When we hear about data breaches involving vast amounts of personal data being exposed, we often think about hackers and cybercriminals. However, not all breaches are caused by illegal activity. They’re also possible because of simple mistakes. While the implementation of the UK General Data Protection Regulation (UK GDPR) has improved personal data security, mistakes still happen and can cause problems for anybody whose personal data is compromised. Therefore, in this guide, we’ll look at human error data breach claims.
Personal Data Breach Claims
If personal information about you has been exposed in a data breach, you could claim compensation if the incident has caused you to suffer psychologically or financially. As well as the potential to lose money if criminals access your data, you could also claim for any psychological harm that results as well.
For example, you could receive a settlement if a data breach has caused embarrassment, anxiety or distress.
The claims process isn’t always easy and you may benefit from the help of a specialist data breach lawyer from our panel.
If you’re interested in discussing your claim with us today, please call us on 0800 408 7825. Alternatively, please read on to find out more.
Select A Section
- Human Error Data Breach Claims Explained
- What Are Human Error Data Breaches?
- Common Types Of Human Error Data Breach
- What Type Of Damage Can You Claim For A Data Breach?
- Calculate Human Error Data Breach Compensation
- Could A No Win No Fee Solicitor Help Me?
- Contact Us
- Where Can I Find Out More?
Human Error Data Breach Claims Explained
In this article, we are going to explain what human error data breaches are, the problems they can cause and how they might happen. Furthermore, we will explain when compensation might be possible and how much you might be paid.
We’ll also try to answer some common questions such as:
- Can you claim compensation for a data breach?
- What is human error in a data breach?
- Can I sue for a data breach?
- Who is legally responsible for a data breach?
It’s important to note that data breach claims are valid if the party in control of or processing your personal data was at fault through positive wrongful conduct. For example, an accidental data breach could happen if there was a lack of employee data protection training. (If the employee was correctly trained but the error happened anyway, the party in control of it or processing it may not be liable.)
Before you decide whether to claim, you may wish to use our live chat to check how long you have to make your claim. That’s because some claims involving public bodies can have a 1-year time limit. In other cases, you could have as long as 6 years.
When you’re ready to discuss your claim, please feel free to call. We review cases for free and explain your legal options. If your case seems valid, we could pass it to a data breach lawyer from our panel. Should they agree to represent you, they’ll work on a No Win No Fee basis.
How many people are affected by data breaches?
If a data breach affects the rights and freedoms of a data subject (a person whose data has been processed), the breach must be reported to the Information Commissioner’s Office (ICO).
The ICO enforces data protection legislation in the UK. It also publishes quarterly data security incident trends to show how many reported breaches occurred in various sectors. As you can see from the graph below regarding data relating to quarter 2 of 2021/22, there were over 1,700 reported non-cyber security incidents.
What Are Human Error Data Breaches?
Not all data breaches are illegal or deliberate acts. Sometimes they can be caused by human error. They are incidents that arise from a mistake which mean information about a data subject is altered, disclosed, lost, destroyed or accessed without a lawful basis.
Just because a personal data breach is caused by human error does not exclude it from a data breach claim. You could be compensated for any mental or financial harm that’s caused by an accidental, deliberate or illegal data breach.
Common Types Of Human Error Data Breach
There are several scenarios that could result in an accidental data breach. Not all can be listed here but some examples include:
- Where staff click on links in a phishing email and provide personal information to a recipient who doesn’t have a lawful reason to access it.
- Paper-based documentation containing personal information is thrown into general rubbish instead of being securely destroyed and is accessed by someone who doesn’t have a lawful reason to.
- Where letters containing personal information intended for one person are sent to an unauthorised person, despite the correct address being on file.
- If staff accidentally disclose personal information in conversation with others without a lawful basis to.
Importantly, rather than claiming against an individual who has made a mistake, you’ll usually claim against the data controller or data processor.
A data controller decides how and why your personal data will be collected and used. They may also process your data. A data controller may choose to use a separate agency or organisation to process the personal data (data processor).
Data processing can mean any action taken upon your personal information like storing it, changing it, deleting it or sharing it.
