An Accountant Shared My Personal Data – Can I Claim Data Breach Compensation?

If you have suffered financial damage because an accountant shared your personal data, it can be hugely distressing. Not only can it cause financial harm, but it can also cause you stress knowing for sure that your personal data has been compromised. If your data has been handled in a way that breaches the Data Protection Act 2018 (DPA) or the UK General Data Protection Regulation UK GDPR, you may be able to claim.

accountant-shared-my-personal-data

An accountant shared my personal data, can I claim?

If the security, integrity, or confidentiality of your personal data has been affected in a security incident, this is known as a personal data breach. Following a breach, you may be able to make a claim for any financial harm you may have suffered, as well as for any psychological injuries you might have experienced. For instance, if you have received a diagnosis of PTSD as a result of a personal data breach. Not all those affected by an accountant data breach will have the right to claim compensation. Showing how the organisation failed in its regard to adhere to data protection laws is vital. 

Our team of advisors can review your claim free of charge and then present you with your options. Our data breach solicitors could also handle your claim on a No Win No Fee basis. You can choose one of these ways to reach us:

Select A Section

  1. Do Organisations Always Need Consent To Share Your Data?
  2. When Could An Accountant Share Your Personal Data Without Consent?
  3. What Personal Or Sensitive Data Could An Account Have Access To?
  4. Can I Claim If An Accountant Shared My Personal Data Without Authorisation?
  5. What Could I Claim If An Accountant Shared My Personal Data In A Data Breach?
  6. Contact Us If An Accountant Shared Your Personal Data

Do Organisations Always Need Consent To Share Your Data?

Organisations may have legally valid reasons to use your data and hence may not require explicit consent. This is called having a lawful basis, and according to the Information Commissioner’s Office (ICO), there are 6 lawful bases for processing personal data. We will explain this in further detail in the next section.

Under the UK GDPR, accountants can be considered data controllers. This means they decide what data to collect, how to use it, and why. As data controllers, accountants must follow data protection laws in the collection and processing of your personal data.

If your personal data is processed outside of these six lawful bases by an accountant, this is a breach of the UK GDPR. Reach out to our advisors today for any more UK GDPR and data breach compensation questions you may have. 

When Could An Accountant Share Your Personal Data Without Consent?

As we mentioned earlier, an accountant can share personal data if they have the lawful basis to do so. There are 5 other lawful bases for processing apart from consent. These 5 lawful bases are equally important as receiving consent.

Some examples of how the six bases might apply include:

  • Legal Obligation: An accountant is under a legal obligation to share personal data for investigating a criminal situation, e.g contacting the police if they suspect fraud or other criminal activity is taking place.
  • Contract: An accountant may need to process staff information for salary and payroll reasons.
  • Vital interests: This will cover an emergency medical situation where personal data is processed to protect life.
  • Public task: To share data because it is in the public’s interest set out in law.
  • Legitimate interests: For the purpose of the company unless legitimate interest is overridden by the individual’s interests, rights or freedoms.

Contact our team of advisors today to find out if you can make a data breach claim because an accountant shared your personal data.

What Personal Or Sensitive Data Could An Accountant Have Access To?

Accountants often have access to both personal and personally sensitive data as part of their job roles. According to UK GDPR, personal data is any data that could be used to identify you or someone else. Some examples of personal data an accountant may have access to can include:

  • Names
  • Addresses
  • Credit or debit card information
  • Email addresses
  • National Insurance numbers

Special category data or personally sensitive information requires even more protection under the UK GDPR, because this data is defined as sensitive. Some examples of special category data that an accountant may have access to can include:

  • Personal data that reveals political opinions or leanings
  • Personal data that reveals religious beliefs
  • Trade union memberships
  • Data concerning the health of an individual

Your accountant must ensure that they process this data within the parameters set out by data protection legislation. This includes making sure their cybersecurity systems can adequately defend against cyberattacks. If they fail to do so, this is positive wrongful conduct.

