In this guide, we will explore the effects of medication data breaches, and outline who could be eligible to make a claim for compensation.
We investigate the legislation that governs data protection. This legislation sets out your rights as a data subject as well as compensation eligibility criteria.
We also look at what you could experience if information about what medications you take is breached. Additionally, we explore how a breach of your medical and medication data could occur.
Following this, we detail how compensation payouts for personal data breach claims are calculated, and provide examples of guideline compensation brackets.
If you decide to seek personal data breach compensation, you may find the legal process feels less stressful with legal representation. We will explore No Win No Fee arrangements to conclude this guide and detail how one of our personal data breach solicitors could help you.
To get in touch with our claims team:
Select A Section
- What Are Medication Data Breaches?
- How Could Medication Data Breaches Impact You?
- What Medication Information Could Be Affected?
- Who Could You Claim Against?
- Compensation Payouts For Medication Data Breaches
- How To Make A No Win No Fee Claim
Medication data breaches are a kind of personal data breach. When the integrity, confidentiality, or availability of your personal data is compromised in a security incident, this is a personal data breach.
The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA) govern data protection for UK residents. This legislation gives increased rights to data subjects over the processing of their personal data and sets out the protocols that data controllers and processors must follow. A data controller decides how and why they process your data, and a data processor acts on their behalf.
Personal data includes your:
- Phone number
- Date of birth
- Email address
Your medical and health data require extra protection under data protection legislation, as they fall under a subtype of personal data known as special category data. A medication data breach may occur if personal data that refers to your specific medications or conditions is compromised.
Our medical data breach claims team are available to answer any questions if your medical records were compromised.
How Often Do Healthcare Data Breaches Happen?
The Information Commissioner’s Office (ICO) is an independent body established to help protect data security rights. They collect and publish data security trends statistics. The graph below contains statistics regarding reported breaches in the health sector during the fourth quarter of the 2021/22 financial year, focusing on non-cyber incidents.
There are many ways that a medication data breach could impact you. For example, you may experience emotional distress or financial harm. This could be psychological injuries such as anxiety, depression, or post-traumatic stress disorder. Or financial losses such as damage to your credit score or withdrawals made fraudulently from your bank account.
In this section, we examine what you need to prove to be eligible to make a data breach compensation claim. To make a valid claim for compensation, you must be able to prove that:
- The organisation, such as a private healthcare provider, failed to comply with data protection laws. The breach must occur as a result of these failings.
- The data breach included your personal data, which is any information that could identify you
- You experienced harm as a direct result of the breach. This could be a monetary loss, a psychological injury, or both.
To learn more about medication data breaches and how they could affect you, contact our advisors today.
Medication data breaches could occur in a number of ways. An optician data breach could happen, for example, or a pharmacy data breach could occur. As we mentioned earlier, data that reveals anything about your health is special category data and requires special protection. This can include:
- Your prescriptions
- Your medical records
- Test results
- Past treatments
- Information regarding your medications
Contact our data breach claims team to discuss what steps you could take following a medical data breach.
If your case meets the eligibility outlined above, you may be able to claim against the organisation responsible. This could be any organisation that has access to information regarding your medications. For example, your pharmacy or GP surgery.
Generally, you have six years to start a personal data breach claim. However, if you intend to make your claim against a public body such as the NHS, this will fall to one year.
To discuss the breach of your treatment records, contact our data breach claims team. If your medication breach of data protection claim seems eligible, they could put you in touch with a No Win No Fee solicitor with specialist knowledge of data breach claims.
In this section we examine how compensation for a data breach is calculated. Your personal data breach claim could be made up of two heads: material damage and non-material damage.
Before we examine the heads that could make up your claim, let us look at a Court of Appeal case. Vidal-Hall and others v. Google Inc. (2015) changed how damages in personal data breach claims could be awarded. Prior to this case, you could only claim for non-material damage if you also claimed for material damage at the same time. Now, however, you can claim for non-material damage without claiming material damage.
To recover any financial damages incurred due to medication data breaches, you can claim material damage. For example, this could be money withdrawn from your account fraudulently or damage done to your credit score.
If the data breach of your medical information caused emotional distress, such as post-traumatic stress disorder (PTSD), you may wish to pursue non-material damage. To help assign value to your injuries, legal professionals, such as a data breach lawyer, will use the Judicial College Guidelines (JCG). This document lists guideline compensation brackets with their corresponding injury. Examples of figures for mental health injuries provided in the table below are from the 16th edition, published in April 2022.
|£54,830 to £115,730
|Significant issues coping with daily life, work and education. The prognosis is very poor.
|Moderately severe (b)
|£19,070 to £54,830
|Significant difficulties coping with life occur, but the prognosis is more optimistic than in severe mental suffering.
|£5,860 to £19,070
|Improvements occur, but issues similar to the above may remain. The prognosis is good.
|Less severe (d)
|£1,540 to £5,860
|The award considers the impact on day-to-day activities and how long the disability lasted.
|£59,860 to £100,670
|The ability to function in any area of life to the same level as before the trauma does not return.
|Moderately severe (b)
|£23,150 to £59,860
|Some recovery is possible with professional help, but a significant disability occurs lasting into the foreseeable future.
|£8,180 to £23,150
|A recovery has largely taken place, but some symptoms that are not grossly disabling may still be experienced.
|Less severe (d)
|£3,950 to £8,180
|A virtual full recovery occurs, but some minor symptoms might be experienced past 1-2 years.
Speak to a member of our data breach claims team for an estimate of what you could claim.
You may wish to seek legal advice before making a medical data breach claim. A specialist No Win No Fee solicitor could provide their services with a Conditional Fee Agreement (CFA).
When hiring one of our No Win No Fee solicitors, you generally won’t be charged for their services upfront. Instead of this upfront solicitors fee, your solicitor will take a percentage of your final award as their success fee. This percentage has a legal cap. However, if your claim is unsuccessful, you do not pay this fee.
Our team of advisors offer free legal advice and more help surrounding your claim. If they find your claim to be valid, they may connect you with one of our expert personal data breach solicitors.
To get in touch with the data breach claims team:
Find Out More About Claims For Medication Data Breaches
The following links might help you:
- Claiming Compensation Guide from the ICO
- Making a Data Protection Complaint Guide from the Government
- Stress Guide from the NHS
Additional data breach claims guides:
Guide by DSB
Edited by CH