What Type Of Damages Can You Claim For A Data Breach?
Within the UK GDPR documentation, you’ll find information on what you can claim for following a data breach. Generally, the claim could consist of two elements:
- Material damages. This is based on financial losses caused by the data breach. It could include costs, expenses or money stolen from you because of the breach.
- Non-material damages. This is based on any mental harm caused by the breach. You could claim for anxiety, depression or similar conditions, for example.
When you claim, you need to consider whether you’ll suffer in the future. To help with this, you will need a medical assessment. It will be carried out by an independent expert who will determine your prognosis after speaking with you.
Human Error Data Breach Compensation Calculator
We are now going to consider what amount of compensation could be paid for the types of suffering discussed previously. To do this, we’ve used guidelines from the Judicial College for a range of psychological injuries. The same figures are used by courts, solicitors and insurers when settling claims.
To provide some background on how compensation is awarded, let’s look at some recent court cases. During the case of Vidal-Hall and others v Google Inc , the Court of Appeal decided that it is possible to claim for psychological injuries that result from a data breach in cases where no money has been lost. This saw a move away from previous guidance where claims weren’t possible if you’d not lost any money.
In another case, Gulati & Others v MGN Limited , the court ruled that where compensation is paid for any psychological injuries, it should be based on payments made in personal injury claims.
Therefore, the compensation table below uses those figures:
|Type of Injury||Severity||Compensation Bracket||Comments|
|General Psychiatric Damage||Severe||£51,460 to £108,620||There will be significant issues managing personal and work relationships. The claimant will be vulnerable in the future and they'll struggle to cope with work and life in general. A very poor prognosis will be given and any treatment will probably not be beneficial.|
|General Psychiatric Damage||Moderately Severe||£17,900 to £51,460||The claimant will have the same serious issues as above. However, there will be a more optimistic prognosis.|
|PTSD||Severe||£56,180 to £94,470||The symptoms of PTSD in this category will be foreseen as permanent. They will have an impact on all aspects of the victim's life. As a result, they won't be able to return to work and they won't be able to function at pre-trauma levels.|
|PTSD||Moderately Severe||£21,730 to £56,180||Symptoms will be temporary but significant and similar to the above. However, with professional treatment, there will be some hope of recovery to a certain degree.|
|PTSD||Moderate||£7,680 to £21,730||The victim will have started to recover from most symptoms. Any that do continue won't be largely disabling.|
Could A No Win No Fee Solicitor Help Me?
Taking legal action can be quite frightening. As well as dealing with insurance companies and, in much rarer cases, courts, the thought of upfront solicitor fees often arises. This isn’t something to worry about too much. That’s because our panel of data breach solicitors offer a No Win No Fee service for all claims they take on.
If your case is referred to a solicitor from our panel, they’ll review its merits with you. If they believe your claim is strong enough, they’ll provide a Conditional Fee Agreement (CFA) for you. (This is another term for No Win No Fee agreement.) This will show what needs to happen before you’ll pay any solicitor fees.
Should your claim have a positive outcome, your solicitor will deduct a success fee from your compensation. This is listed in the CFA so there aren’t any surprises when the claim is finalised. Importantly, success fees are legally capped and you do not pay them if your case is lost.
If you have a valid, potential human error data breach claim, there are several ways to contact us. You can:
- Call our advisors on 0800 408 7825 for free legal advice.
- Connect with us via live chat when available to discuss your options.
- Contact us via our site to request a callback at a time that’s best for you.
If you are unsure about your eligibility to claim, don’t worry. You can ask as many questions as you like and the advice you’ll receive will be free. If your claim is taken on by a data breach solicitor from our panel, you’ll benefit from their No Win No Fee service.
Where Can I Find Out More?
In this final section of our guide, we’ve added some additional resources that you might find useful.
- Your Data Matters – A range of articles from the ICO relating to personal data safety.
- NHS: Stress – This NHS article links to several resources that might help if you’re struggling with stress.
- Data Protection – Information from the government about when data protection laws apply.
- Data Protection Breach Examples
Thank you for reading through this article on human error data breach claims.
Article by RA