This guide will look at steps you can take after a breach of the UK General Data Protection Regulation (UK GDPR) involving your personal data. Specifically, we will explain how to report a UK GDPR breach and when you may be eligible to claim compensation for the harm caused. We will also cover how these payouts are calculated and the amount you could claim in psychological injury compensation.
How to report a UK GDPR breach – Data breach claims guide
This article will also cover how No Win No Fee data breach solicitors may be able to help you claim in a way that generally means you don’t have to pay for their services if your claim fails. Contact our advisors to ask about making a data breach claim:
- Call 020 8050 3051
- Contact us online
- Use the live chat feature to talk to an advisor
Choose A Section
- How To Report A UK GDPR Breach
- When Are You Eligible To Claim For A Data Protection Breach?
- Potential Data Breach Compensation You Could Receive
- What Evidence Could Help You In A Breach Of Data Protection Claim?
- Our Panel Of Data Breach Solicitors Could Work Your Case On A No Win No Fee Basis
- Learn More About How To Use Data Breach Solicitors
How To Report A UK GDPR Breach
Two pieces of legislation determine certain entities’ responsibilities when processing personal data. The UK GDPR, mentioned above, works with the Data Protection Act 2018 (DPA) to establish data protection laws in the UK. These are enforced by the Information Commissioner’s Office (ICO), which is an independent watchdog that ensures individuals’ data rights are upheld.
According to the ICO, a personal data breach is a security incident that affects the integrity, availability or confidentiality of personal data, which is any information that could identify you. If you believe your personal information has been affected by a data breach, there are steps you can take to report it to the ICO.
First, you should contact the organisation responsible for the breach. If you do not receive a satisfactory response within 3 months, the next step is to contact the ICO and report the breach. They may then investigate the situation.
If you have more questions about how to report a UK GDPR breach, contact our advisors.
When Are You Eligible To Claim For A Data Protection Breach?
According to the UK GDPR, data controllers and data processors must fulfil certain legal obligations when processing personal data. Data controllers decide how and why to process personal data, while data processors act on their behalf to process it. In order to form the basis of a valid claim, you must be able to prove that:
- The breach was the result of the controller or processor
- It affected your personal data
- You suffered harm as a result
For instance, a personal data breach could involve:
- A hospital sending medical records to the wrong postal address
- Your university mass-forwarding enrolment records to unauthorised parties, which could constitute a university data breach
- An HR department emailing payslips to the wrong recipient, potentially revealing your trade union membership status
Read on to learn more about how much compensation you could get for a data breach claim.
Potential Data Breach Compensation You Could Receive
Data breach compensation can include payments for two types of harm: material damage and non-material damage.
To help assess non-material damage compensation, otherwise known as psychological harm, solicitors consult the Judicial College Guidelines (JCG). This document contains compensation brackets for different types of harm, which we’ve included below. Please note that these are not guaranteed amounts.
| Non-Material Harm | JCG Brackets | More Information |
|---|---|---|
| Severe Psychiatric Harm | £54,830 to £115,730 | Very poor prognosis regarding individual's ability to cope with aspects of life. |
| Moderately Severe Psychiatric Harm | £19,070 to £54,830 | Optimistic prognosis about coping with aspects of life. |
| Moderate Psychiatric Harm | £5,860 to £19,070 | Good overall prognosis regarding individual's ability to cope with aspects of life. |
| Less Severe Psychiatric Harm | £1,540 to £5,860 | Award examines the length of time a disability is experienced. |
| Severe Reactive Psychiatric Condition | £59,860 to £100,670 | Effects that are permanent and prevent individual function at pre-trauma levels. |
| Moderately Severe Reactive Psychiatric Condition | £23,150 to £59,860 | There is a better prognosis in this bracket, as symptoms may improve with professional help. |
| Moderate Reactive Psychiatric Condition | £8,180 to £23,150 | Ongoing effects that are not grossly disabling; individual largely recovers. |
| Less Severe Reactive Psychiatric Condition | £3,950 to £8,180 | Virtual full recovery made within 1-2 years. |
Material damage is the financial losses caused by a personal data breach, such as money stolen from your savings account after a bank data breach. Material damage compensation aims to recoup these losses.
If you have questions about claiming compensation for distress or financial losses, contact our advisers.
What Evidence Could Help You In A Breach Of Data Protection Claim?
Collecting evidence can benefit your claim. For instance, in order to strengthen your case, you could gather:
- Correspondence between you and the organisation responsible for the breach
- A medical assessment regarding the psychological harm you experienced
- Financial evidence regarding the monetary losses you suffered, such as bank statements
You can collect evidence alone, or with the help of a data breach solicitor. Contact our advisors to discuss more about what you should do if your data was breached.
Our Panel Of Data Breach Solicitors Could Work Your Case On A No Win No Fee Basis
Our panel of No Win No Fee solicitors may be able to offer you a type of No Win No Fee agreement that means you typically don’t have to pay for their services if your claim fails. This is called a Conditional Fee Agreement (CFA).
If your claim succeeds under the terms of a CFA, your solicitor will take a success fee from your compensation. However, this fee is subject to a legal cap, so you always receive the majority of your payout.
Want To Know If You Could Receive Data Breach Compensation? Contact Us For 24/7 Free Legal Advice
To learn more about how to report a UK GDPR breach, speak to our advisors. During a free consultation, they can offer insight into your potential claim. They may also be able to put you in touch with a solicitor from our panel. Learn more today:
- Call 020 8050 3051
- Contact us online
- Use the live chat feature to talk to an advisor
Learn More About How To Use Data Breach Solicitors
Related articles:
- Can I Make A Claim When Affected By A Website Data Breach?
- What Types Of Personal Data Breach Can You Claim For?
- What Is A Data Breach And Can I Claim Compensation?
Resources that may help:
Get in touch with our team for more information on how to report a UK GDPR breach.
Writer Morgan Feather
Publisher Cat Harley