The thought of any personal data being breached to strangers can be alarming, particularly in the workplace. The stress and uncertainty might cause real emotional and financial harm, particularly if criminals get to use the data. You may not know, but if you experienced a data breach at work, claims can be made for the psychological and financial harm caused.
All businesses and organisations have certain responsibilities when it comes to safeguarding the personal data held about you. Two main pieces of legislation outline this, called the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR). These laws detail how those in control of data (called controllers and processors) should best meet their obligations to handle personal information correctly.
These laws also detail what constitutes a personal data breach. Typically, this is any impact on the data’s integrity, availability and confidentiality. In addition to this, certain data is classed as a special category and warrants an even higher level of care when being processed. If you feel that your data was lost, duplicated, destroyed without authorisation or shared wrongly, our No Win No Fee data breach solicitors could help.
All the information you need to understand a claim after a workplace data breach is below. However, you can also contact our team of expert advisors for a free, no-obligation assessment of your data breach claim right now. Simply:
- Call the team on 0800 073 8801
- Use the live chat to ask a question about data breach at work claims.
- Contact us for immediate help.
Frequently Asked Questions
- What Compensation Could I Get For A Data Breach At Work?
- Who Is Eligible To Make Data Breach At Work Claims?
- What Information Could Be Breached By My Employer?
- Examples Of How A Data Breach At Work Could Occur
- What Is An Accidental Data Breach At Work?
- How Can I Prove My Employer Is Liable For The Data Breach?
- Data Breach At Work Claims With A No Win No Fee Solicitor
- More Information
What Compensation Could I Get For A Data Breach At Work?
Between £66,920 and £141,240 could be awarded for the most severe psychiatric damage caused by a data breach. You may also hear psychological harm referred to as non-material damage. This figure was taken from the Judicial College Guidelines (JCG). However, it is only suggestive.
The JCG is a document that provides guideline brackets for various injuries, including psychological harm ranging from general anxiety to acute post-traumatic stress disorder (PTSD). When used alongside medical reports, those involved in calculating compensation amounts for data breach claims can arrive at an approximate amount for non-material damage.
It’s important to stress that every claim will vary, and compensation awards will always differ to amounts shown. Also, the first line in our table is not from the JCG.
Compensation Guidelines
| HARM | SEVERITY | GUIDELINE COMPENSATION | NOTES |
|---|---|---|---|
| Instances of very severe psychological harm and Material Damage compensation. | Severe | Up to £250,000 plus | Cases where the person suffers multiple forms of psychological harm and is awarded amount for lost income from missed time at work and professional counselling. |
| General Psychiatric Harm | (a) Severe | £66,920 going up to £141,240 | A severe level of mental health impact across all aspects of the person's life. |
| (b) Moderately Severe | £23,270 going up to £66,920 | A better future outlook than severe cases, but still representative of a permanent or long-standing disability. | |
| (c) Moderate | £7,150 going up to £23,270 | Although initial symptoms are severe, a better prognosis indicates an improvement by the time of any trial. | |
| (d) Less Severe | £1,880 going up to £7,150 | The award made in this bracket reflects the duration of injury. | |
| PTSD (Post-traumatic stress disorder) | (a) Severe | £73,050 going up to £122,850 | Cases of permanent harm that stops the person from coping in any way as they did prior to event. |
| (b) Moderately Severe | £28,250 going up to £73,050 | Differs from the above bracket because of improvements made through professional counselling. | |
| (c) Moderate | £9,980 going up to £28,250 | Largely, a recovery is noted with persisting symptoms being classed as not grossly disabling. | |
| (d) Less Severe | £4,820 going up to £9,980 | In the space of 12 - 24 months an almost full recovery is seen and only minor symptoms persist after this. |
The financial harm created by the data breach can be assessed, and reimbursement can be included as part of a settlement (or you may only have suffered financial harm due to the data breach, so you may be compensated for this alone). You may also hear this financial harm referred to as material damage. However, to recover your material damage, you will need to submit documented evidence that proves any out-of-pocket costs incurred from the data breach at work. You can use:
- Proof of the costs of any counselling you need.
- Evidence of expenses that relate to regaining privacy across personal devices.
- The cost of changing jobs or moving home.
Severe data breaches can cause huge disruption in a person’s life. So, it’s important to keep hold of anything that you feel demonstrates a negative impact on your finances after the data breach. If you work with our solicitors, they could use this evidence to leverage a higher compensation amount for you.
Who Is Eligible To Make Data Breach At Work Claims?
You can be eligible to start a data breach at work claim if you can meet three specific criteria:
- Your employer failed to comply with data protection laws.
- Your personal data was compromised as a result.
- This led to you experiencing damage to either your mental health and/or your finances.
If you’d like additional guidance on whether you qualify to start a data breach at work claim, speak to our advisors today.
What Information Could Be Breached By My Employer?
There is a wide range of information that an employer could breach, from basic contact details to the most sensitive medical information. The following list is not exhaustive, as there may be other personal information required depending on the exact nature of your job:
- Name, address, and contact number.
- National insurance number.
- Copies of birth certificates or passport details.
- Salary and banking details.
Some information may be shared without seeking consent, and not all instances of a data breach are the fault of an employer. For example, a firm could have the best cyber defences in place and still suffer a malware attack. So, to check your eligibility to start a personal data breach claim, speak to our advisory team.
