By Jo Anderson. Last Updated 2nd January 2024. There are certain types of data and information that need to be kept secure. This includes any identifiable data and information that is considered to be sensitive. Any organisation (data controllers) that handle your personal data must abide by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. So if you have fell victim to a salary information data breach can you make a personal data breach claim? Find out in this guide.
We will talk about the rules set out in the UK GDPR and Data Protection Act 2018 (DPA); the country’s two main legislation on data protection. We will explain what actions can be a data breach, and offer information on the steps you can take if you suffered harm from one. We will also explain how you can get in touch with a solicitor to help you make a claim for compensation.
Advisers are also available to answer any questions you might have. They offer free legal advice and can discuss your situation with you. To contact one, either:
- Call them on 0800 073 8801.
- Email them at office@accidentclaims.co.uk
- Use the live chat feature
- Contact Us Page
Salary Information Data Breach Claims Guide
Select A Section
- When Can I Claim For A Salary Data Breach?
- What Is A Salary Information Data Breach?
- Real Examples Of Salary Data Breaches
- Is Salary Information Covered By UK GDPR?
- How Can You Claim For A Slary Information Data Breach?
- Compensation For A Salary Information Data Breach
- Begin Your Salary Information Data Breach Claim
When Can I Claim For A Salary Data Breach?
Any organisation that processes your personal data, such as your workplace, must take all necessary steps to protect it. In a later section, we will provide examples of information that are considered as personal data.
They must also adhere to the rules and regulations found within the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Together these form data protection laws.
If your workplace were to fail to adhere to data protection laws, this could result in a salary data breach that compromises your personal data.
To be eligible to make a personal data breach claim, you must be able to prove:
- The breach was caused by the organisation’s actions or inactions.
- Your personal data was compromised in the breach.
- Due to the personal data breach, you suffered financially or mentally.
To see whether you could be eligible to make a claim for employer data breach compensation, you can contact our advisory team.
What Is A Salary Information Data Breach?
A personal data breach is the result of a data security issue generally within an organisation. There are 7 Core Principles that those who handle personal data must abide by in order to comply with data protection laws.
Any unlawful use, sharing, altering of or destruction of your personal information can be a data breach. Two examples being:
- Your payslip, containing personal information is sent to the wrong postal address.
- A computer device, such as a USB, is left in an insecure location and contains personal financial information.
If you suffer harm from a breach your employer, or an organisation is responsible for they may be liable should you make a personal data breach claim.
Should you become a victim to a salary information data breach, please speak with one of our advisers.
What Is Personal Information?
Any information about you is your personal information. This can be information:
- That can directly identify you
- That can be used with other information to identify you:
- Relating to you, or is about you:
Processing is the act of collecting, storing, using or sharing information. When personal information is processed, it becomes personal data and so is covered under the Data Protection Act 2018.
Real Examples Of Salary Data Breaches
There are various ways that a salary data breach could occur. Below, we have included two real-life cases involving the data breach of salaries.
- In 2021, Credit Suisse discovered a data breach involving the salary information of employees dating back to 2013. The company sent an email to staff explaining that a former member of staff moved salary data from the company system to a personal device. This was in direct breach of Credit Suisse policies, and the firm has said it is pursuing legal action.
- Another example of a salary information breach is an incident in 2023 where the names and salaries of over 2,000 employees of Cumbria police were posted online due to human error.
Source: https://www.theguardian.com/uk-news/2023/aug/11/cumbria-police-admits-huge-breach-of-data-of-officers-and-staff
These are just two examples of salary data breaches that have occurred. To find out whether you may have a valid personal data breach claim if your salary information has been compromised, you can contact a member of our advisory team.
Is Salary Information Covered By UK GDPR?
As previously mentioned, personal data is any data that could be used to identify you. This means that certain parts of your salary information could be considered personal data.
Examples of salary data that could be protected under the UK GDPR and the DPA include:
- Your bank details.
- Your payslips.
- Tax information, such as what tax band you are in.
- Your national insurance number.
- Your name and address.
If you can prove that your personal data was compromised in a salary information data breach, and that this caused you to suffer mental or financial harm, you may be able to make a personal data breach claim.
Contact our advisors today to check whether you may have a valid case.
How Can You Claim For A Salary Information Data Breach?
If your personal information is exposed or leaked due to a UK GDPR breach then there are steps you can take to find out how this breach may affect you.
