Personal

Data Breach Claims

SOLVING PERSONAL LEGAL MATTERS

together

In May 2018, new legislation came into force that gave individuals more control over personal data and what data can be held by organisations. The General Data Protection Regulation (GDPR), and the Data Protection Act 2018 contain provisions and requirements on processing of personal data of individuals within the European Economic Area.

Those that control this data, must have appropriate technical and organisational measures to protect the data they collect, and obtain consent for its collections and disclosure where required. This is why you get pop-ups on every website you go to informing you that they use cookies to gather data.

While the majority of companies have taken robust action to protect this data, not all organisations do. If your data is misused, disclosed, destroyed or lost and you have suffered financial loss or distress then it may be possible for you to claim compensation. If you think you have been adversely affected by a data breach, then contact our expert lawyers today.

Data breach compensation

If an organisation that holds your data suffers a data breach, you may be entitled to compensation if you have suffered some form of loss. A data breach is when personal data is lost, destroyed, accessed or disclosed in an unauthorized way whether that's by accident or deliberately by someone inside or outside the organisation.

Data breaches may involve:

  • Personal health information (PHI)
  • Medical documents
  • Social services documents
  • Financial information
  • Sensitive, protected or confidential information

Can you get compensation for breach of data protection?

If you believe your personal data has been lost or misused and you have suffered loss or distress, you may be able to claim for compensation. However, data breach cases are not straightforward. It is recommended to contact the Information Commissioner's Office (ICO), the UK's data protection regulator and supervisory authority for GDPR compliance. The ICO can investigate the incident and determine if an organisation is at fault for the breach. This can be a slow process, but it can add weight to a compensation claim. The ICO does not award compensation, to be awarded compensation you will need to make a claim against the organisation who breached your data.

You don't have to contact the ICO or wait for its investigation to conclude, you can bring a case against an organisation directly without having to involve the ICO. However, it will make you case much stronger if they find there is a breach.

Who can you claim against for a breach of data protection?

You can bring a claim for a data breach against an individual or an organisation either in the public sector, private sector or charitable sector. In some cases, there may be more than one defendant. Typically, GDPR claims and data breach claims are settled out of court.

How much you will get in compensation will depend on the type of data breach and how this has affected you both financially and mentally. The law in this area is currently developing; the courts haven't yet give any specific guidelines on what will be awarded.

Damages awarded in employment discrimination cases may provide some guidance and can be put into 3 bands.

  1. £900 - £8,600 for less serious cases where the incident is a one off, for example
    • Disclosure of an individual's name, date of birth, home and email addresses £1,000 - 1,500
    • Disclosure of medical records £2,000 - 5,000
    • Disclosure of financial information £3,000 - 7,000 depending on the effect of the breach
  2. £8,600 - £25,700 for a breach more serious than the first band
  3. £25,700 - £42,900 if there has been a protected pattern of default, which causes depression or illness . Medical evidence would be required to support this along with evidence to support any other losses, for example earnings.

Forbes Solicitors have a team of experts in this area who can offer a free initial consultation to determine if we can help and whether your case is worth pursuing. If you do have a case our highly experienced solicitors will be able to offer support and guidance in making an initial complaint to the ICO and thereafter in pursuing your claim to settlement, through the Small Claims Court if necessary. No win, no fee funding arrangements may also be available.

Contact Us

Get in touch to see how our experts could help you.

Call0800 689 3206

CallRequest a call back

EmailSend us an email

Contacting Us

Monday to Friday:
09:00 to 17:00

Saturday and Sunday:
Closed

FAQs

What is a GDPR Claim?
 
 

Known as the General Data Protection Regulation (GDPR), this regulation outlines provisions and requirements on pertaining and processing of personal data of individuals within the European Economic Area.

If your data is misused, disclosed, destroyed or lost and you have suffered financial loss or distress then it may be possible for you to claim compensation. If you think you have been adversely affected by a data breach, then contact our expert solicitors today.

Can I get compensation for a data breach?
 
 

It is possible to make a data breach claim for compensation but you must be able to provide evidence that you have suffered damages and stress as a result of the data breach. The current period for making a data breach claim is 6 years, 1 year if it involves a breach of Human Rights.

The aim of compensation is to try and place a claimant back in the same position as if no discrimination had taken place. If you think you have been adversely affected by a data breach, then contact our expert solicitors today.

Can you sue for a GDPR Breach?
 
 

The short answer is, yes. GDPR was introduced in May 2018 to ensure personal data is not misused, disclosed, destroyed or lost.

Every circumstance will be different but if you think you have been affected by a data breach, then contact our expert solicitors today who will be happy to assist.

Can I get compensation for a GDPR breach?
 
 

Yes. The aim of compensation is to try and place a claimant back in the same position as if no discrimination had taken place. If your data is misused, disclosed, destroyed or lost and you have suffered financial loss or distress then it may be possible for you to claim compensation. GDPR was introduced in May 2018 to protect consumers and employees. There are rules that companies must abide by in order to remain compliant. If a business does not follow this then they may be liable to pay compensation.

If you think you have been adversely affected by a data breach, then contact our expert solicitors today.

Need more help?

Get in touch to see how our experts could help you.

Call0800 689 3206

CallRequest a call back

EmailSend us an email

Our dedicated Data Breach Claims team

Partner, Clinical Negligence and Personal Injury Solicitor

John Bennett

Partner

Personal Injury

PinAccrington

Call01254 872111

Associate Clinical Negligence and Personal Injury Solicitor

Leonie Millard

Partner

Clinical Negligence

PinLeeds

Call01254 770517

Partner, Clinical Negligence and Personal Injury Solicitor

Peter Dugdale

Solicitor

Personal Injury

PinAccrington

Call01254 770513

Useful Information

Article

GDPR Damages

17 Oct 2019

The principles on how damages are assessed are set out below: The subject matter…

Read more

Contact Us

If you have a general enquiry then please fill in your details and someone will contact you.

Call0800 689 3206

CallRequest a call back

EmailSend us an email

Contacting Us

Monday to Friday: 09:00 to 17:00
Saturday and Sunday: Closed