Can You Claim Compensation For A Data Breach By Gordons Chemist?
Welcome to our guide on what you could do after a potential data breach by Gordons Chemists.
Pharmacies such as Gordons Chemists are responsible for protecting their customers’ and employees’ data privacy if they collect their personal information. Therefore, if a personal data breach has caused you financial loss or psychological suffering, you could be owed compensation.
In this guide, we will explain how to make a chemist data breach compensation claim. We will look at data protection laws that protect the public’s data privacy. And we will explain how the data breach claims process works.
If you have evidence of a justifiable claim, we could help you. Our advisors can offer you a free legal consultation to answer any questions you may have and assess your case. Furthermore, if we can see that you are eligible to claim, we could connect you with our panel of solicitors.
To see if you could make a No Win No Fee claim, contact Legal Helpline today. Call us on 0161 696 9685, or make an online enquiry about claiming compensation. Alternatively, use our live chat on this page to find out more.
Our advisors are available 24/7 for your convenience, offering free legal advice. And you’ll be under no obligation to proceed with the services of our panel of solicitors.
Select A Section
- A Guide On Compensation Claims For A Data Breach By Gordons Chemists
- What Is A Data Breach Claim Against Gordons Chemists?
- What Does The GDPR Mean For Chemists Sharing Data?
- Examples Of Data Breaches And Fines Affecting Pharmacies
- Calculating Compensation Claims For A Data Breach By Gordons Chemists
- Types Of Data Breach Compensation
- How To Get Help From The Information Commissioner’s Office
- No Win No Fee Compensation Claims For A Data Breach By Gordons Chemists
- How A Data Breach Lawyer Could Help You
- How To Start A Claim If Affected By A Data Breach
- Speak To A Solicitor
- Data Breach Claim FAQs
- Where Do I Learn More?
Businesses such as pharmacies are responsible for protecting employees’ and customers’ personal data if they use it. In the UK, pharmacies that collect or process personal information are required to abide by the General Data Protection Regulation (GDPR). This is a piece of EU legislation, which the Data Protection Act 2018 enacts into our data protection laws.
Under the GDPR and the Data Protection Act 2018, pharmacies should do the following:
- Firstly, they should only collect personal data if people agree to having their data collected.
- Secondly, they should have security measures in place to protect the data. For example, they might train staff in proper data management practices and invest in cybersecurity systems.
- And finally, they could be held liable if their failings cause a data protection breach and data subjects’ consequently endure financial loss or psychological harm. Therefore, the victim of the data breach could claim compensation.
This guide will explain when you could make a data breach claim for compensation from a pharmacy.
To discuss anything in this guide to potential data breaches by Gordons Chemists, contact Legal Helpline today. If we can see that you are owed compensation, we could connect you with our panel of lawyers.
Pharmacy Data Breach Claim Time Limits
Please be aware that there is a 6-year time limit for making a data breach claim in the UK. This starts from the date you gained knowledge of the data breach. But, if the personal data breach violated the claimant’s human rights, there is a one-year time limit to claim.
Personal data is information about an individual. It can either be used alone or with other data to identify someone. For example, it can be names, bank details, email addresses, and National Insurance numbers.
Pharmacies may collect personal data about their customers and employees. Customer personal data can include information about previous prescriptions and repeat prescriptions. Likewise, employee personal data can include job start dates and performance review information.
What Is A Pharmacy Data Breach?
This is when a security issue happens at a pharmacy, leading to the loss, disclosure, alteration, destruction or access to personal information. Some data breaches happen because of human error. However, data breaches can also take place because of criminal activity. For example, data can be hacked.
Data breaches at a pharmacy can happen if an employee makes a mistake. For example, a pharmacy may send a letter containing personal information to the wrong customer. This means that the pharmacy has shared the customer’s personal data with a third party without authorisation.
Unfortunately, a chemist data breach can also happen because of malicious actors. Criminals may attack the pharmacy using a process called hacking. This is when hackers exploit weaknesses in a cybersecurity system or firewall to access protected data. Or a cyber attack may be carried out using malware (malicious software). Criminals can use viruses, bots, spyware, rootkits or ransomware to gain unlawful access to personal data.
