This guide walks you through the process of what to do in the event that your personal data is breached. When you hand your personal information over to bodies and organisations, you expect it to be protected. If this information is accessed without lawful reason or utilised in unlawful ways, it could negatively affect you. Data breach claims can stem from these incidents.
Get in touch with us today for more information. Speaking with us directly could be the best way for us to help you. Our telephone number is at the top of this page.
Select a Section
- The Definition Of A Data Breach
- What Should I Do If My Data Is Breached?
- Am I Eligible To Make A Data Breach Claim?
- How Much Compensation Could I Get If My Data Is Breached?
- Finding No Win No Fee Data Breach Solicitors Near You
- Learn More About Your Rights If Your Data Is Breached
The Definition Of A Data Breach
A personal data breach is when there is a breach in security and your information is unlawfully or accidentally lost, disclosed, destroyed, accessed or changed. It doesn’t matter whether the data breach is intentional or not. Even if your personal data is breached due to an oversight or an accident, you could still be owed compensation.
In order to claim, there does need to be some form of positive wrongful conduct carried out by the data processor or data controller.
A data controller is an organisation that decides how and why your personal information will be used. For example, an employer might request your bank details so they can pay you.
A data processor is a separate organisation that processes personal data on behalf of the data controller.
In other words, if they have taken all necessary and reasonable steps to keep your personal data safe, then it is unlikely you could make a claim if your data breach. This is because they can be seen to have fulfilled their legal responsibility to protect your personal data as best they can.
Both the UK General Data Protection Act (UK GDPR) and the Data Protection Act 2018 outline dependent factors surrounding potential claims that involve a personal data breach. For example, one of the points is that you need to have suffered some kind of damage as a result of the data protection breach.
The damage can be psychological, and the figures you can receive for this are known as non-material damages. If your personal data is breached and you lose money as a direct result, then the amounts you could claim back for this are known as material damages.
Data Breach Statistics
Whilst data breaches can occur with hard copies of your personal information such as letters or physical files, they also take place online. Cybercrime is also a method of accessing personal data.
The Cyber Security Breaches Survey for 2021 shows that in the 12 months preceding the survey, 4 in 10 businesses reported cyberattacks and/or data breaches. This amounts to around 39%.
For charities, this figure is lower but still amounts to around a quarter of them (26%) reporting cyberattacks.
What Should I Do If My Data Is Breached?
In the event that your personal data is breached, you may be informed of the occurrence by the data controller or data processor. However, it could be that you discover the personal data breach yourself.
If this is the case, then you should get in touch with the data controller. Find out what information has been breached and who now has access to your personal data. If anyone has exposed your personal information, your concerns are completely valid.
If there is no reply or no satisfactory reply, then you can contact the Information Commissioner’s Office (ICO) and make a complaint. You’d need to do this within 3 months of the final response from the data controller.
The ICO is an independent UK body that is responsible for upholding personal information rights across the country. You cannot claim compensation from the ICO, but they can potentially investigate for you and take punitive measures against the data controller.
If your personal data is breached, you can also seek legal advice for assistance and make a claim for data breach compensation.
Am I Eligible To Make A Data Breach Claim?
Data breach lawyers will need to determine whether you have a valid claim to see if you could be awarded compensation. Firstly, if your personal data is breached then your lawyer will need to help you prove this. If you don’t have any proof then your chances of success could be reduced.
Additionally, your personal data being breached is not enough to be eligible to claim GDPR data breach compensation either. You need to establish that the data controller/processer was at fault and that this led to the breach.
Personal data can be leaked without those in charge of its security being to blame. However, if their failings led to the breach (for example, they had substandard cybersecurity which led hackers to easily access your personal data), you could claim.
You also need to have suffered as a result of the breach. You are not entitled to compensation simply because your data has been breached. It needs to have caused some kind of psychological damage or financial loss.
There is also a window of opportunity in which you can make a claim. You could have just 1 year to claim against a public body. For example, the NHS or police could fall into this category.
Alternatively, you could have 6 years to claim against a non-public body.
Why not get in touch with us to see if you’re within the time limits to make a claim?
How Much Compensation Could I Get If My Data Is Breached?
As mentioned earlier, your compensation can be made up of a few different sums if your personal data is breached. We’ll explain them more thoroughly in this section.
Material Damages
This figure is made up of the money that you’ve lost as a result of the data breach. For example, the information that was leaked could have contained your bank details. This could lead to money being taken from your account that is beyond your control. This money could be returned to you as a material damages payment, if it hasn’t already been recovered.
Non-material Damages
You may suffer from certain forms of psychological harm if your personal data is breached. You could be compensated for these. It’s also possible to claim for only non-material damages without suffering material damages first. What’s more, you could claim for material damages alone.
Due to the recommendation of the Court of Appeal in the case of Gulati & Others v MGN Limited [2015], the rates of compensation are calculated through the same means as in personal injury law. This is carried out by legal professionals. They do this with the assistance of a publication called the Judicial College Guidelines.
As you can see from the excerpts in the table below, the JCG is made up of various injuries and their potential worth in compensation.
Injury Description Amount
Psychological damage (c) Moderate: There will have been a marked improvement with a good prognosis £5,550 to £17,900
Psychological damage (d) Less severe: Taken into consideration will be how badly daily activities such as sleep are affected Up to £5,500
Post-traumatic stress disorder (c) Moderate: You’ll have largely recovered with no grossly disabling effects if they continue at all £7,680 to £21,730
Post-traumatic stress disorder (d) Less severe: You will have completely recovered within a year or 2, if there are any lingering symptoms then they will only be minor £3,710 to £7,680
For more information or if you have any questions, get in touch today.
Finding No Win No Fee Data Breach Solicitors Near You
If you are worried about the financial impact that making a claim using the services of a solicitor may have on you, then we have a solution. All of the data breach lawyers on our panel offer No Win No Fee agreements. This is also known as a Conditional Fee Agreement.
These arrangements are as simple as they sound. If your claim isn’t successful, then you won’t be obligated to pay the lawyer’s fees. You’ll need to pay them if you receive a settlement. Even then, only a small and legally capped percentage is taken so that most of your settlement is protected.
You can make a claim without a lawyer, but we believe legal support from experienced professionals can be invaluable.
Reach out to us today to see if you can make a start on your claim.
Learn More About Your Rights If Your Data Is Breached
We’ve included some extra links that could help you if your data is breached:
- Find out how a litigation friend could make a claim on your behalf.
- This page is about raising concerns about an organisation’s data protection practices to the ICO.
- The ICO also has information on action they’ve taken against organisations.
Check out more of our guides below: