Have you suffered financial or psychological damage because of a data breach by Lloyds Pharmacy? If so, were you looking to take action against the pharmacy by launching a compensation claim? We have put together this useful guide to answer questions you might have about making a Lloyds Pharmacy data breach claim and to explain your data protection rights.
My Data Privacy Was Breached By Lloyds Pharmacy, Could I Claim Compensation?
There are a variety of reasons that could lead to a breach of the Data Protection Act 2018 in a pharmacy. It could happen due to a hacker gaining access to systems or using viruses like spyware or malware to gain access to data.
Other reasons could include an error by a member of staff, or negligence in securing personal data online, in the cloud, or in physical locations like storage cupboards or filing cabinets. If your data has been breached in any of these ways and has caused you financial or mental damage, you could be eligible for compensation.
In the sections that follow, we answer common questions about making a data breach claim, as well as showing you how a lawyer could help with your claim under No Win No Fee terms. If you’d like to ask us any questions about your specific case, or you’d like us to connect you with a data breach solicitor from our panel, you can call us at any time on 0161 696 9685.
Select A Section
- A Guide On Compensation Claims For A Data Breach By Lloyds Pharmacy
- What Is A Data Breach Claim Against Lloyds Pharmacy?
- What Is Third Party Data Sharing Affected By The GDPR?
- Has The ICO Fined Pharmacies For Data Breached?
- Calculating Compensation Claims For A Data Breach By Lloyds Pharmacy
- Types Of Compensation Awarded For Breaches Of Data Protection
- What Action Could The Information Commissioner Take?
- No Win No Fee Compensation Claims For A Data Breach By Lloyds Pharmacy
- How A Data Breach Solicitor Could Help You
- How Do I Get Compensated For A Data Privacy Breach?
- Talk To Our Team
- Data Breach Compensation FAQs
- Where To Learn More
If an organisation collects, stores or processes personal information, this could make them a data controller. Under data protection law, including the Data Protection Act 2018 and the General Data Protection Regulation (GDPR), data controllers should take care to protect your personal information. This includes organisations such as pharmacies.
A failure to do so could mean an organisation is breaching data protection law. A data breach by Lloyds Pharmacy could result in fines from the Information Commissioner’s Office (ICO) for breaking these laws. In addition to this, you could also have the right to claim compensation for the damage you suffer because of such a breach.
This guide answers common questions about making data breach claims, as well as explaining how organisations could protect your data from being breached. However, there are time limits to making data breach claims.
Generally, you could have 6 years from the date you became aware of the breach to claim. However, if there was a breach of your human rights, you may only have 1 year to make your claim. This is why it could be a good idea to get in touch with a No Win No Fee data breach lawyer at the earliest opportunity.
If you’re not such whether a lawyer would be able to help you, you can always call our team. We could assess whether you’d be eligible for data breach compensation, and give you advice on finding a lawyer to help you. We explain more about this in the later sections of this guide.
In order to offer you a service, a Lloyds Pharmacy may need some of your personal information. They might need your name and contact details, including your email address, for example, to get in touch with you.
In addition to this, they may require your date of birth, financial information (in order to take payment from you), and perhaps even some sensitive medical information.
They have a legal duty to protect the security and privacy of this information under the GDPR and the Data Protection Act 2018. After all, a data breach by Lloyds Pharmacy could have some unpleasant consequences for you.
What Is A Data Breach by Lloyds Pharmacy?
The ICO has described a data breach as a security incident that results in personal data being:
- Made unavailable
- Unlawfully altered, transmitted, disclosed, accessed, destroyed, or accessed
Data breaches could happen because of malicious acts from those inside an organisation, or from outside of it. They could also be the result of negligent behaviour or human errors.
Examples could include:
- Lack of adequate protection of computer equipment, such as a firewall for example
- Someone using a bot, virus, malware, ransomware, phishing or DDoS attacks to exploit personal data
- An employee of the pharmacy accidentally sending personal information to an unauthorised recipient
- Staff failing to secure filing cabinets containing personal data, leading to an unauthorised party gaining access
- Loss of paperwork containing personal data
No matter what causes a pharmacy data breach of a patient or member of staff, if it causes you financial or emotional harm, it could lead to you being eligible for compensation.
GDPR, the world’s strictest, most wide-reaching information security and privacy law, has been enshrined into UK law through the Data Protection Act 2018. One requirement for data processors under data protection law is to get your consent if they are to share your data.
However, in some circumstances, an organisation can share your personal data without your consent. These are called valid reasons and include:
- Performing public interest tasks
- Fulfilment of contracts
- Legal obligations
- Performing vital interest tasks
- For legitimate interests
If you can prove that Lloyds Pharmacy has shared your information without your consent, and without a valid reason, this could be a breach of your personal data. If it goes on to cause you damage financially or mentally, you could get advice on seeking data breach compensation. Call us to learn more.
The Information Commissioner’s Office (ICO) is an independent public body, created to uphold the data rights of individuals. In enforces data protection law including:
- Freedom of Information Act
- INSPIRE Regulations
- Privacy and Electronic Communications Regulations (PECR)
- The re-use of Public Sector Information Regulations
Does The ICO Enforce GDPR?
