This guide looks at when you could have valid grounds to make an energy company data breach claim. We will examine the two laws that govern the handling of personal data and how failures to abide by these laws can result in data breaches.
You will also find explanations of how a data breach at a utility company could happen, as well as the harm that could be incurred as a result of this. Information on the potential data breach compensation that could be awarded after a successful claim has also been included.
Lastly, we have included a brief examination of how our solicitors could take up your potential claim under a specific type of No Win No Fee contract and all the benefits this presents to claimants.
Expert Advice On Claiming For A Utility Company Data Breach
To discuss your potential claim in more detail, and to get an assessment of your particular circumstances, contact our team of advisors. You can get in touch via:
- Phone on 0800 073 8801.
- Our online “contact us” form.
- The live chat button in the bottom lefthand of the screen.
Select A Section
- Could I Make An Utility Company Data Breach Compensation Claim?
- What Customer Data Could Utility Companies Handle?
- What Evidence Does My Data Breach Solicitor Need?
- Calculating Compensation For A Utility Company Data Breach
- Get Help Claiming On A No Win No Fee Basis
- Learn More About Claims For Data Breaches
Could I Make A Utility Company Data Breach Compensation Claim?
The Information Commissioner’s Office (ICO), an independent public body that upholds data protection rights, define a personal data breach as a security incident that affects the confidentiality, availability or integrity of personal data. The individual to whom the personal data relates is called the data subject.
The data controller is the organisation that decides how and why your personal data will be processed. If your data is processed externally, the party contracted to process that data is referred to as the data processor. Both of these parties have responsibilities concerning the storage, handling and processing of your data.
Both data controllers and processors are required to adhere to the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). A failure of the data controller or processor to follow data protection law can result in a utility company data breach.
In order to start a data breach claim, the following criteria need to be met:
- There was a failure to uphold their obligations under data protection law by the data controller or processor.
- This failure resulted in a data breach which affected your personal data.
- You experienced financial loss, psychological distress or both because of this breach.
What Is The Limitation Period On Utility Company Data Breach Claims?
The limitation period for starting a utility company data breach claim is generally 6 years. Contact our advisors as soon as you can if you have been affected by a data breach. They can provide more guidance on the time limit and walk you through the claims process. You can talk to one of our team using the contact details above.
What Customer Data Could Utility Companies Handle?
The ICO define personal data as any information that can be used, either directly or indirectly, to identify you. A utility company could handle personal data such as your name, address and contact information such as your email address and phone number. They can also handle your bank account or credit card details for billing purposes. Circumstances that could result in a utility company data breach where your personal data is compromised could include:
Deliberate Action
- A cyber attack that resulted in multiple data subjects’ addresses and contact information being stolen.
- An employee deliberately disclosing clients’ personal data.
Human Error
- An employee of a utility company sends correspondence regarding your utility bill to the wrong address.
- Inadequate physical security means documents containing your personal data were lost.
- A failure to adequately dispose of documents containing financial information led to unauthorised persons obtaining your credit card details and subsequent financial losses.
For more information on the circumstances when a utility company data breach can occur, talk to our advisors. They can advise you on whether you have valid grounds to start the claims process. Contact our team today using the details below.
What Evidence Does My Data Breach Solicitor Need?
In order to show you sustained harm from the utility company data breach, you will need to present evidence. Possible examples include:
- Any communications between you and the utility company outlining that a data breach occurred and personal data affected.
- Medical records that show you suffered psychological harm due to the data breach.
- Financial documents, such as your credit or debit card statements, showing the monetary losses that occurred because of the data breach.
An organisation that experiences a data breach that puts the rights and freedoms of data subjects at risk should notify them without delay. The organisation should also notify the ICO of the data breach within a 72-hour period. The ICO may investigate this breach. The ICO does not award compensation, their findings can nevertheless be useful evidence for your claim.
You can express concerns about how a utility company is handling your data at any time. You can subsequently complain to the ICO if you are unsatisfied with the utility company’s response.
