If you’re thinking about how to claim for a data breach, this article could be just what you need. In it, we’ll discuss what data breaches are, who can handle personal information lawfully and what the claims process involves.
If you have any questions, why not get in touch? Available 24/7, our advisors can give you an obligation-free consultation. If you have strong grounds for a claim, they could connect you with our panel of data breach solicitors.
Contact us by
- Calling the number at the top of the screen
- Using our make a claim form
- Leaving a message using our live chat
Choose A Section
- Guidance On How To Claim For A Data Breach
- A Definition Of Data Breaches
- Causes Of Data Breaches
- How To Claim For A Data Breach – Compensation Amounts
- Benefits Of Using No Win No Fee Lawyers
- Further Information About How To Claim For A Data Breach
Guidance On How To Claim For A Data Breach
Whether the result of malicious activity or an accidental breach, you may want to know how to claim for a personal data breach. This is because both options can cause significant financial and emotional damage and potentially leave you vulnerable to further breaches.
Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, organisations that are involved in the processing of personal data should take measures to protect it. Data controllers are organisations that decide how and why your personal data will be processed. Data processors are organisations that may, on behalf of the data controller, process personal information.
Personal information or personal data is information that can be used to identify you, whether in combination with other data or directly. Examples include:
- Your name
- Biometric data (for identification purposes)
- Your address
- Your personal email address
- Credit card details
The Information Commissioner’s Office (ICO) is an independent guiding authority regarding data breaches. Breaches that meet a specific set of criteria must be reported to the ICO in order to enforce data breach laws. Though they enforce data breach legislation, the ICO can’t provide you with compensation.
In order to claim, you’d need to show that:
- A data controller or data processor’s wrongful conduct caused the breach
- Your personal information was involved in the breach
- You suffered financial loss or mental harm, or both, as a result
Call our advisors if you’d like to find out more.
A Definition Of Data Breaches
A personal data breach is a security breach leading to the accidental or unlawful destruction, loss, alteration, disclosure of or access to personal data. This applies to breaches that were both caused deliberately and accidentally and suggests that there is more to breaches than simply losing data.
Breaches are broadly defined as incidents that affect the integrity and confidentiality of personal information.
To claim compensation for such an event, you must prove that the breach was caused by the wrongful conduct on behalf of the data controller or data processor. Furthermore, you must prove that you suffered adverse effects from this data breach in the form of financial or psychological damages.
Causes Of Data Breaches
Data breaches you can claim for can be caused by several factors. The causes of data breaches can depend on factors such as how the personal data is held (digitally or physically, for example).
Digital Data
Your personal information can be held digitally, online or on computer systems, for example. Causes of data breaches could include:
- Failure to use BCC in an email, meaning that personal email addresses are exposed to other recipients of the email who aren’t authorised to see your personal data.
- Sending an email containing personal data to an unauthorised recipient.
- A cyberattack where cybercriminals access your personal data because they’re able to access and infiltrate unsecured online systems.
Physical Data
Physical personal information could include written notes including your name or address. It might also include paper records stored in files. Data breaches involving physical personal data could include:
- A failure to redact personal information on published leaflets or letters
- Incorrect disposal of paperwork containing personal information
- Loss or theft of paperwork containing personal information
- Personal data posted or faxed to an unauthorised person
Verbal disclosure of personal information could also be a data breach.
Figures For Data Breaches
The Information Commissioners Office (ICO) regularly publish a security incidents report detailing the data breaches seen throughout the fiscal year. Of 9,559 breaches in 2021/22, 16.76% or 1,602 were caused by emails being sent to the incorrect recipient.
Across all four quarters, the health sector was subject to the most breaches, a total of 1,936. Of these breaches, the most common was the 390 non-cyber incidents, accounting for 20.14% of the total. Even local governments saw 922 breaches. Here, any breach could be devastating, such as the potential release of tax information.
How To Claim For A Data Breach – Compensation Amounts
There are two potential types of compensation that you could seek in a personal data breach claim.
Material Damages
Material damages are the financial repercussions that result from a data breach. As such, the data breach compensation you can claim from them will be based on the amount you lost. Breaches like this that leak your financial or banking details could cause significant losses, such as:
- Theft from your bank account
- Damage to your credit score
Non-Material Damages
Non-material damages account for the psychological harm you suffer due to the data breach. These can include:
- Stress
- Depression
- Anxiety
- Distress
The Judicial College Guidelines (JCG) is a publication that can be used to distinguish the potential value of various injuries. This includes psychological harm.