The ICO does enforce GDPR and its UK application under the Data Protection Act 2018. If it finds that an organisation has breached GDPR, it could add the organisation to the ICO breach register and could issue enforcement actions, including heavy fines.
ICO Fines And Accusations Of Data Breaches
In December 2019, the ICO published details of a fine they levied against a London based pharmacy. The fine, which amounted to £275,000 was due to the pharmacy’s failure to secure special category data of patients.
Doorstep Dispensaree Ltd, according to the ICO left around 500,000 documents containing personal data, including medical information, in an unlocked container behind their premises. It was discovered that residents of a neighbouring apartment block could gain access to the container, and some records had suffered damage. This, the ICO concluded, was an infringement of GDPR.
In another incident, an organisation known as Well Pharmacy issued an apology after a ‘human error’ breached the data of over 24,000 employees. According to media reports, an e-mail containing personal data was sent in error to a number of locum pharmacists.
Has There Been A Data Breach By Lloyds Pharmacy?
According to accusations by the PDA Union, there has been an alleged data breach by Lloyds pharmacy involving the personal data of pharmacists employed by the organisation.
Lloyds disputes a decision by the Central Arbitration Committee (CAC) for this to be recognised. The alleged incident involves the failure of Lloyds to anonymise data before it sent details of job roles, pharmacists and employee numbers to both the CAC and PDA.
Section 168 of the Data Protection Act 2018 states that the victim of a data breach could seek compensation for non-material (mental harm such as distress, anxiety and depression) and material (financial) damages.
In the case of Vidal-Hall and others v Google Inc , the Court of Appeal addressed the issue of compensation in data breach claims. It was held that compensation could be sought for mental damage, such as distress, caused by a data breach even if no financial damage had been suffered. Prior to this change in the law, it was necessary to prove some financial damage in order to seek compensation for mental harm.
This means that if you have suffered anxiety, depression, stress or distress because of a data breach by Lloyds Pharmacy, it could be possible to claim for such injuries.
Calculating Compensation For Data Breach Claims
To come to an appropriate value for your claim, solicitors and courts must assess the evidence available. If you intend on claiming for psychological injuries, you’d need to have a medical assessment with an independent medical expert.
This assessment would take place as part of your claim, and if you work with our panel of solicitors, this would take place as close to your home as possible.
The purpose of the assessment is to determine the impact the data breach has had on your mental health both in the short and long term. The medical expert would compile their findings in a report which your lawyer would use for two reasons:
- To prove that the data breach caused the harm you allege
- To enable your lawyer to hone in on a valuation for your injuries.
In order to achieve the second point, your lawyer would consider a publication alongside this evidence known as the Judicial College Guidelines. This sets out guideline payout amounts for a variety of different injuries and severities of injury.
We have used figures from this publication in the table below. We believe this could give you a rough idea of how much compensation could be appropriate for your claim.
|Type Of Illness or Injury||Judicial College Guideline Bracket||The Severity of the Illness/Injury|
|General cases of psychological injury||£51,460 to £108,620||Severe|
|PTSD||£56,180 to £94,470||Severe|
|PTSD||£21,730 to £56,180||Moderately severe|
|General cases of psychological injury||£17,900 to £51,460||Moderately severe|
|General cases of psychological injury||£5,500 to £17,900||Moderate|
|PTSD||£7,680 to £21,730||Moderate|
|General cases of psychological injury||Up to £5,500||Less severe|
|PTSD||Up to £7,680||Less severe|
For a more precise estimate of your compensation award, please get in touch with our team.
We previously mentioned that under GDPR and the Data Protection Act, victims of patient health data breaches could claim for non-material and material damages. But what does this mean?
- Material Damage – If a data breach by Lloyds Pharmacy involves the breach of financial information, for example, this could lead to identity theft or fraud. If a victim of a data breach suffers financial harm, they could be eligible for compensation for this.
- Non-Material Damage – If there is a pharmacy data breach of a patient’s prescription information, for example, this could cause distress. They may worry that their sensitive data could be used for nefarious purposes, and they could feel similarly than they would if they were burgled. GDPR allows people to claim for the non-financial damages caused by a breach.
If the Information Commissioner’s Office becomes aware of a data breach by Lloyds Pharmacy, they could launch an investigation. However, the advice they give is for you to try and resolve your complaint with the organisation that breached your data in the first instance.
What Should Be In A Data Breach Report?
When you write to the organisation that breached your data, you should include all relevant details pertaining to the data breach, addressing your letter to the Lloyds Pharmacy data protection officer. You should include details of how the data breach has affected you.
If you don’t receive a satisfactory response, you could opt to contact the ICO to raise your concerns. They could investigate the breach and issue enforcement actions against the organisation, but you should do so relatively quickly, as undue delays could result in the ICO refusing to investigate.
The enforcement actions they could take could include fines. According to the GDPR, the maximum fine the ICO can issue for infringements of GDPR is £17.5 million or 4% of the organisation’s global annual turnover.
Do I Need To Report The Breach To Claim?