If you suffer harm as a result of a personal data breach caused by positive wrongful conduct, you may be able to claim compensation. Contact our advisors today for more information.

Can I Claim If An Accountant Shared My Personal Data Without Authorisation?

If an organisation suffers a data breach that affects the rights and freedoms of clients they must inform these clients as soon as possible. It must also tell the ICO within 72 hours of discovery. 

If you suspect that you have been involved in a personal data breach, you can contact the accountant or accountancy firm themselves and ask whether your information has been involved in a breach. However, if you do not receive a response, or the response is not satisfactory, you can then make a complaint to the ICO. While they cannot provide compensation, they may be able to open an official investigation into the breach, and may also impose a fine on organisations found to be in breach of data protection law.

If you have suffered financial loss or emotional harm as a result of a personal data breach caused by positive wrongful conduct, you may be able to claim. Contact our advisors now to find out how one of our experienced data breach solicitors could help you.

What Could I Claim If An Accountant Shared My Personal Data In A Data Breach?

There are two types of compensation you can claim in a data breach case: Material damages, and non-material damages. Material damages refer to any financial harm you may have experienced as a result of a personal data breach. For example, this could include fraudulent purchases made on your credit or debit card, or damage to your credit score.

Non-material damages refer to any psychological harm you may have experienced as a result of the breach. For example, you may have a diagnosis for PTSD or significant stress following a personal data breach.

Following the ruling of Vidal-Hall and others v Google Inc [2015] – Court of Appeal, the judge set a precedence that allows a claim for psychological damage even without any financial loss. 

The table below shows figures from the 2022 edition of the Judicial College Guidelines (JCG), which provides a list of injuries with a corresponding compensation bracket. However, these figures are guidelines only, and the actual amount of compensation you may receive can vary. 

InjurySeverityNotesAmounts
Post-Traumatic Stress Disorder (PTSD)

(a)
Severe
Permanent symptoms that prevent any prospect of employment.

£59,860 to £100,670
PTSD

(b)
Moderately Severe
Some chance of recovery with professional help, as reflected in the prognosis.£23,150 to £59,860
PTSD

(c)
Moderate
Cases of large recovery with a good prognosis.£8,180 to £23,150
PTSD

(d)
Less Severe
A virtually full recovery with only minor symptoms continuing.£3,950 to £8,180
Psychological Damage(a)
Severe
Severe issues coping with life, work and education.£54,830 to £115,730
Psychological Damage(b)
Moderately Severe
Significant issues persist with the above, but with a more optimistic prognosis.£19,070 to £54,830
Psychological Damage(c)
Moderate
Symptoms improve by the time of trial, as reflected in a good prognosis.£5,860 to £19,070
Psychological Damage(d)
Less Severe
Consideration given to length of disability and severity of symptoms.£1,540 to £5,860

For a free estimate of what your claim could be worth and to find out how one of our expert data breach solicitors could help you, contact our team of advisors today.

Contact Us If An Accountant Shared Your Personal Data

If you have decided to make a claim because an accountant shared your personal data in a data breach they are responsible for, you can call our advisors for free legal advice. They can also connect you to one of our experienced solicitors, who are experts in data breach cases to help you start your claim.

Our solicitors are able to represent you on a No Win No Fee basis, they may offer you a Conditional Fee Agreement 2013 (CFA). Under a CFA, you will not pay any of your solicitor’s fees unless your case succeeds. In this case, your solicitor will take a percentage of your compensation, although this percentage has a legal cap. This will be their success fee.

To find out how our solicitors could help you, contact us today by:

Related Services Data Protection Breach Resources

ICO Guide – Taking Your Case To Court And Claiming Compensation

ICO Guide – Does An Organisation Need My Consent

Gov.UK Guide – Cyber Security Breaches Survey 2021

Or, for more helpful guides:

What Are My Rights After An Employer Breach

FAQs After A School Data Breach

Rights After A Loan Provider Data Breach

If you need a free case assessment because your accountant shared your personal data call our advisors today.