Can My Employer Share My Personal Information With Other Employees In The UK?

By Danielle Graves. Last Updated 12th January 2024. Are you wondering if an employer or administrator can share your personal information with other employees in the UK? If a personal data breach in the workplace has lead to you suffering harm, you may be able to claim compensation.

Employer Share My Personal Information With Other Employees In The UK?

Can My Employer Share My Personal Information With Other Employees In The UK?

In this article, we will explain what data your employer may handle, how this information could be shared with other employees, and the reasons a data breach at work could occur.

Furthermore, we will also explore whether you have the right to claim, how compensation is calculated in personal data breach claims, and how our panel of expert solicitors could help you begin the legal process.

If you would like to know if you could make a claim, then talk to our advisors today. They can provide you with free and relevant legal advice, as well as a free consultation. It is also possible that you may be put in touch with our panel of No Win No Fee solicitors who can help you begin the claiming process with expert legal representation. Contact our advisors today by:

Select A Section

  1. What Data Can An Employer Hold?
  2. Can My Employer Share My Personal Information With Other Employees In The UK?
  3. Can I Claim If My Employer Did Share My Personal Information With Other Employees In The UK?
  4. How To Prove A Personal Data Breach Claim
  5. What Could You Claim If Your Employer Shares Your Personal Information?
  6. Begin Your No Win No Fee Claim

What Data Can An Employer Hold?

An employer should abide by the UK General Data Protection Regulations (UK GDPR) and the Data Protection Act 2018 (DPA) legislation when handling your personal data. 

Personal information is any data that can identify you as an individual and can include your:

  • Name
  • Email address
  • Postal address
  • Credit or debit card details
  • Banking information

However, an employer may also have access to your special category data. This is a kind of personal data that needs extra protection, and can include information regarding your:

  • Religion or philosophy
  • Race and ethnicity
  • Sexual orientation and gender
  • Health, such as your medical data

If a security incident compromises the integrity, availability, and confidentiality of your information, then this is called a personal data breach. Find out if your employer can share your personal information with other employees in the UK by reading on, or get in touch with our advisors today to start your claim.

Note With The Words Data Breach Surrounded By Question Marks.

Can My Employer Share My Personal Information With Other Employees In The UK?

There are some circumstances under which your employer can lawfully share your presonal information with other employees. Your employer could serve the role of both data controller and data processor. This means that they decide how and why to use your data, and they may also process this data themselves.

A data controller is responsible for establishing a lawful basis for processing your personal data. The lawful bases for processing personal data are set out in Article 6 of the UK GDPR. It is unlawful to process personal data without first establishing a lawful basis, and this includes consent. However, consent is only one of these bases, so it is possible that your employer could lawfully share your personal information without your consent.

Get in touch with our advisors to find out if you can claim.

Can I Claim If My Employer Did Share My Personal Information With Other Employees In The UK?

As we have already mentioned, not every breach of data protection can form the basis of a valid personal data breach claim. This is because the breach must be caused by the failings of the data controller and data processor, and it must also cause you to experience harm.

If your employer shares your personal information with other employees in the UK, you can make a complaint to the organisation you work for. However, if they do not provide a satisfactory response, or if they don’t respond at all, you can then take your complaint to the Information Commissioner’s Office (ICO).

The ICO is an independent watchdog based in the UK. They enforce data protection legislation, but they do not handle claims, nor do they offer compensation. However, the ICO does have the power to investigate a breach, and they may also levy a fine against the organisation found to be responsible. Correspondence with the ICO and the organisation at fault can also be used as evidence to help strengthen your claim.

You must also ensure that you start your claim within the time limit. Generally, you will have six years to begin a personal data breach claim. But, if you intend to make a claim against a public body, then this will fall to one year.

To find out if you could be eligible to make a claim, get in touch with our advisors today. Or, read on to find out how a solicitor from our panel could be of assistance to you.

Man Shows The Words Data Breach

How To Prove A Personal Data Breach Claim

If you are claiming compensation for a personal data breach, you must have evidence. This needs to prove that the breach was caused by wrongful conduct, that it included your personal data, and that it caused you harm.