According to the Information Commissioner’s Office (ICO), you should first make a complaint in writing to complain about the breach. This should be to the organisation you hold liable for breaching your information. If you are unsatisfied with their response, you can then escalate internally. Should you be concerned that your issues are not being taken seriously you have the option to report them to the ICO within three months of your last correspondence.
Call our advisors about your salary information data breach. They will assess your case for free. Where they can see that you may be awarded compensation they can connect you to data breach solicitors.
Salary Information Data Breach – Time Limit For Claiming
If your salary information was compromised in an employer data breach, as well as meeting the relevant eligibility criteria, you must also ensure that your claim is made within the correct time limit.
You will generally have 6 years to start a personal data breach claim. However, this time limit is reduced to 1 year if you are making your claim against a public body.
To see whether you may have a valid claim and are within the relevant time limit, you can contact our advisory team. If it seems you may have a strong claim, they could put you in contact with one of the No Win No Fee solicitors on our panel. They could help with ensuring your claim is filed in full within the correct time limit, as well as guiding you through the claim process.
Compensation For A Salary Information Data Breach
If your personal data breach claim is successful you will be awarded damages. If you suffered financial harm from the breach, you can seek compensation under a head of claim known as material damages.
If the breach affected you mentally, you can seek out compensation for the psychological injury in the second head of claim known as non-material damages. Psychological injuries can be afflictions like Post Traumatic Stress Disorder or distress from the breach.
We’ve included figures from the 2022 edition of the Judicial College Guidelines (JCG) to show you potential awards for psychological injuries. The figures come from settlements previously reached in court:
| Injury | Notes | Award |
|---|---|---|
| Severe psychological harm with associated financial losses. | Serious combinations of psychological injury combined with financial losses, which could include loss of income. | Up to £500,000+ |
| Severe Psychiatric Damage (a) | A person will have marked problems being able to deal with their working and social life. The prognosis will also be very poor. | £54,830 to £115,730 |
| Moderately Severe Psychiatric Damage (b) | Significant issues coping with life and other factors, but there is a more optimistic prognosis. | £19,070 to £54,830 |
| Moderate Psychiatric Damage (c) | Marked improvements will have been made, despite suffering from various issues. | £5,860 to £19,070 |
| Less Severe Psychiatric Damage (d) | How much daily activities and sleep were impacted will affect the amount awarded. | £1,540 to £5,860 |
| Severe PTSD (a) | Permanent effects will prevent the person function the same as they did before the trauma. | £59,860 to £100,670 |
| Moderately Severe PTSD (b) | Some recovery available with professional help. However, the person will still suffer with a significant disability for the foreseeable future. | £23,150 to £59,860 |
| Moderate PTSD (c) | A person will have mostly recovered and any persisting effects will not be majorly disabling. | £8,180 to £23,150 |
| Less Severe PTSD (d) | A person will have more or less fully recovered within 1- 2 years | £3,950 to £8,180 |
You do not need to seek out both forms of compensation. The ruling in the Court of Appeal case, Vidal-Hall and others v Google Inc 2015, means you can seek out either form of compensation independently, or together.
For more information on whether you can claim compensation after a UK GDPR breach, please contact one of our advisers.
Begin Your Salary Information Data Breach Claim
If you are eligible to make a salary data breach compensation claim, one of our solicitors may offer to assist you under a No Win No Fee arrangement. Under an arrangement such as a Conditional Fee Agreement (CFA), you would not have to pay them upfront for their work. Nor would you have to pay them for their services while your claim was in progress. If your claim is unsuccessful, you will not need to pay them for the services they have provided.
Instead, if your personal data breach claim is successful, the solicitor will deduct a small success fee from your compensation. The percentage that this success fee can be is legally capped.
If information regarding your salary was leaked, and you are unsure whether you could make a personal data breach claim, you can contact our advisors. They can assess your eligibility and may connect you with one of our No Win No Fee solicitors. To speak to a member of our team today, you can:
- Call 0800 073 8801
- Use the live chat feature.
- Contact us online.
Workplace Data Breach Claim Resources
We’ve included some additional links you might find helpful, including:
- ICO: The ICO’s guide to making a complaint to an organisation
- ICO: The ICO’s guide to taking your case to court and claiming compensation
- ACAS: A government body that can offer information on pay and wages
Thank you for reading our guide about a salary information data breach. We offer guides on other topics such as: