In this guide, we discuss what can happen when experiencing a child adoption data breach. Learn about the legislation that guides data protection. Also, learn how to claim compensation if you’ve experienced a breach.
Highly sensitive data can be included with child adoption files. Some of this data could be classed as special category data and require more protection. We explore the consequences for families when this information is breached. In addition, we look at an example of how this information has been breached.
You might want to claim compensation if you have evidence of a data breach. We look at the types of damages you could claim, including examples of both. If you think you have a valid claim, you can contact our advisors. They may connect you with our solicitors.
Our solicitors operate under a No Win No Fee arrangement. We explain what this means and why it might be beneficial.
To get in touch:
Select A Section
- A Guide To Child Adoption Data Breach Claims
- Does The UK GDPR Cover Adoption Records?
- Types Of Child Adoption Data
- Examples Of Adoption Records Data Breaches
- How Much Could You Claim For A Child Adoption Data Breach?
- How Do I Claim For A Child Adoption Data Breach?
The unlawful or accidental loss, alteration, disclosure, destruction of or access to personal information is considered a data breach. It begins with a security breach. These could occur accidentally, due to human error, for example, or through a cybersecurity incident, such as hacking.
A child adoption data breach could result in risks to the child involved plus their adoptive parents. To avoid these risks, the family may have to move house or leave the area. This could prove costly for the family if social services data is breached, for example.
You might be entitled to claim compensation to recover costs related to a breach of your data. Also, you could claim for any distress caused by the data breach. Evidence of the breach is required, such as an email informing you that your personal data has been compromised, to claim.
You’d also need to show that the data controller or data processor was responsible for the breach. For example, they may not have supplied online security, resulting in hacking. A data controller is an organisation that decides why and how personal information is processed. A data processor is an organisation sometimes used by data controllers to process personal information on their behalf.
To discuss evidence of an adoption data leak and what you can do about it, speak to our advisors.
Statistics On Government Data Protection Breaches
The Information Commissioner’s Office (ICO) collects quarterly statistics on data breaches. Local governments experienced a total of 217 for the third quarter 2021/22.
Child adoption data can contain information that would class as special category data. We’ll look at special category data in the section below.
The UK General Data Protection Regulation (UK GDPR) sits alongside the Data Protection Act 2018 (DPA) to protect your personal information. You would normally be allowed to access personal information held about yourself. However, there can be some exceptions. Schedule 4 of the DPA, for example, makes adoption data exempt from your right to access if certain other enactments, such as regulation 14 of The Adoption Agencies Regulations 1983, apply.
If you’ve experienced a child adoption data breach and someone unauthorised had access to your personal data that you couldn’t have access to, you might feel angry.
Our advisors are available to talk to you 24/7 if you have evidence of a child adoption data breach involving yourself or your adoptive children.
Certain sensitive personal data classes as special category data. The collection of special category data could create a risk to an individual’s rights and freedoms. Rights to a private and family life and freedom from discrimination are included.
Organisations might require a Data Protection Impact Assessment (DPIA) if they profile children or process data that might endanger the individual’s physical health or safety. A DPIA is a process that can help organisations identify the risks of processing personal data.
Special category data requiring special protection includes:
- Racial or ethnic origin
- Political beliefs
- Philosophical or religious beliefs
- Trade union membership
- Biometric (for ID purposes) or genetic data
- Health information, covering both physical and mental
Our advisors can discuss your options if you have experienced an adoption records data breach.
2017 saw details of 2,743 adoptees sent to 77 email addresses in a child adoption data incident by Newcastle City Council. The details included the name, address, and date of birth of adopted people. This was a human error data breach that occurred when an employee accidentally attached an internal spreadsheet to an email.
Personal data breaches could result in the birth parents finding out the location of a child. Subsequent emotional distress could arise in both the children and family members of the children involved. In extreme cases, a house move might be necessary to protect against the physical safety of the family.
Contact our advisors to discuss your legal options following a child adoption data breach.
You might qualify for GDPR data breach compensation. Material and non-material damages are the two heads that could make up your potential claim, if you decide to file one. We discuss each in further detail below.
Losses caused by the data breach are recovered under the material damages head. You must supply evidence of your costs, however, such as receipts. A data breach of adoption databases could necessitate a house move, for example, which could prove costly. There are a lot of hidden costs involved with moving house, such as estate agents’ fees.
In child adoption data breach claims, material damages could include:
- Stamp duty
- Estate agent’s fees
- Removal fees
- Rental costs
- Travel costs
- Relocation allowance
- Loss of earnings
Any psychological injuries suffered as a result of a child adoption data breach are covered under the non-material damages head of your claim. Due to the Vidal-Hall and others v Google Inc (2015) ruling in the Court of Appeal, you do not need to experience material damages to claim for psychological harm. Before this, you could only claim for psychological damage if you’d suffered financial loss too.
To assign potential value to your injuries, solicitors may refer to a document titled the Judicial College Guidelines (JCG). The JCG lists potential compensation brackets alongside injuries that might result in that amount.
To claim under this head you might be required to undergo an independent medical assessment. This is to give a better idea of the extent of your psychological injury.
We’ve provided examples of psychological injuries, including post-traumatic stress disorder (PTSD) in the table below. These are taken from the JCG.
|Severe Psychiatric Injury||£54,830 to £115,730||Inability to cope with life and a negative impact on personal relationships. A very poor prognosis for recovery.|
|Severe PTSD||£59,860 to £100,670||Can't function at pre-trauma level permanently.|
|Moderately severe PTSD||£23,150 to £59,860||Significant disability from PTSD symptoms for foreseeable future but with professional help, there might be some recovery.|
|Moderately severe psychiatric injury||£19,070 to £54,830||Significant problems with personal relationships and coping with life generally. However, the prognosis is optimistic.|
|Moderate PTSD||£8,180 to £23,150||Continuing impact but remaining symptoms are not grossly disabling.|
|Moderate psychiatric injury||£5,860 to £19,070||A marked improvement on an inability to cope with life and personal relationships with a good prognosis.|
|Less severe PTSD||£3,950 to £8,180||Minor symptoms persist beyond 1-2 years but there's been a virtually full recovery.|
|Less severe psychiatric injury||£1,540 to £5,860||Daily activities and sleep disturbances from a psychiatric injury.|
Our advisors can estimate your potential damages and talk you through what evidence you could present for material damages.
A solicitor could make the claims process seem easier. Traditionally, legal representation has been expensive. There is another way.
A No Win No Fee arrangement offers a way to have the services of a solicitor with minimised financial risks. That’s because there are no upfront solicitor fees under No Win No Fee. A success fee, which is legally capped, is taken from the awards of successful claims. This arrangement could also be called a Conditional Fee Agreement (CFA).
Free legal advice if you’ve experienced a child adoption data breach is available from our advisors. You can discuss what evidence you need to supply to support your claim with them. They can also talk you through what you could claim under material damages. If they can see you have an eligible claim, they could connect you with our solicitors.
To get in touch:
Public Sector Data Breach Claim Resources
We’ve provided links that you might find useful:
- How to Make a Data Protection Complaint Guide from the Government
- Special Category Data Guide from the ICO
- Report a Data Breach to the ICO
And more guides:
- What are My Rights After a University Data Breach?
- Your Rights After a School Data Breach
- What Are My Rights After a Credit Card Data Breach?
If you have any questions about making a child adoption data breach claim, why not reach out?
Guide by DSB
Edited by RV