Calculating Compensation For A Utility Company Data Breach
A compensation payout for a successful utility company data breach claim can be made up of:
- Material damage is the financial losses experienced by the data subject following a breach of their personal data.
- Non-material damage is the psychological harm, such as stress, depression or other mental health injuries, caused by the data breach.
The ruling in the Court of Appeal case Vidal-Hall and others v Google Inc (2015) established a precedent that data subjects can claim for non-material impacts of data breaches without their having to have been a material loss.
Solicitors can calculate values for psychological harm in data breach cases as they would in personal injury claims, using the Judicial College Guidelines (JCG). The JCG is a publication that lists various types of injuries alongside their guideline award brackets.
To compile our compensation table of non-material damage, we have used the JCG figures. However, it is important that we emphasise this table has been provided to act as guidance only. The JCG figures are guideline brackets, not guarantees, as data breach claims are assessed case-by-case.
Compensation Table
| Harm | Guideline Bracket | Notes |
|---|---|---|
| Severe Psychiatric Injury (a) | £54,830 to £115,730 | Marked problems affecting the person’s life, work, relationships and education. Award level affected by the extent of treatment and future prognosis. |
| Moderately Severe Psychiatric Injury (b) | £19,070 to £54,830 | Significant problems affecting work life, social interaction and education but prognosis will be much more positive than in (a). |
| Moderate Psychiatric Injury (a) | £5,860 to £19,070 | Although there will be an affect on work and social life, marked improvements will have taken place. |
| Less Severe Psychiatric Injury (d) | £1,540 to £5,860 | Period of disability and affect on daily activity and sleep patterns will be considered. |
| Severe Post-Traumatic Stress Disorder (a) | £59,860 to £100,670 | Permanent effects on employment and severe impacts on all aspects of daily life. |
| Moderately Severe Post-Traumatic Stress Disorder (b) | £23,150 to £59,860 | Prognosis better than above (a) but still significant disability for the foreseeable future. |
| Moderate Post-Traumatic Stress Disorder (c) | £8,180 to £23,150 | The injured person will have largely recovered not be experiencing any gross disablement. |
| Less Severe Post-Traumatic Stress Disorder (d) | £3,950 to £8,180 | Virtual recovery within two years with persisting minor symptoms. |
To get more a detailed estimate of the potential value of your claim, talk to one of our advisors for a free assessment of your particular circumstances.
Get Help Claiming On A No Win No Fee Basis
Contact our advisors for an assessment of your potential claim. You could be connected with one of our solicitors if you have valid grounds to pursue a claim. Our solicitors can offer a No Win No Fee contract called a Conditional Fee Agreement (CFA). This presents distinct benefits to claimants.
With a CFA, you will, in most cases, not be met with an upfront fee or any fees during the claims process for the solicitor’s work on your case. There will likewise be no fees to pay following an unsuccessful claim.
A successful utility company data breach claim will be awarded with a compensation settlement. A percentage of this compensation will be taken by the solicitor as their success fee. The success fee percentage is capped by law, meaning the majority of the awarded compensation will be yours to keep.
To discuss your potential claim in more detail, and to get an assessment of your particular circumstances, contact our team of advisors. You can get in touch via:
- Phone on 0800 073 8801.
- Our online “contact us” form.
- The live chat button in the bottom lefthand of the screen.
Learn More About Claims For Data Breaches
See some of our other data breach claim guides
- Read more about who is eligible to start a claim after a loan provider data breach.
- Find out if you are eligible to claim following a university data breach.
- See our data breach FAQs guide.
Other resources you may find useful
- NHS – Guidance on stress.
- ICO – General information for the public.
- GOV – Data Protection.
We’d like to thank you for reading our guide on making a claim following a utility company data breach. Speak to our team of advisors for more information about making a data breach claim. Our advisors can also assess your particular circumstances free of charge. To talk to a team member, use any of the contact details listed above.