There are certain types of data and information that need to be kept secure. This includes any identifiable data and information that is considered to be sensitive. Any organisation (data controllers) that handle your personal data must abide by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. So if you have fell victim to a salary information data breach can you make a personal data breach claim? Find out in this guide.
We will talk about the rules set out in the UK GDPR and Data Protection Act 2018 (DPA); the country’s two main legislation on data protection. We will explain what actions can be a data breach, and offer information on the steps you can take if you suffered harm from one. We will also explain how you can get in touch with a solicitor to help you make a claim for compensation.
Advisers are also available to answer any questions you might have. They offer free legal advice and can discuss your situation with you. To contact one, either:
- Call them on 0800 073 8801.
- Email them at email@example.com
- Use the live chat feature
- Contact Us Page
Select A Section
- What Is A Salary Information Data Breach?
- Is Salary Information Covered By UK GDPR?
- How Can You Protect Information In The Workplace?
- Does The UK GDPR Allow You To Claim For A Salary Information Data Breach?
- How Much Compensation For A Salary Information Data Breach
- Begin Your Salary Information Data Breach Claim
A personal data breach is the result of a data security issue generally within an organisation. There are 7 Core Principles that those who handle personal data must abide by in order to comply with data protection laws.
Any unlawful use, sharing, altering of or destruction of your personal information can be a data breach. Two examples being:
- Your payslip, containing personal information is sent to the wrong postal address.
- A computer device, such as a USB, is left in an insecure location and contains personal financial information.
If you suffer harm from a breach your employer, or an organisation is responsible for they may be liable should you make a personal data breach claim.
Should you become a victim to a salary information data breach, please speak with one of our advisers.
What Is Personal Information?
Any information about you is your personal information. This can be information:
- That can directly identify you
- That can be used with other information to identify you:
- Relating to you, or is about you:
Processing is the act of collecting, storing, using or sharing information. When personal information is processed, it becomes personal data and so is covered under the Data Protection Act 2018.
UK GDPR covers all data that a person can be identified from. Salary information will not always be “personal” information, in that it might not be particularly identifying or relate solely to you.
Data protection laws cover personal data and data that is personally sensitive. Personal data is as follows:
- Email Adress
- Mobile Telephone Number
- National Insurance Number
- Debit/Credit Card Details
Special or sensitive data can include:
- Religious Affiliations
- Gnome Data
- Health Records
- Political Beliefs
- Trade Union Memberships.
If any of the above data is breached as part of the salary information leak then you may be eligible to make a claim. This would be on the basis you have suffered financial losses and/or emotional distress. As well as being able to prove that the breach occurred due to a failure to comply with data security laws.
If a salary offer or a new position acceptance letter containing personal identifying information is sent to the wrong email address, wrong postal address or is leaked in another way this can be considered a personal data breach.
There are actions a workplace can take to help minimise data breaches. These include:
Limiting Access To Information
So that only people who have a valid reason to use personal data have access to it.
Training People On Data Protection Responsibility
So that employees are aware of the strict standards in place
Better Data Security Practices:
Good practices a workplace can take up include
- Make sure information is accurate – so as not to send information to the wrong person
- Securing devices containing personal information, to limit unauthorised access
- Avoid the use of shared or untrusted computers when accessing personal information.
If you suffered harm from a salary information data breach, please get in touch with one of our advisers.
If your personal information is exposed or leaked due to a UK GDPR breach then there are steps you can take to find out how this breach may affect you.
According to the Information Commissioner’s Office (ICO), you should first make a complaint in writing to complain about the breach. This should be to the organisation you hold liable for breaching your information. If you are unsatisfied with their response, you can then escalate internally. Should you be concerned that your issues are not being taken seriously you have the option to report them to the ICO within three months of your last correspondence.
Call our advisors about your salary information data breach. They will assess your case for free. Where they can see that you may be awarded compensation they can connect you to data breach solicitors.
If your personal data breach claim is successful you will be awarded damages. If you suffered financial harm from the breach, you can seek compensation under a head of claim known as material damages.
If the breach affected you mentally, you can seek out compensation for the psychological injury in the second head of claim known as non-material damages. Psychological injuries can be afflictions like Post Traumatic Stress Disorder or distress from the breach.
We’ve included figures from the 2022 edition of the Judicial College Guidelines (JCG) to show you potential awards for psychological injuries. The figures come from settlements previously reached in court:
|Severe PTSD||Permanent effects affecting all aspects of a person's life||£59,860 to £100,670|
|Moderately Severe PTSD||While a person's ability to function was greatly disturbed, professional help has helped recovery||£23,150 to £59,860
|Moderate PTSD||A person will have mostly recovered from initial signs of PTSD||
£8,180 to £23,150
|Less Severe PTSD||A person will have more or less fully recovered within 2 years||£3,950 to £8,180|
|Severe Psychiatric Damage||A person's ability to go through life is severely affected||£54,830 to £115,730|
|Moderately Severe Psychiatric Damage||Injuries similar to above but showing better signs of recovery||£19,070 to £54,830|
|Moderate Psychiatric Damage||The person will have mostly recovered after showing problems similar to above||£5,860 to £19,070|
|Less Severe Psychiatric Damage||A person's ability to perform daily tasks was affected for a while||£1,540 to £5,860
You do not need to seek out both forms of compensation. The ruling in the Court of Appeal case, Vidal-Hall and others v Google Inc 2015, means you can seek out either form of compensation independently, or together.
For more information on whether you can claim compensation after a UK GDPR breach, please contact one of our advisers
Our solicitors could help you make a claim and represent you on a No Win No Fee basis. A conditional fee agreement means, you would not have to pay an upfront fee to hire them. They would not charge you a fee either as they handled your claim. Their fee would only come on the condition that your claim was successful and you were awarded compensation. A success fee, which is a legally capped percentage of the compensation you are awarded, would be due.
If your claim was not successful, you would not have to pay a success fee.
To inquire about working with one of our solicitors, please get in touch with our advisers. They can discuss your claim with you and potentially offer you a compensation estimate. You can speak with one now by:
- Phone on 0800 073 8801.
- Email at firstname.lastname@example.org
- Through the live chat feature
- Contact Us Page
Workplace Data Breach Claim Resources
We’ve included some additional links you might find helpful, including:
- ICO: The ICO’s guide to making a complaint to an organisation
- ICO: The ICO’s guide to taking your case to court and claiming compensation
- ACAS: A government body that can offer information on pay and wages
Thank you for reading our guide about a salary information data breach. We offer guides on other topics such as:
Guide by KO
Edited by MM.