What Is Classed As Special Category Data?
Special category data is personal data that carries a higher risk of causing harm to the subject (you) if it is breached due to its highly sensitive nature.
This includes:
- Health data and details of medical conditions.
- Trade union affiliations.
- Biometric and genetic information.
- Details about sexual orientation.
- Details about your racial and ethnic background.
- Results of background security checks.
- Information on any criminal convictions.
The Information Commissioner’s Office (ICO) is an independent watchdog of data rights for the public in the UK. This body has far-reaching powers to investigate data breaches in companies, large or small. Their website provides a wealth of information about data breaches, and they define certain data as a special category.
If you can prove that sensitive data about you was breached in a way that caused harm, speak to our advisors about your grounds to start a data breach at work claim.
Examples Of How A Data Breach At Work Could Occur
Data breaches at work can occur for a variety of reasons, including deliberate malice or human error. Below are some examples of how a data breach could occur in the workplace because of wrongful action on the part of the controller or processor:
- The workplace could fail to ensure that the personal data of staff is kept safe through either locked cabinets or robust IT defences. This allowed unauthorised entities to access it.
- The employer might neglect to train staff in data protection leading to an increase in human error. For example, a verbal disclosure could occur if front-of-house staff are discussing another employee.
- Personal data can be breached if an office shares information on insecure platforms, social media groups or through unencrypted texts and calls.
- Laptops, memory sticks and smartphones (as well as paper documents) containing personal information could be left in a place accessible to others, resulting in theft.
- When an employer posts personal data to the wrong address this creates an opportunity for criminality that harms the employee.
Whatever the precise circumstances, data breach at work claims can be launched if you can prove data protection laws were not met by those entrusted with the personal information. Speak to our team for extra guidance on your options.
What Is An Accidental Data Breach At Work?
An accidental data breach in the workplace is often the result of human error such as forgetting to lock a cabinet or lock a computer screen. To avoid this, all staff involved in the processing of personal data should be properly trained and aware of their data protection responsibilities. They should also take personal responsibility every day to avoid causing a security incident involving personal data. Some examples are as follows:
- A colleague leaves a laptop open with your personal data visible to others.
- Paperwork containing personal information about you is placed in a normal bin rather than shredded securely.
- Two co-workers in the HR department discuss details about your health in a way that unauthorised persons can hear.
- The results of any background checks or disciplinary actions are attached in a group email by accident, allowing others to see them.
Again, it’s important to emphasise that actual psychological and/or financial harm must result from the data breach in order to make a claim. Furthermore, not every data breach is something a claim can be made for. For example, if the incident was rectified before harm could occur, then there isn’t a reason to claim.
If you would like to discuss the particular circumstances of your data breach with our advisory team, please call, email or ask the live chat function a question for an immediate response.
How Can I Prove My Employer Is Liable For The Data Breach?
You can try to prove your employer is liable for the data breach by assembling evidence that shows the circumstances of a data breach. For example:
- The letter of notification from your employer about the data breach.
- Any other correspondence relating to what happened to your personal data.
- Bank statements and receipts that prove you were faced with financial repercussions.
- Medical records and reports from any mental health professionals you needed to see.
- Proof of medication taken for stress.
If you’d like information about how our solicitors can help assemble evidence and handle data breach at work claims, get in touch with advisors through the contact options above.
Data Breach At Work Claims With A No Win No Fee Solicitor
Making a data breach claim with our expert No Win No Fee solicitors could give you a greater chance of receiving compensation. Data breach claims can become complex and time-consuming. So it can be a real benefit to know that a skilled data breach solicitor is taking care of all the details and making the process as stress-free as possible. Our solicitors can help in a number of ways:
- They will assist you in collecting supporting evidence.
- Our solicitors will calculate the total compensation amount with a much higher level of accuracy than any online compensation calculator.
- They can confidently handle all correspondence throughout the data breach claims process.
- They’ll present your case in a professional manner at all times.
No Win No Fee Data Breach Claims
In addition to these excellent support services, our solicitors can offer their services through a version of a No Win No Fee contract called a Conditional Fee Agreement (CFA). Typically, this has the following advantages:
- No immediate solicitor’s fees apply to start work.
- No solicitor’s fees apply as the claim moves forward.
- No solicitor’s fees apply if the claim is unsuccessful.
- Only a small, legally limited percentage of your compensation will be taken. And this success fee can only be deducted from successful data breach at work claims.
Importantly, this success fee is something you can agree upon with your solicitor prior to work.
Rather than face the stress and complexity of data breach claims at work alone, why not see if our solicitors could help you in this way? Getting started couldn’t be easier. Simply:
- Call the team on 0800 073 8801 to see if you can claim compensation after data protection breaches at work.
- Also, you can use the live chat to ask a question below.
- Contact us online for immediate help to start your data breach claim today.
More Information
More information is available in these other resources:
- This guide looks at a disciplinary investigation at work claims.
- In addition to this, here we discuss text message data breaches.
- Also, read more about claiming for anxiety due to a data breach.
External resources on this topic:
- This explores the action the ICO has taken on data breaches.
- Also, read more about the UK’s data protection laws here.
- Lastly, information on tips to stay safe online from the National Cyber Security Centre (NCSC).
In conclusion, thank you for reading this guide on data breach at work claims. Please contact the team for any more information or help on how to claim data breach compensation.
