Our guide outlines when you could make a claim if your data has been breached by your workplace. We set out the requirements you will need to meet to make a claim for data breach compensation and the steps you could take to support your case. As well as this, we highlight the limitation periods for starting a claim.
There are certain parties, known as a data controller and data processor, who have a responsibility to protect your personal data. Each has a different role with a data controller setting the purpose for processing and the data processor acting on behalf of the controller. We will explore the legislation that outlines the responsibilities they have in more detail throughout our guide and the ways a breach could occur if these aren’t adhered to.
Furthermore, we finish our guide by explaining how compensation for a data breach claim is calculated. Also, we discuss what you can expect if you are to enter into a No Win No Fee agreement with a solicitor and the services they could offer.
For further information about your potential claim, please continue reading. Alternatively, if you would like to talk with our team about your specific circumstances in more detail, please don’t hesitate to reach out via the contact details below:
Choose A Section
- Could You Claim If Your Data Has Been Breached By A Workplace?
- What Data Could Be Impacted By A Data Breach At Work?
- Data Breach Time Limits
- How To Claim If A Workplace Data Breach Occurs
- What Could You Claim For If Your Data Has Been Breached By Work?
- Contact Our Team If Your Data Has Been Breached By A Workplace
You could have grounds to make a claim if your data has been breached by a workplace. However, certain eligibility requirements need to be met in order to do so.
Firstly, you need to show that a data controller or processor didn’t uphold their responsibilities set out in the Data Protection Act 2018 and UK General Data Protection Regulation. Secondly, you need to prove that as a result of their wrongful conduct, a breach of your personal data occurred. Finally, you need to show that this breach caused you to suffer financial damage and psychological harm as a result.
A personal data breach is a security incident in which the confidentiality, availability and integrity of your personal information has been compromised. There are several ways this could occur in the workplace. We have provided some examples in the following section.
How A Workplace Could Breach Your Personal Data
There are different types of personal data breaches, such as those caused by human error and those caused by cyber security issues. In some cases, an accidental data protection breach could occur.
Examples of your data could be breached by a workplace include:
- Your employer sent your personal data to the wrong address due to the company records not being up to date.
- An HR department data breach could occur if an email is sent to multiple people without the blind carbon copy feature being used.
- Your employer may send your payslips to the wrong email address.
To find out if you can sue a company for a data breach, please speak with our team for further details. They can discuss your specific case in more detail.
Personal data is information that can be used to identify you. This can include your name, address, phone number, and personal email address. It can also include information relating to your finances, your debit card details and your National Insurance number.
Another form of personal data is special category data which is more sensitive and requires further security. This can include personal data that reveals your racial or ethnic origin, trade union membership and religious or philosophical beliefs. It can also include data that concerns your health or biometric data.
Your employer may have access to this information and have it on record for different purposes. If this information is breached, it could lead to you experiencing psychological harm, such as stress, anxiety and distress. Also, you could experience monetary loss if your banking information is compromised and money is stolen from your account.
If you make a successful data breach claim, you could be awarded compensation that addresses the different forms of damage you have experienced. Find out more by calling an advisor on the number above.
You usually have six years to begin a personal data breach claim. However, when making a claim against a public body, this is reduced to one year.
Our team of advisors can provide more information on the time limits and how long you may have to seek compensation.
There are steps you can take after your data has been breached.
Your employer should notify you without undue delay if the breach infringes upon your rights and freedoms. They should also bring this to the attention of the ICO within seventy-two hours.
Alternatively, if your data has been breached by your workplace and you are the first to suspect your involvement, you can complain directly to your employer. This can give you the chance to ask more questions about the cause of the breach and how they are handling the situation.
If you find their communication to be inadequate or they do not give you any response, you can report the data breach to the ICO. The ICO can potentially investigate further into the breach but they cannot award compensation.
Keeping copies of the correspondence between you and your employer as well as any communication you have had with the ICO can be used as evidence to support your potential claim.
You may encounter non-material damage if your data is breached by your workplace. This refers to the emotional harm you experience because of the breach. Your settlement could include compensation to address the psychological effect. For instance, if your mental health problems were made worse because of this event, you could receive compensation for this harm.
When the compensation for this damage is being valued, legal professionals can utilise the guideline compensation brackets outlined in the Judicial College Guidelines. These are in the table for guidance, however, as your actual settlement will differ depending on the circumstances of your claim.
|There are marked issues in respect to coping with relationships, employment, and future vulnerability. The prognosis will be very poor.
|£54,830 – £115,730
|Moderately Severe (b)
|Problems coping with education, relationships, and work are still significant but there is a better and more optimistic prognosis.
|£19,070 – £54,830
|Marked improvement and a good prognosis.
|£5,860 – £19,070
|Less Severe (d)
|The duration of disability and the way it has affected daily life will be considered.
|£1,540 – £5,860
|A return to employment and life pre-trauma is prevented by permanent effects.
|£59,860 – £100,670
|Moderately Severe (b)
|The prognosis is better and there is the some recovery after medical help is sought. However, a significant disability is present for the foreseeable future.
|£23,150 – £59,860
|Recovery has largely occurred and the impacts that remain do not cause a major disability.
|£8,180 – £23,150
|Less Severe (d)
|Minor symptoms remain but the recovery is virtually made over one to two years.
|£3,950 – £8,180
Further Compensation You Could Claim
You could also suffer material damage which refers to the financial losses you may have incurred from the breach. For example, your employer will likely have your bank information on file. This will usually be for the payment of your wages into your bank account.
If this data has been breached, it could cause unauthorised individuals to have access to your bank details. As such, they could take money from your account or purchase things in your name.
Compensation can be awarded to address these financial losses. However, you should provide evidence to prove them, such as credit reports, bank statements, or payslips.
For more information on the data breach compensation you could receive following a successful claim, get in touch on the number above.
Firstly, if you decide to work with a solicitor, they may propose to work your claim on a No Win No Fee basis. As such, they might offer a Conditional Fee Agreement (CFA) which is a specific kind of No Win No Fee contract.
Typically, this means there will be no requirement for you to pay for the services your solicitor has provided if your claim is unsuccessful.
However, a successful claim will generally mean that your solicitor can deduct a percentage from your compensation. This is a success fee which has legal restrictions placed upon it by the Conditional Fee Agreements Order 2013.
Contacting Our Expert Team
If your data has been breached by your workplace, contact an advisor to find out whether you could be eligible to seek compensation and have a solicitor from our panel work your claim under a CFA. To get in touch, you can:
- Telephone on 0800 073 8801
- Complete our web form to contact us
- Speak with a member of our team directly through our chat feature below.
Learn More About Workplace Data Breach Claims
More of our guides:
- Anxiety Due To A UK GDPR Data Breach – A Guide
- My Banking Details Were Shared – Can I Claim Compensation?
- A Company Misused My Data – How Do I Claim?
- Generalised Anxiety Disorder – NHS
- Personal Data My Employer Can Keep About Me – Government Guidance
- Secure Home Working On Personal IT – National Cyber Security Centre
Thank you for reading our guide on when you could claim if your data has been breached by your workplace. For more information, please get in touch using the number at the top of the page.
Guide by EM
Edited by MMI