
So, if an organisation has allowed this information to be breached, you may be eligible to claim compensation from them. So, we will explain how to make a data breach claim in this guide.
To begin your No Win No Fee claim for a personal data protection breach, please contact Public Interest Lawyers today. Our advisors can offer you free legal advice about making a data breach compensation claim. Moreover, they can appoint our panel of experienced data breach solicitors to work on your claim. Please call us today on 0800 408 7825, or write to us using our contact form.
Select A Section
- What Is A Breach Of Data Protection Claim?
- Check You Have Grounds To Make A Data Breach Claim
- What Do I Need To Show To Make A Breach Of Data Protection Claim?
- Will I Need To Go To Court?
- How Much Could A Breach Of Data Protection Claim Be Worth?
- Contact A Solicitor About Your Breach Of Data Protection Claim
Personal data means your personal information, such as your name, date of birth or email address. Not all data is protected by data-protection laws however both personal and sensitive data is protected.
Organisations may collect your data for commercial or operational purposes. The UK GDPR requires organisations to protect the personal data that they process. Therefore, if a personal data breach occurs, which was the organisation’s fault, the ICO inform how some victims potentially may be able to make a data breach claim for compensation.
A personal data breach is a security incident where personal data is altered, destroyed, lost, stolen, accessed or disclosed to those who do not have authority to see it.
In order to prevent personal data breaches from happening an organisation should use up to date cyber security programs so that hackers cannot infiltrate their systems, Training staff on information security is key and also on how to keep information secure and confidential.
A data breach may leave you feeling emotional distress. Or, in a particularly devastating case, you may develop psychological damage such as PTSD. Moreover, criminals may use your breached data to target you for fraud, leading to financial losses. Therefore to find out if you can make a data breach claim for these damages call our advisers for free legal advice.
The Latest Data Breach Statistics
Although human error is the main source of data breaches a large number of data incidents involve cyber security breaches or attacks. The Government’s Cyber Security Breaches Survey 2021 provides information about how frequently these incidents occur.
- 26% of charities experienced a cyber security breach or attack
- 39% of businesses experienced a cyber security breach or attack
- Of those who had suffered a security incident 83% of businesses and 79% of charities had experienced phishing attacks
- and, 27% of these businesses and 23% of these charities had experienced impersonation attacks.
Under what circumstances could you make a breach of data protection claim? You could potentially make a claim for a personal data breach if you can prove that a data controller failed to keep your personal information safe. For example, if the organisation that was responsible for your data caused or allowed the data breach to happen. For example, a company’s data protection efforts may have been inadequate.
Moreover, there must be proof that the data breach has harmed you to make a data breach claim. For example, the data breach may have caused you emotional distress or psychological injuries. On the other hand, a data breach may lead to financial losses. Your legal team will collect evidence such as your data breach notification and bank statements to support your claim.
To make a breach of data protection claim for your personal data being exposed, you will need to provide evidence that supports your claims.
You can use the following information as evidence to support your claim:
- Your data breach notification. The company or public body where the breach took place will normally send you a notification if your rights and freedoms have been affected. The organisation should send out the notification without undue delay and inform the Information Commissioner’s Office ICO, which are the data protection governing body, within 72 hours of the discovery of the data breach.
- Evidence that proves the organisation did not do enough to prevent the data breach. For example, an organisation may have investigated a data breach and found that its security system was inadequate.
- Evidence to prove that the data breach caused you harm. For example, you could use your medical records to show that you experienced post-traumatic stress disorder or depression after the data breach.
- Moreover, your lawyer may use your financial records to prove that you have lost money or assets because of the data breach.
The majority of personal data breach claims will be settled out of court. It is not mandatory to have a solicitor support your case but they do bring experience and knowledge to cases that can be deemed advantageous.
Indeed, solicitors representing both parties will enact the pre-action protocols. The legal representatives will enter into negotiations to try to settle the claim outside of court. The defendant’s legal representative may make an offer early on if liability is admitted. Therefore, avoiding court proceedings.
As we have already mentioned, personal data breaches could cause different types of damages. Sadly, criminals may use breached personal information to target victims for fraud. For example, a criminal might use a stolen email address to conduct phishing attacks on the victims. Consequently, the victim may suffer financial losses.
Moreover, data breach victims may also experience emotional distress if an organisation leaks sensitive information. In some cases, a data breach can threaten a person’s security. For example, social services could leak information about a vulnerable child in their care. Subsequently, a data breach can lead to the victim experiencing psychiatric injuries, such as depression or anxiety.
You can receive up to two heads of claim if your personal data breach case is successful. The first is material damages, which will repay you for any financial losses you have experienced. The second is non-material damages. Non-material damages compensate for the emotional distress or psychological harm that your injuries have caused. Your non-material damages compensation would align with what you would receive for the same injuries if you made a personal injury claim.
You can use the table below to estimate how much your non-material damages payout is worth. The table does not include material damages. Please note that your compensation may vary, depending on your circumstances.
|Post Traumatic Stress Disorder
|Severe – A
|£56,180 to £94,470
|The effect on the person will be permanent and will prevent them from being able to either work at all or to the same degree as they did before the traumatic incident.
|Moderately Severe – B
|£21,730 to £56,180
|The trauma will have caused significant symptoms such as disturbance to sleeping patterns and mood disorders. Some degree of recovery can be made with specialist help.
|Moderate – C
|£7,680 – £21,730
|The person should largely have recovered from the trauma.
|Severe – A
|£51,460 – £108,620
|Overall the person has ‘marked problems’ with regard to managing relationships and coping with life. There is a very poor prognosis for any recovery.
|Moderately Severe – B
|£17,900 to £51,460
|The prognosis for the future and recovery is better than above. The person may still not recover enough to return to comparable employment as pre-trauma.
|Moderate – C
|£5,500 – £17,900
|Claimants will already have made a marked improvement or degree of recovery by the time of any trial. Overall there is a good prognosis.
Alternatively, please call our claims helpline. Our advisors can provide you with free legal advice and a personalised compensation quote.
Please contact Public Interest Lawyers today if you need further information about a breach of data protection claim. Whether a private company or a public body breached your data, they can offer advice.
Moreover, if our advisors can see that your case has solid grounds for compensation they can connect you with a No Win No Fee solicitor. Our panel of solicitors will only charge you a success fee if they win your No Win No Fee claim.
However, you won’t have to pay a success fee if you do not win. You will sign a Conditional Fee Agreement before you claim, to formalise this. Please call us on 0800 408 7825, or contact us via our website. On the other hand, use our Live Support widget to ask an advisor a question.
Data Breach Claim Resources
Human Error Data Breach Claims – Can you claim compensation for a data breach caused by human error?
Claim For A Wrong Email Address Data Breach – How to claim compensation if an organisation emailed your private information to the wrong address.
Stolen Or Lost Device Data Breach Claims – How to claim compensation for a data breach caused by a device loss incident.
Your right to be informed on how an organisation uses your data – an Information Commissioner’s Office guide.
An ICO guide to personal data breaches.
We appreciate you taking the time to read our guide to making a breach of data protection claim.