Injury | Severity | Compensation Brackets | Notes |
---|---|---|---|
Psychological Damages Generally (a) | Severe | £54,830 to £115,730 | The injured person will have marked problems with forming and maintaining relationships with extreme future vulnerability. Prognosis is poor and recovery unlikely. |
Post Traumatic Stress Disorder (a) | Severe | £59,860 to £100,670 | Cases will involve permanent effects that will disallow the injured from functioning at a pre-trauma level, and all aspects of the person's life will be badly affected. |
Psychological Damages Generally (b) | Moderately Severe | £19,070 to £54,830 | The prognosis will be more optimistic than (a) but significant problems will persist. Cases involving negligent stillbirths are considered to fall in this bracket. |
Post Traumatic Stress Disorder (b) | Moderately Severe | £23,150 to £59,860 | This category will be distinct from (a) above due to the improved prognosis which will allow for some recovery with professional help. The effects of the injury however will cause significant disability for the foreseeable future. |
Psychological Damages Generally (c) | Moderate | £5,860 to £19,070 | The previously mentioned problems will have been present, but there will be marked improvement by trial and the prognosis will be good. |
Post Traumatic Stress Disorder (c) | Moderate | £8,180 to £23,150 | The claimant will not have any majorly disabling, persistent injuries, and will mostly recover within two years. |
Psychological Damages Generally (d) | Less Severe | £1,540 to £5,860 | The period for which you suffer disabilities will be the main consideration alongside the extent to which daily activities were restricted. |
Post Traumatic Stress Disorder (d) | Less Severe | £3,950 to £8,180 | A virtually full recovery will have been made within a couple of years and any symptoms that persist will be minor. |
If you can’t see your injuries in the compensation table above, why not get in touch?
Benefits Of Using No Win No Fee Lawyers
Should you launch a strong claim with a solicitor, you may be invited to do so under a No Win No Fee agreement. This is an umbrella term for several functionally similar legal agreements. However, a Conditional Fee Agreement (CFA) is applicable here.
A No Win No Fee agreement is a funding arrangement that is mutually beneficial to you and the data breach solicitor that you are working with. Essentially, you don’t have to pay your solicitor their success fee unless the claim is successful. The success fee is a small percentage of the compensation that goes to your solicitor if the claim wins. It’s capped by law and can be negotiated in some circumstances.
The benefits of this arrangement are multiple. Firstly, the introduction of a conditional payment incentivises your solicitor to win your case and earn you more compensation.
Additionally, by restricting payment and sourcing it from the compensation you win, No Win No Fee agreements aim to ensure that you are not left worse off financially by claiming. These agreements can make legal representation more widely available.
Ask About How To Claim For A Data Breach
Contact our advisors for further information on how to claim for a data breach or to make a claim. Available 24/7, they can give you an obligation-free consultation about your case that is completely free.
Contact us by
- Calling the number at the top of the screen
- Using our make a claim form
- Leaving a message using our live chat
Further Information About How To Claim For A Data Breach
- A General Guide To Data Breach Compensation
- How To Claim GDPR Compensation For Distress
- How To Claim Medical Data Breach Compensation
- Medical Conditions Data Breach Claims
- Mortgage Broker Data Breach Claims
- Sexuality Data Breach Claims
- Payouts For Disciplinary Records Data Breach Claims
- Tax Information Data Breach Claims
- How To Find Data Breach Solicitors
- Accountant Data Breach Claim
- Data Breach Claim Examples
- UK GDPR Data Breach Claims Explained
- Trade Union Membership Data Breach Claims
- UK GDPR Compensation Calculator For 2022
- Can I Make A Police Data Breach Claim?
- Completing A Data Breach Report For A Compensation Claim
- Debt And Arrears Data Breach Claims
- Credit Score Data Breach Claims
- Wage Data Breach Claims
- How To Claim For A Disciplinary Information Data Breach
If these were useful, you might want to consider the following resources.
Cyber Security Survey 2022 | GOV
Data Breaches – Make A Complaint | GOV
Report A Breach | ICO
Publisher Ruth Voss
Writer Ryan Wall