Data breaches can involve the following:
- Personal data leak or data exposure incidents
- Sharing personal data without permission or a lawful reason
- Unauthorised persons being able to access personal information
- Personal data becoming altered or encrypted without permission or a lawful reason
- Lost or stolen personal information
- Sending marketing emails to customers who have opted out of receiving them
The General Data Protection Regulation requires businesses to secure the personal data they collect, process and store. These individuals are known as data subjects. Under the GDPR and the Data Protection Act 2018, pharmacies should do the following when they collect personal data:
- They can only collect personal data from individuals if the person has permitted the pharmacy to do so.
- Also, they must inform data subjects of how they will use the personal data. Consequently, the pharmacy must not use the data must for any other purposes. (However, there are circumstances where a pharmacy can share your data without your consent.)
- Furthermore, the pharmacy should follow all data protection laws that apply to their business.
There are other rules that pharmacies should follow when it comes to protecting personal information. However, generally, they should ensure personal information is processed lawfully and reasonably protected from data breaches.
Let’s look at some examples of data breaches by pharmacies that have taken place in recent years.
Doorstep Dispensaree Ltd Data Breach
The Information Commissioner’s Office (ICO) fined London pharmacy Doorstep Dispensaree Ltd for a data breach. The ICO is the authority in the UK that enforces data protection law.
The pharmacy left over 500, 000 documents in unlocked containers in the back of its premises. Wet weather conditions damaged some of these documents. The documents included medical data belonging to patients.
Lloyds Pharmacy Data Breach
In 2020, LloydsPharmacy shared personal data belonging to 2,000 of its pharmacists without consent or a lawful basis. LloydsPharmacy shared the data with the Pharmacists Defence Association (PDA) union on two separate occasions. The PDA flagged the data breach to Lloyds Pharmacy, as they understood they were not authorised to receive this personal data.
Well Pharmacy Data Breach
Well Pharmacy was involved in a data protection breach in 2018. A spreadsheet containing personal data belonging to over 24,000 individuals (mainly pharmacists) was sent to unauthorised recipients. The pharmacy chain apologised, but 376 of the recipients were possibly able to access the personal data.
If you have evidence that you’ve suffered mentally or financially because of a Gordons Chemists data breach, why not consider your options?
How do data breach solicitors value data breach compensation claims? Someone who suffers because of a personal data breach could claim compensation for emotional distress caused by a data breach. This is known as non-material damages. It is one of the two heads of claim for data breaches.
Data breach compensation payouts for non-material damages are based on personal injury claim compensation amounts.
You can use the compensation table below to estimate how much compensation you could receive for emotional distress or psychological injuries.
|Type of Psychological Harm Caused||Severity of The Injury||Notes On The Condition||Compensation Estimate|
|Post-Traumatic Stress Disorder||Severe||The claimant will suffer permanent effects.||£56,180 - £94,470|
|Post-Traumatic Stress Disorder||Moderately Severe||The claimant will still have symptoms for the foreseeable future but will have a good prognosis for recovery with professional help.||£21,730 - £56,180|
|Post-Traumatic Stress Disorder||Moderate||The person will have made a marked improvement and they will have a good prognosis.||£7,680 - £21,730|
|Psychiatric Damage||Severe||The claimaint will struggle with aspects of life including relationships and work. Their prognosis would be poor.||£51,460 - £108,620|
|Psychiatric Damage||Moderately Severe||There will be significant symptoms, but the prognosis would be better than above.||£17,900 - £51,460|
|Psychiatric Damage||Moderate||There may be remaining symptoms, but the prognosis would be better than the above.||£5,500 - £17,900|
|Psychiatric Damage||Less Severe||The claimant would have a better prognosis than the above.||Up to £5,500|
The compensation amounts included in the compensation table above are based on guidelines from the Judicial College. Solicitors may use these guidelines to value injuries.
However, the amount of compensation you could receive may vary depending on your individual situation. Estimates for material damages are not included in the table. Material damages compensate you for financial loss.
For a personalised quote, please call Legal Helpline to speak to an advisor.
Data breaches by a pharmacy can cause those affected to suffer emotional distress. If a patient records data breach (involving sensitive medical information, for example) took place, this could be distressing. The patient may suffer from psychological injuries such as anxiety or depression as a result.
After a medical assessment as part of the data breach claims process, the claimants could be able to prove their psychological injuries’ severity and that they were caused or exacerbated by the data breach. They could then claim compensation for it. This would be under non-material damages.
Victims of personal data breaches can also suffer financial losses. For example, criminals may target individuals for fraud or identity theft by using their personal data such as banking details.