It is not legally necessary for you to report a data breach by Lloyds Pharmacy in order to claim compensation. If it has been three months since the last meaningful contact you’ve had with the organisation about your complaint, you could seek help from a data breach solicitor. We could help you connect with such a solicitor, who could fight for compensation under No Win No Fee terms.
No Win No Fee agreements offer the opportunity for victims of data breaches to make pursue justice without paying legal fees upfront. Under a No Win No Fee agreement, you’d only have to pay legal fees to your data breach solicitor if they achieved a payout for you. The way in which these claims work is generally as follows:
- The data breach lawyer sends you an agreement to sign. Within the text of the agreement, you will find mention of a small, legally capped success fee. This is usually a fixed percentage of your eventual final payout. As we mention, it is only payable if compensation has been achieved.
- Once you’ve signed your agreement and returned it to the lawyer, they would begin work on your case. They would negotiate a settlement for you, and if necessary, file paperwork with the courts to help you fight for the compensation you deserve.
- When your compensation comes through, the lawyer deducts the agreed fee, and you benefit from the rest.
What If My Claim For A Data Breach By Lloyds Pharmacy Is Unsuccessful?
Under the terms of the No Win No Fee agreement, you wouldn’t pay the success fee if your lawyer didn’t get you any compensation. And you wouldn’t pay any of your lawyer’s fees either.
We have created a guide that explains more about making No Win No Fee claims, which you can find here. If you would like to chat with us about this type of arrangement, we’d also be happy to answer your questions over the phone.
Legally, you could make a claim for a data breach by Lloyds Pharmacy without having a data breach solicitor by your side. However, lots of claimants prefer having the support of a legal professional when making data breach claims.
A data breach solicitor could make the process of claiming simpler, by:
- Completing the legal paperwork on your behalf
- Handling negotiations with the organisation that breached your data
- Helping you take your case through the courts if necessary, although many claims never reach court
- Ensuring you claim for all the damages you’re eligible for
Whether or not you use a solicitor or not to help you with your claim is a personal choice. If you’d like to reap the benefits of having an experienced legal professional on your side, we could help you get started.
Finding a data breach solicitor online could be tricky. There are many law firms out there that seemingly offer very similar services. This can make it difficult to know what choice would be right for you.
You could narrow down your search by asking relatives and friends for recommendations. However, they may not be able to help you. Perhaps you could shortlist a few lawyers and call them to see whether you feel you could work with them, or check independent review sites to see what other claimants have written about them?
Or, you could always call our team and allow us to connect you with a No Win No Fee data breach solicitor from our panel that we’re sure will be able to help you.
Here at Legal Helpline, we have lots of useful information about the solicitors we could connect you with. We could help you find an appropriate legal professional for your case without any fuss. And we could even check your eligibility for free.
Would you like to get some advice on your rights following a data breach by Lloyds Pharmacy? Perhaps you’re looking for a free case check, or would like us to connect you with a data breach lawyer from our panel. Whatever you need, we’re here to help. You can reach us via:
In this section, we’ve provided answers to some questions we often get asked about data breach claims.
Can I Get Compensation For A Data Breach?
If you know that an organisation has breached your personal data, and you have suffered financial harm, you could be eligible for compensation. You could also make a data breach claim for psychological harm if you’ve suffered these as a result of a breach.
How Do I Know If My Data Security Or Privacy Was Breached?
There are several clues that could give you an idea that your personal data has been breached. These could include:
- Receiving fake anti-virus messages
- Checking data breach websites
- Suspicious activity on your financial accounts
Organisations who suffer a data breach that affects the rights and freedoms of individuals must inform victims of the breach. If you’re at all concerned that you’ve become a victim of a data breach, you should raise your concerns with the relevant organisation.
Can I Be Compensated For A GDPR Breach?
Section 168 of the Data Protection Act 2018 allows victims of GDPR data breaches to claim compensation for non-material and material damages. This means you could claim for financial harm caused by identity theft, for example, as well as stress, distress and anxiety.
What Other Data Protection Rights Do I Have?
Your data rights include:
- A right to be informed
- Rights of access
- A right to rectification
- The right to the erasure of your data
- Rights regarding restriction of processing
- Data portability rights
- Objection rights
- Rights relating to automated profiling and decision making
Thanks for reading our guide to what to do if you’ve fallen victim to a data breach by Lloyds Pharmacy. In our final section, we’ve added some links to other guides you may find useful.
My Employer Breached The Data Protection Act – If it was your employer that breached your data, this guide could be useful.
Pharmacy Data Breaches – This general guide to pharmacy data breaches may also be of interest to you.
Bank Data Breach – If a bank has breached your data, you could find some useful advice here.
Keeping Your Data Safe – This guide offers advice from the National Cyber Security Centre about keeping your data safe.
Dealing With Anxiety – This NHS offers insight into dealing with anxiety. You may find this useful if you’ve suffered anxiety because of a breach of your personal data.
Getting Support As A Victim Of Identity Theft – You may find this Victim Support link useful if you’re looking to talk to someone about the effects of a data breach.
Guide by JJ
Edited by REB