As a data controller, an accountant has a responsibility to protect your personal information that you provide to them. A data controller is an organisation or company that determines the purposes for which any personal data is processed. If they fail to properly secure it they may have breached data protection law. If you have suffered psychological harm or financial damage because of this, you could be eligible to make a claim for compensation. This is a guide to what you can do if your personal data was breached by your accountant.
In this guide, we will also explain the data protection laws in place to protect your personal data.
Additionally, if your personal data has been breached, this guide will help you understand the steps you can take if you’re eligible to claim. For instance, it will look at the evidence you can gather and the benefits of seeking legal advice.
It will also show you how compensation for a data breach is calculated and what your claim may comprise if it’s successful.
Our advisers can also talk to you directly and answer any questions you might have about making a data breach claim. You can reach out now by:
Select A Section
- How Could An Accountant Have Breached My Data?
- Types Of Financial Information Handled By Accountants
- Causes Of Accountancy Data Breaches
- How Could Financial Data Breaches Impact You?
- What Can I Claim If An Accountant Breached My Data?
- Talk To Us About What To Do After An Accountant Breached Your Data
Data protection laws set out a data controller and data processor’s responsibility for protecting your personal data. This includes an updated version of the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR).
Personal data involves information containing your personal details. This could include your name, address or bank details. Accountants, as a data controller, must take reasonable steps to ensure your personal data is protected. There are seven principles set out in Article 5 of the UK GDPR which data controllers and processors must uphold.
If they fail to adhere to these principles, a personal data breach could occur. A personal data breach involves a security incident that causes your personal data to be unlawfully or accidentally destroyed, lost or altered. In addition, it could mean your personal data is disclosed or accessed without authorisation.
If you have experienced a personal data breach, please speak to one of our advisers. They can provide information about the actions you can take if an accountant breached your data.
Accountants are likely to process data such as:
- Information that could be used to identify you such as your name or email address
- Bank statements
- Salary Information
- Employment history
Financial Data Breach Statistics
The information Commissioner’s Office (ICO) is an independent body in the UK that upholds your rights and freedoms as a data subject.
The ICO has published quarterly data security incident trends for 2020/21. As such, we can see examples of the different security incidents that have occurred during Q3 of 2021/22.
- Data emailed to the wrong recipient: 4,138 incidents reported
- Loss or theft or paperwork or data that was left in an unsecured place: 2,062 incidents reported
- Data posted or faxed to an incorrect recipient: 2,987 incidents reported
Examples of how an accountant could breach your personal data could include:
- Sending an email containing your personal information to the wrong person
- Failing to have a lawful basis for using your personal information
- Failing to properly secure your personal information leading to someone accessing it without authorisation
If your personal data was breached by your accountant and you want to know whether you could be eligible to claim for compensation, then please speak to an adviser.
A personal data breach could impact you in a variety of ways. For example, you could experience:
- Loss of income: You may be psychologically impacted by the breach of your personal data. As such, you may need to take time off work resulting in you losing income.
- Information such as your personal address, or debit card or credit card being exposed could lead to fraudulent activity on your cards.
- Identity theft: Your financial information, such as your credit card or debit card details, could be breached in a ransomware attack. As such, you could experience identity theft and have your credit card details used without your authorisation. This could have a long-lasting impact on your finances, including your credit score.
- Stress: The exposure of personal information can be a cause of stress. For example, you may have concerns about what might happen to your finances. Also, you might be worried about what the information can be used for leading to you suffering distress after a data breach.
In the section below, you can learn more about what you could claim in compensation for the way the breach of your personal data has impacted you.
In order to make a successful personal data breach claim you must show how the data controller failed in their legal duty to adequately protect your personal data. Only then can you claim for the harm you have suffered.
You can seek out two types of data breach compensation. These include:
- Material damages: This is to address any financial losses caused by the personal data breach.
- Non-material damages: This is to address any mental harm sustained as a result of the personal data breach.
Non-material damages can include various types of psychological harm such as anxiety, stress, or post-traumatic stress disorder. You can seek out compensation for mental harm without claiming financial losses.
The guidelines set out bracket compensation amounts for different types of psychiatric harm. Solicitors and other legal professionals often use them to help when assigning a value to the non-material damages head of your claim.
Injury Notes Compensation Award
Severe Psychiatric Injury (a) Cases in this bracket will have a very poor prognosis and the person will experience significant issues with various aspects of their life. £54,830 to £115,730
Moderately Severe Psychiatric Injury (b) The person will experience significant problems but will have a better prognosis. £19,070 to £54,830
Moderate Psychiatric Injury (c) The person will have originally experience several issues but there will have been a significant improvement and a good prognosis. £5,860 to £19,070
Less Severe Psychiatric Injury (d) The award will consider how long the person was impacted. £1,540 to £5,860
Severe PTSD (a) The person will experience a permanent impact on all aspects of their life. £59,860 to £100,670
Moderately Severe PTSD (b) The person will show signs of improvement and have a better prognosis with some professional help. £23,150 to £59,860
Moderate PTSD (c) The person will have recovered for the most part and if there are any ongoing issues, they won't be majorly disabling. £8,180 to £23,150
Less Severe PTSD (d) A mostly full recovery is made within two years. £3,950 to £8,180
Please remember to only use these figures as a guide because settlements can vary.
If you would like a solicitor’s help in making a claim after your accountant breached your personal data, we could help. The solicitors from our panel offer No Win No Fee services including a Conditional Fee Agreement (CFA).
A Conditional Fee Agreement offers several benefits such as:
- Not having to pay upfront or ongoing costs
- Not having to pay a success fee to your solicitor if your claim fails
If your claim succeeds, you will need to pay a success fee from your compensation. The CFA you sign before proceeding with your claim provides further details on the fee. It is also subject to a legal cap.
Please reach out to one of our advisers to see if you can work with a No Win No Fee solicitor. They can also answer any other questions regarding your potential claim. You can contact them by:
Financial Data Breach Resources
Below, we have included some additional links you might find useful.
- ICO: Data Protection Complaints
- GOV: Data Protection
- FCA: Financial Services Register
- What Are My Rights After An Employer Data Breach?
- Customer Service Data Breach Claims
- What Are My Rights If An Administrator Breached My Data Privacy?
Please get in touch with our advisers for more information on what to do if your accountant breached your data.