A claimant could prove the financial loss by providing bills, credit scores or other financial documents. They may then be able to recover the costs as material damages.
Therefore, victims can claim up to two types of compensation:
- Non-material damages are compensation for any emotional distress or psychological suffering experienced because of the personal data breach.
- Material damages are compensation for any monetary losses incurred because of the breach.
Have you been affected by a Gordons Chemists data breach? Then the Information Commissioner’s Office (ICO) could help you. The ICO is a public body that upholds data protection laws in the United Kingdom.
Does The ICO Enforce The GDPR?
If a company has breached the GDPR, the ICO could investigate. What’s more, the ICO can fine companies that have committed a breach of data protection.
What should you do if you believe that a pharmacy breached your personal data privacy? Firstly, you could begin raising concerns with Gordons Chemists. You can report the data breach to the ICO if the pharmacy cannot resolve the matter with you internally. However, please note that the ICO’s decisions may be affected if you report your concerns to them too late. Therefore, we recommend that you report the data breach within three months of your last communication with the pharmacy.
Remember, the ICO can’t compensate you for and suffering a data breach has caused you. You would need to prove that the pharmacy didn’t take reasonable measures to secure your personal information and that this caused you mental or financial damage.
Many claimants prefer to have their data breach claim handled as a No Win No Fee case. This means that your data breach solicitor would start working on your case, without charging you a solicitor’s fee upfront. You would be charged a success fee. This would only be payable if you win your claim. You would sign a Conditional Fee Agreement (the formal term for a No Win No Fee agreement) to confirm this.
Some of the benefits to making a No Win No Fee claim include:
- You would only be charged for the solicitor’s fees if the case wins.
- It’s more affordable for many who want to claim with the help of a solicitor. This is because the solicitor would start work on your claim without charging you an upfront or hourly solicitor’s fee.
- And finally, the success fee would be paid out of the compensation at a small percentage. To control this fee, the law keeps the percentage capped.
Our panel of data breach solicitors offer No Win No Fee agreements. To find out more, get in touch with our advisors.
Legal Helpline could connect you with our panel of skilled data breach lawyers to handle your chemist data breach claim.
There are many advantages to using the services of a personal data breach lawyer.
- First of all, they can value your claim correctly. And push to win you the optimum amount of compensation you deserve. Therefore, you shouldn’t feel short-changed.
- Secondly, they could represent you if the claim went to court, though this doesn’t often happen.
- They could take over the stress of the legal legwork for you.
Our panel of data breach solicitors have experience handling data breach cases. They also offer No Win No Fee agreements. To get a free consultation with one of our advisors, contact us on the number at the top of the page.
Has a data breach by Gordon’s Chemist caused you to suffer psychologically or financially? When it comes to making data breach claims, you’ll need to be able to prove your suffering and that the company responsible could’ve reasonably taken measures to secure your data.
If you have evidence of a valid data breach compensation claim, contact Legal Helpline today. We can offer you free legal advice. What’s more, if you have a favourable claim, our advisors could connect you with a skilled data breach solicitor.
To find out more about a pharmacy data breach claim, contact us using the details below:
- Call us on 0161 696 9685.
- Use the online enquiry form to request a callback at a time that’s best for you.
- Use the chat widget to ask us a legal question today.
We will now answer frequently asked questions about data breach claims.
Does there have to be a criminal investigation to make a claim?
If you have been affected financially or mentally by a data breach, you could claim compensation without a criminal investigation taking place. The Information Commissioner’s Office upholds the GDPR and may investigate a breach.
Who else do I need to report the breach to?
If your banking information or credit card details have been breached, report this to your bank immediately. They may have to take security measures to protect your account.
How do I start my claim?
To go ahead with your data breach claim, call Legal Helpline today. If we can see that you are eligible to claim compensation, our panel of lawyers could start working on your claim as soon as possible.
What evidence do I need?
Usually, a company will notify you if your data privacy was breach, risking your freedoms and rights. This, and the outcome of an ICO investigation could serve as evidence. An independent medical report could be used as evidence if you have suffered psychological injuries. Likewise, bills and banking information may be used to provide evidence of financial losses incurred.
We hope you have found this guide to claiming compensation for a data breach by Gordons Chemists helpful. Please feel free to read these guides, to learn more about claiming compensation from a pharmacy.
External Data Breach Information
A UK Government guide to data protection
The ICO’s guide to data protection
Written by HC
Edited by RV