Last updated 10th January 2025. How is compensation for a data breach calculated? You may have seen or heard the increased media coverage of data controllers, organisations that require personal data, involved in personal data breaches. When data of a personal or sensitive nature is breached it could cause you, the data subject, financial and emotional harm. Did you know that with the right evidence, you can seek damages if a third party failed to handle your personal details according to the law?
All companies and organisations that require the collection of personal information must adhere to data protection law. Those who fail to adhere to data security laws can face stiff penalties from the Information Commissioner’s Office ICO.
At Accident Claims, our data breach specialist solicitors can help you today. After a friendly and informal assessment on the phone, our advisors could assist you in calculating and assessing your compensation claim for a data breach. If your claim looks likely to be awarded compensation they will appoint a solicitor to your case. Learn more by:
- Speaking to our advisors by calling 0800 073 8801
- Contact us online to request a callback
- Use the live support option below
Select A Section
What Is Compensation For A Data Breach Claim?
Personal data is more than just our name or address. It can include a wide swathe of information about our passwords, health, finances, and our ethnic background. Data protection laws look to secure our personal and sensitive information that is processed. The sharing and processing of our information require a data controller to have a lawful basis. Consent is just one basis that means our personal identifiable data can be processed
Any personal data that is processed either digitally or in physical files are protected by the data security laws. If such data is breached this could result in distress after a data breach as well as financial losses if money is stolen from your account or phishing scams mean fraudsters may steal your identity.
A personal data breach is a security incident that ultimately means identifiable information has been stolen, lost, altered, disclosed, destroyed or accessed without authority.
Personal data breaches can happen in a number of different ways:
- Human error
- Verbal disclosures
- Personal details sent to the wrong recipient
- Cybercriminal hacks into IT systems
- Ransomware, Malware, or phishing scams infiltrate weak data defences
The Data Protection Act 2018 and UK General Data Protection Regulation (UK GDPR) are the main UK legislation for data protection. The Information Commissioner’s Office (ICO) is an independent body that can investigate and issue fines against any company or organisation that fails to handle personal data in accordance with these laws.
A compensation claim can be eligible against the other party when you can show how this failure occurred and left you with either emotional and/or financial damage.
What Are Some Of The Largest Data Breaches?
Companies and organisations have an obligation to report a serious data breach to the ICO within 72 hours. As the impacted party, they should inform you about it as soon as possible.
The Information Commissioner’s Office fine data controllers if they fail to adhere to data protection laws. Here are some recent fines issued:
- Some recent notable fines issued by the ICO include £500,000 to the Cabinet Office for disclosing postal addresses.
- In October 2020, British Airways faced a massive £20 million fine for failing to protect the details of 400,000 customers.
- Marriott Hotels – fined £18.4 million by the ICO for failing to keep customers’ personal details secure.
Everyone’s personal data matters and the impacts after a breach can be very distressing for anyone. Speak to our team now to see what steps you can take to recover lost money and address the mental suffering caused by the data breach incident.
Will I Have To Go To Court?
Data breach compensation claims are similar to personal injury cases in as much that there are certain pre-action protocols that should be fulfilled before going to court. The courts like to see that both parties did all they could to resolve the issue before needing to take it further and pre-action protocols offer both parties the chance to discuss a resolution in a constructive way.
Because of this, it may not be necessary for your claim to go all the way to court. Points to be aware of however are that if the other party offers to settle directly with you and you accept it, this would mark the end of the claim or any future claims for damages. So it’s worth checking with a data breach specialist that you are in fact settling for the right amount. Speak to our team for help with this.
How Much Compensation For A Data Breach Does The Average Person Get?
There is not really an average amount of compensation for data breach claims. Firstly, the amount you may be awarded will depend heavily on how detailed and thorough the evidence to support your claim of financial loss and emotional harm are.
In some cases, a data breach can cause identity theft, leaving the data subject with thousands of pounds of debt. Or the psychiatric harm can be acute and cause profound long-term issues such as Post-traumatic stress disorder (PTSD) which can impact the sufferer’s life in many different ways. All the consequent amounts could be reimbursable with the right proof.
How Much Compensation For A Data Breach Do You Get?
You may be wondering how much compensation for a data breach you could be awarded. We cannot guarantee a set figure for you, because no two compensation claims are ever the same. However, we can tell you how a data breach compensation amount is calculated.
Compensation for a data breach, when a claim is successful, could be awarded for two types of damage:
- Non-material damage – the psychological harm you have suffered as a result of your personal data being breached, such as anxiety, distress, Post-Traumatic Stress Disorder (PTSD), or depression.
- Material damage – the finances you have lost as a result of your personal data being breached. For example, lost earnings if you’ve needed time off work due to your non-material damage, or costs to relocate if you feel unsafe.
You can receive compensation for either types of damage alone, or for both together.
To calculate your non-material damage, legal professionals may use the Judicial College Guidelines (JCG). The JCG is a document with guideline compensation brackets for various types of physical and psychological harm.
Compensation Table
Rather than a data breach compensation calculator, we have provided a table with some types of psychological harm from the JCG. We have also included their accompanying guideline compensation brackets.
However, please keep in mind that the top figure has not come from the JCG. Additionally, none of the JCG’s figures can be guaranteed as every claim is unique.
| Type of Psychiatric Harm | Severity | Notes | Guideline Compensation Bracket |
|---|---|---|---|
| Multiple serious types of psychiatric harm with material damage | Serious | Multiple serious types of psychiatric harm with financial losses such as lost earnings. | Up to £250,000+ |
| Psychiatric Damage - General | Severe (a) | A very poor prognosis in recovering from an inability to cope with life, education, work and personal relationships. | £66,920 to £141,240 |
| Moderately Severe (b) | A more optimistic prognosis but there'll still be significant problems. | £23,270 to £66,920 | |
| Moderate (c) | A good prognosis with marked improvements by trail. | £7,150 to £23,270 | |
| Less Severe (d) | By how much sleep and daily activities are affected will determine this award. | £1,880 to £7,150 | |
| PTSD (Post-Traumatic Stress Disorder) | Severe (a) | All aspects of life are badly affected. | £73,050 to £122,850 |
| Moderately Severe (b) | There'll be significant disability for the foreseeable future but the prognosis will be better. | £28,250 to £73,050 | |
| Moderate (c) | Continuing effects are not grossly disabling. | £9,980 to £28,250 | |
| Less Severe (d) | It will take 1-2 years for a virtual full recovery. | £4,820 to £9,980 |
For a more accurate estimate on how much compensation for a data breach you could be awarded, we advise calling our advisors today.
Get In Touch To Claim For A Data Protection Breach
Professional help calculating compensation for a data breach claim could make a drastic difference to the amount you are awarded. With this in mind, legal representation in the form of a No Win No Fee agreement can help.
At Accident Claims, we could connect you with a data breach specialist solicitor offering a service like this. No Win No Fee has numerous advantages:
- No upfront solicitor fees
- If the case wins a maximum capped percentage of your settlement as the success fee for the solicitors
- If the case fails no success fee.
If the case wins the solicitors deduct no more than 25% from the settlement as their fee.
Why not get in touch to see how you can start your claim today? Simply:
- Speak to our advisors by calling 0800 073 8801
- Contact us online and request a callback
- Or use the live support option below
Read More About Claiming Compensation For A Data Breach
- Read some FAQs on UK GDPR data breaches – compensation claims guide
- More general information about No Win No Fee data breach personal injury claims
- Frequently asked questions about your rights after a credit card data breach
- Complain to the ICO about a data breach
- Advice from the Government about data security
- Tips for staying safe online
