By Danielle Graves. Last updated 15th February 2024. Although employers are allowed to record and store their employees’ personal information when needed, the way in which they can do so is governed by the General Data Protection Regulation (GDPR). In conjunction with The Data Protection Act 2018, the GDPR means employers need to have systems in place to protect any personal information they hold. In this guide, we’re going to look at when you could claim compensation for an employer breach of the Data Protection Act.
Although the UK GDPR and other legislation governs digital data, an employer needs to secure personal information in other ways too. For instance, if a manager writes down a staff members personal mobile phone number and their name on a post-it note which they stick to their computer monitor, they will have broken the GDPR rules if other members of staff can view what’s been written.
If you have been affected by a data breach, then Legal Helpline could help you start a personal data breach claim. Our team of advisors are able to conduct a no-obligation assessment of your case and provide free advice on how to proceed. If the claim appears to be strong enough, they could introduce you to one of the solicitors on our panel who’ll work on a No Win No Fee basis for any claims they accept.
To discuss how we could help you claim, please call us today on 0161 696 9685. If you’d like more details about making a personal data breach claim, please continue reading.
Jump To A Section
- Data Protection Breach At Work Compensation Calculator
- The Criteria To Make A Claim For A Data Protection Breach At Work
- What Are Employer Personal Data Breaches?
- Breach Of Data Protection At Work – What Should I Do?
- How Could Employees Be Affected By Employer Personal Data Breaches?
- Data Protection Breach At Work – Examples
- No Win No Fee Claims For Data Breaches By Employers
- Quick Data Protection Links
You might be wondering how much compensation for a data breach that compromised your personal information you could receive. As each data breach claim is different, we cannot provide you with an exact amount in this guide. However, we can explain how data breach compensation is calculated.
If your personal data breach claim is successful, you could be awarded compensation for two types of damage. These are material and non-material damage. Non-material damage refers to the psychological injuries you have suffered due to the personal data breach. For example, you may suffer from anxiety following a breach of your personal data.
When valuing data breach claims for non-material damage, legal professionals can refer to the Judicial College Guidelines (JCG) to help them. This document lists guideline compensation brackets for various types of mental harm.
In our table below, we look at a few figures given for mental injuries from the 16th edition of the JCG. The top row is not from the JCG. We’ve only provided it as a guide.
Type of Suffering Severity Comments Amount
Significant serious psychological damage and financial losses Very Serious Settlements could include compensation for significant psychological harm that is very serious in nature plus financial losses caused by the data breach, such as lost wages and credit score damage. Up to £250,000+
Psychiatric Damage Severe For this type of award, the claimant will have serious problems relating to how they cope with life, work or education, there will be problems with relationships, and they will be vulnerable in the future. The overall prognosis will be very poor. £54,830 to £115,730
Psychiatric Damage Moderately Severe The person will suffer with various issues but the overall prognosis will be much more optimistic. £19,070 to £54,830
Psychiatric Damage Moderate The person will have seen a good amount of improvement and there will be a good overall prognosis. £5,860 to £19,070
Psychiatric Damage Less Severe How much compensation is awarded will be affect by how long the person suffered and other factors. £1,540 to £5,860
Anxiety Disorder Severe Every aspect of the person's life will have suffered. They will have permanent symptoms including flashbacks, mood disorders and suicidal ideation. £59,860 to £100,670
Anxiety Disorder Moderately Severe The person will suffer from a serious disability for a while, but there is room for improvement with help from a professional. £23,150 to £59,860
Anxiety Disorder Moderate The person will have experienced a large recovery, with any persisting symptoms not majorly affecting them. £8,180 to £23,150
Anxiety Disorder Less Severe Virtually all symptoms have been resolved within a year or two and only very minor problems will persist. £3,950 to £8,180
Inadequate data protection at work could result in you suffering financial losses if your personal data was compromised. For example, if your banking details were accessed, this could result in funds being stolen from your account. To be able to make a personal data breach claim, you should submit evidence, such as your bank or credit card statements.
If you would like a personalised claim valuation, speak with an advisor from our team. They can offer more information on claiming for an employer data breach. Or, read on to learn more about how your employer could breach data protection laws.
If your personal data was involved in an employer data breach, you might be eligible to make a claim for compensation.
Personal data is any information that could identify you directly or in combination with other information. Your name, home address and mobile number are all examples of personal data.
Since your workplace will process some of your personal data, they must adhere to data protection law. For example, they will have your banking information on file in order to pay you and complete payroll duties. If they fail to adhere to the relevant laws, this could lead to a data breach.
In order to have a valid data breach claim, you must be able to prove that your personal data was compromised in the breach. Additionally, the breach must have been caused by the organisation’s failings. For example, if your workplace failed to update its cyber security measures and your personal data was stolen during a cyber attack.
If you have any questions about making a claim following a data protection breach at work, you can contact our friendly advisors today. They can offer a free consultation, and provide further information on claiming for an employer data breach.
To ascertain what an employer data breach is, we can refer to the ICO, which states that a personal data breach is a security incident that affects the confidentiality, availability, or integrity of your personal data. While the reason for the data breach might deliberate or illegal, it can also be caused by simple mistakes.
While a lot of data is stored electronically these days, data breaches can also relate to physical documentation. For instance, hand-written personnel files that are stored in a filing cabinet are also covered by the GDPR rules.