Evidence that could be useful when claiming data breach compensation can include:

  • A letter of notification: You should be informed of the breach without undue delay if it presents risks to your rights and freedoms. For example, your employer may have alerted you to your personal data’s inclusion in a breach with an email or a letter. These could be submitted as evidence.
  • Confirmation of the breach from the ICO: The results of an investigation or other correspondence with the ICO can be used as evidence in your claim.
  • Medical records: If you are seeking compensation for damage to your mental health due to the data breach, a copy of your medical records with details of the nature of your psychological injury and the treatment required could be submitted.
  • Financial records: If you are claiming compensation for financial losses, you can submit any records that prove this. For example, this could include a copy of your credit report or bank statements.

If you have any further questions regarding, ‘Can my employer share my personal information with other employees in the UK and when could I claim?’ get in touch with a member of our advisory team. A team member can discuss what steps you can take following a personal data breach.

What Could You Claim If Your Employer Shares Your Personal Information?

In a successful data breach claim, there are two heads of compensation you could receive, which include:

  • Material damage compensation – This covers the financial impacts of a personal data breach. For example, a credit card a credit card breach can lead to monetary losses, identity impersonation, and fraudulent loans, as well as an impacted credit score.
  • Non-material damage compensation – Psychiatric injuries including anxiety, depression, post-traumatic stress disorder, paranoia, and stress could be caused by a breach.

The amount you could receive in non-material damage compensation depends on a number of factors, so there are no average payouts that we can provide. However,the psychological injuries table below provides guideline settlement brackets provided by the Judicial College Guidelines (JCG). This is a document that aids legal professionals in valuing claims. Please note, that the first row is not from the JCG but is included to show you how compensation could be awarded for very serious psychological distress and any financial losses caused by a breach of your employee records.

Significant Serious Psychological Harm and Material LossesUp to £250,000+Settlements could include compensation for significant psychological distress that is severe in nature and incurred financial losses such as lost wages and funds stolen.
Severe psychiatric harm£54,830 to £115,730Where there are problems with everyday life activities such as employment and education, and future vulnerabilities, leading to a very poor prognosis
Moderately severe psychiatric harm £19,070 to £54,830Symptoms are similar to the bracket above, though the prognosis is more optimistic.
Moderate psychiatric harm £5,860 to £19,070The prognosis in this bracket is more optimistic, as symptoms show improvement.
Less severe psychiatric harm £1,540 to £5,860The award received takes into account the disability period and the effect an injury has on the individual's daily activities and sleep.
Severe PTSD £59,860 to £100,670Severe and permanent symptoms mean the claimant can no longer function nor work at the pre-trauma level.
Moderately severe PTSD £23,150 to £59,860Professional aid can result in a better prognosis.
Moderate PTSD £8,180 to £23,150Large recovery has taken place, with minor symptoms continuing that are not debilitating.
Less severe PTSD £3,950 to £8,180In a two-year period, the person will achieve a virtually full recovery, though some minor symptoms may persist.

Contact our advisors today if you are wondering whether you could claim. They can answer your questions and provide advice on the data breach compensation claiming process.

Begin Your No Win No Fee Claim

Beginning a personal data breach claim can feel daunting. However, the help of an experienced No Win No Fee solicitor could make the process feel less stressful. A solicitor from our panel could help ensure that your claim is filed in full, along with providing expert representation and legal advice.

Our panel offer these services through a Conditional Fee Agreement (CFA). A CFA typically provides you with access to legal representation and counsel without requiring an upfront fee to be paid to your solicitor. Generally, the only fee your solicitor will take under a CFA is a success fee if your claim succeeds. Otherwise, you will not be asked to pay your solicitor for their services.

Our advisors can tell you if you have a valid claim. If so, then they may connect you with one of our panel’s solicitors. To learn more, get in touch by:

Man Holds A Black Robe And Large Book

Helpful Resources

Please see our other useful data breach articles:

Or, for more helpful external resources:

Contact our team if you have further questions on whether your employer can share your personal information with other employees in the UK.

Written by JE

Edited by CH