Data Breach Compensation

In this guide, we will explain what a personal data breach is and clarify when you can claim data breach compensation. If an organisation has breaches your data, it could affect you in various ways. For example, you may experience stress or develop a more severe psychological injury such as post-traumatic stress disorder (PTSD). You could also suffer financially, such as if your bank details are stolen and someone takes loans out in your names.

Data breach compensation claims guide

Data breach compensation claims guide

This guide will explore how data protection law sets out a data controller and processors responsibilities. A data controller sets the purpose for processing your personal data and can often process it themselves. A data processor will act on behalf of the controller.

If they fail to adhere to data protection law causing your personal data to become compromised leading to you suffering financial loss or mental harm, you may be able to claim. We will explore this further in our guide.

For more information, please don’t hesitate to contact our team of advisors. To get in touch, you can:

Select A Section

What Is A Data Breach Compensation Claim?

A breach of your personal data involves a security incident that has resulted in the confidentiality, integrity or availability of your personal data being affected.

Businesses and organisations will often collect personal data for operational and commercial purposes. Organisations may collect data from customers, employees and other stakeholders. The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA) protect personal data of those who reside in the UK. It sets out a data controller and processors responsibilities such as taking security precautions to minimise the risk of data breaches happening.

You can sometimes claim data breach compensation if an organisation has breached your personal data. However, you will need to prove the following:

  • An organisation breached your personal data because it failed to comply with data protection legislation.
  • You experienced emotional distress or mental health injuries because of the data breach or financial losses.

For more information, call us on the number above.

Why Do Data Breaches Happen?

There are various ways a data breach could occur leading to you claiming data breach compensation. We have explored examples in the sections below.

Human Error

Human error can include when an employee makes a mistake when handling someone’s personal information.

For example, an employee may throw away a file containing someone’s personal information without disposing of it correctly. This could happen as a result of an organisation failing to provide employees with relevant and adequate data protection training.

Other examples of human error data breaches might include:

  • Employer data breach: An employer may leave a file containing your disciplinary records on their desk. As a result, someone who wasn’t authorised, was able to access it.
  • Bank data breach: A member of staff may have sent a letter containing your new debit card and pin to the wrong address. As a result, someone may have been able to access the money in your account.
  • Medical data breach: A doctor may have verbally disclosed information about a patients medical history to someone who wasn’t authorised.
  • School data breach: A school may have sent an email to a pupil’s parents containing sensitive information to the wrong email address.

Cyber Security Breaches

Organisations must ensure they keep their cyber security systems up to date. This can help them reduce the risk of cyber attacks. However, if they fail to do so it could result in cyber security incidents such as a ransomware attack.

For example, a cyber hacker may gain access to digital files due to poor online security systems. As a result, they may leak these files containing multiple people’s personal information.

Other examples of cyber security incidents include:

  • Brute force
  • Cryptographic flaw
  • Malware
  • Phishing
  • Ransomware
  • Unauthorised access

How Common Are Data Breaches?

The Information Commissioner’s Office (ICO) is the public body responsible for upholding a data subjects rights and freedoms.

They also provide an insight into data security incident trends. As per their statistics, there was a total of 2,172 cyber and non-cyber security incidents during quarter 4 of the financial year 2020/21.

Check What You Could Claim With A Data Breach Compensation Calculator

If you make a successful data breach compensation claim, you could receive up to two heads of claim.

  • Material damages: These compensate for any money you have lost due to the personal data breach. For example, if someone has stolen your identity and taken loans out in your name, this could continue to impact you in the future. You can provide evidence such as bank statements or a credit score statement to help you prove any financial losses.
  • Non-material damages: These compensate you for the psychological harm caused by the personal data breach. This can include emotional distress, anxiety, post-traumatic stress disorder and stress.

Previously, you could only claim for psychological harm if you were also claiming for financial loss. However, you can now claim for psychological harm independently of financial loss.

In order to accurately value your psychological injuries, solicitors can refer to the Judicial College Guidelines which contains compensation brackets that correspond to different injuries.

They often use this document to help them calculate the value of fatal accident claims, medical negligence claims and public liability claims. Also, they help solicitors value personal injury claims such as road traffic accident and accident at work cases.

Type of HarmGuideline Compensation AmountsNotes
Psychological Harm - Severe (a)£54,830 to £115,730The person has received a poor prognosis and have experienced an impact in many areas of their life.
Psychological Harm - Moderately Severe (b)£19,070 to £54,830The person will have a more optimistic prognosis despite significant issues.
Psychological Harm - Moderate (c)£5,860 to £19,070The person will have a good prognosis and have made a significant improvement.
Psychological Harm - Less Severe (d)£1,540 to £5,860The award given will depend on the extent to which daily activities and sleep have been affected.
PTSD - Severe (a)£59,860 to £100,670The person will experience a permanent impact on all parts of their life.
PTSD - Moderately Severe (b)£23,150 to £59,860The person will have a better prognosis due to professional help.
PTSD - Moderate (c)£8,180 to £23,150The person will have largely recovered with only some symptoms that aren't majorly disabling continuing.
PTSD - Less Severe (d)£3,950 to £8,180The person will make a mostly full recovery within a couple of years.

However, please remember that the final amount of compensation you receive may differ from what you see in the table.

Make A No Win No Fee Data Breach Compensation Claims

A No Win No Fee solicitor from our panel can offer their services under a Conditional Fee Agreement (CFA). As such, you wouldn’t pay for your solicitor’s services if your claim fails. If your claim succeeds, a success fee is deducted from your compensation as a legally capped percentage.

To find out whether a solicitor from our panel can help you claim data breach compensation, get in touch with our team. They can assess whether your claim is valid and answer any questions you may have.

You can get in touch by:

  • Calling on 0161 696 9685
  • Using the live chat feature below
  • Filling out our contact form with your query

Glossary Of Terms

Below, we have provided some key data breach terms.

  • Data Subject: The person whose personal information is being processed.
  • Data Controller: They decide on the purpose for processing personal data. They can also process this data themselves.
  • Data Processor: They process data on behalf of the controller.
  • Personal data: This is personal information that can be used to identify you.

Useful Guides For Data Breach Claims

Below, we have provided some additional resources that you may find useful.

If you have any other questions regarding how to seek data breach compensation, please get in touch on the number above.

Page by AE

Published by NL