If you can show that you’ve suffered some form of suffering because of an employer breach of the Data Protection Act, why not ask Legal Helpline whether you’re able to start a compensation claim? Our advisors can offer more information on making a personal data breach claim.
If there was a breach of data protection at your work and your personal data was involved, your employer should alert you without undue delay if your rights could be infringed. Additionally, you should be told of what steps are being taken to make this right.
If you suspect your personal data was involved in a data breach at work, you should first notify your employer. This could be a data protection officer, someone in human resources, or your manager. If you feel as if your complaint was not taken seriously, you could then report this to the Information Commissioner’s Office (ICO). The ICO is an independent authority. As part of their role, they can investigate suspected data breaches and fine organisations found in breach of data protection laws. However, they do not payout any money in data breach compensation claims.
Any communications between yourself and your employer regarding the data breach or confirmation that a data breach occurred from the ICO could be used to support data breach claims. However, reporting to the ICO is not a requirement for data breach claims.
If you would like to make a claim for a personal data breach, get in touch with our advisors today for a free eligibility check and more information on the claims process and data protection law.
How Long Do I Have To Claim Following A Breach Of Data Protection?
If you meet the eligibility criteria to make a personal data breach claim, you must start the legal process within the relevant time limits.
Generally, you will have six years to start a data breach claim. However, if you are making your claim against a public body, this time limit is reduced to one year.
If you have any questions about claims made for breaches in data protection or would like to find out if you are within the time limit to start a claim, please contact one of our advisors. Additionally, they can assess whether you have a valid case, and if you do, you could be connected to one of the specialist data breach solicitors from our panel.
There are a number of potential effects of a data breach of employee personal information. These could include:
- Their information could be used by criminals in identity theft crimes.
- The employee could become ill with worry, anxiety, stress or even Post-Traumatic Stress Disorder (PTSD).
- An employee could suffer financial losses as a result of the breach of their personal information. This could also result in damage to their credit score, making securing credit, such as for a mortgage difficult.
- The employee could decide that they want to sue the company who was responsible for their data being exposed and the harm it has caused them.
If you would like to find out whether you’re able to claim compensation for an employer data breach that compromised your personal or sensitive data, please let one of our team members know. They’ll review your potential data breach claim with you, and any evidence you can supply, and let you know what options you have available to you.
As we have previously stated, any organisation that processes your personal data must ensure they use it lawfully. This includes your employer ensuring efficient standards of data protection at work. This could be done by ensuring all staff have been given the correct training regarding data protection.
However, if there was a breach of the DPA at your workplace, which resulted in your personal information becoming compromised, you may be able to make a claim. Some examples of personal data breach causes could include:
- Your workplace not updating cyber security measures, resulting in your personal data being stolen in a cyber-attack.
- Human error, such as someone sending your payslip that contains your banking information to the wrong person, e.g., the wrong email or postal address.
- Personal data not being properly stored or locked away, which could result in an unauthorised person accessing the information.
Remember, in order to make a claim if your workplace has failed to adhere to the UK GDPR and the DPA, the data breach must have compromised your personal information and caused you mental harm or financial loss.
Contact our advisors today to see whether you may be eligible to make a personal data breach claim.
If you are eligible to recover data breach compensation for your financial losses and/or emotional distress, you may like to have a solicitor to help make your legal claim. One of the data breach solicitors from our panel can help with your claim for a workplace data breach. Our panel generally represent clients under the terms of a Conditional Fee Agreement (CFA). This is a type of No Win No Fee agreement.
When a No Win No Fee solicitor takes on your case, they typically won’t collect any upfront or ongoing payments for their services. Furthermore, if your claim does not recover compensation, they also won’t ask for payment for their work on your case.
However, if you are awarded data breach compensation following a successful case, your solicitor will take a success fee from your compensation. This fee is a limited percentage that is subject to a legal cap.
Contact Legal Helpline Today
If you suffered emotional or financial harm due to a data protection breach at work, our advisors could help you determine whether you could make a personal data breach claim. A member of our advisory team is available to take your call 24 hours a day, 7 days a week. In addition, if you have good grounds to make a claim for a workplace data breach, you could be connected to one of the solicitors from our panel.
To discuss data security and what steps you can take to claim after a compromise of your personal data has occurred:
- Call 0161 696 9685
- Fill in our contact us form and a team member will call you back.
- Ask your questions in our live chat.
Thanks for reading our article which set out to explain when you could claim for an employer breach of the Data Protection Act. Hopefully, you’ve now got all of the information you need to help you start a claim. To assist you further, we’ve linked to some useful resources which could help you now and in the future.
- Employment Contracts – Details from Acas on what should be covered by your employment contract.
- Your Data Matters – Guidance from the ICO relating to your rights under the DPA
- Generalised Anxiety Disorder – Advice on the symptoms, causes and treatment of anxiety from the NHS.
- Accident At Work Claims – Details of how you could claim compensation for an injury sustained in an accident at work.
- Misdiagnosis Medical Negligence Claims – Advice on starting a claim for suffering caused by a misdiagnosis.
- Road Traffic Accident Claims – Information on when you could claim for injuries that result from a no-fault RTA.
Thank you for reading our guide on personal data breach claims.