Can I Claim For A Breach Of Sickness Information At Work?

Can I Claim For A Breach Of Sickness Information At Work?

Can I Claim For A Breach Of Sickness Information At Work Guide

If you experience a breach of sickness information at work, does this mean you can make a personal data breach claim? In this guide, we look at what criteria needs to be fulfilled before you, the data subject, can make a data breach claim. 

In this country, we have data protection laws in place. They set out how organisations, including employers, should keep your personal data safe. Additionally, should your personal data be included in a data breach, they set out compensation eligibility. We examine these and your compensation eligibility. 

Sensitive personal data is given additional protections under data protection laws. Sensitive data includes medical information. Additionally, we take a look at what other personal data is considered special category data. 

If you decide to make a data breach claim, you might like to learn more about compensation. We explore the two heads that could make up data breach compensation. 

To conclude this guide, we examine No Win No Fee arrangements. Hiring the services of a No Win No Fee solicitor might prove beneficial to your claim. 

If you have any questions regarding a breach of sickness information at work, you can get in touch with our data breach advisory team. If your claim seems eligible, they could pass you to a  No Win No Fee solicitor from our panel. 

 To speak to us:

Select A Section

  1. What Is A Breach Of Sickness Information At Work?
  2. Types Of Sickness Information
  3. Do Workplace Data Breaches Need To Be Reported?
  4. What Could Be Done After A Breach Of Sickness Information At Work?
  5. Could You Claim For A Breach Of Sickness Information At Work?
  6. Claim Now

What Is A Breach Of Sickness Information At Work?

We have the Data Protection Act 2018 sitting alongside the UK General Data Protection Regulation (UK GDPR) to protect data security. These pieces of legislation: 

  • Grant data subjects more rights over how their data is processed.
  • The data controller or processor is held responsible if a data breach occurs that is due to them not adhering to data protection law. A data controller is typically an organisation that determines why and how data is processed. The processor will usually process the data on behalf of the controller. 
  • Additionally, these pieces of legislation set out data breach compensation eligibility. 

A personal data breach is a security incident.  A data breach impacts the confidentiality, availability or integrity of your personal data. 

Article 82 of the UK GDPR sets out your right to claim compensation if your personal data is compromised. Specific eligibility criteria apply:

  • You must prove that the data controller or processor failed to comply with data protection legislation. 
  • In addition, the breach must have included your personal data. 
  • You must have experienced harm. This could be financially or a psychological injury

To claim for a breach of sickness information at work, the breach must have included data protected under law. Also, the organisation that experienced the breach must be liable. 

Types Of Sickness Information

You might want to know what types of information your employer holds on you should you experience a breach of sickness information at work. Employers are bound to data protection legislation as much as any other organisation. Due to its sensitive nature, most of your medical data is classed as ‘special category’ data. Data protection laws give special category data additional protections. 

Your personal data includes:

  • Name
  • Address
  • Email address
  • Phone Number
  • Bank account and sort code information

Special category data includes:

  • Medical data 
  • Race and ethnicity
  • Trade union membership
  • Political beliefs
  • Religious beliefs
  • Genetic and biometric information. 

Compromising your medical conditions in a data breach may cause unnecessary stress. If your next of kin relative’s personal data was included in the data breach, you might even experience a family data breach

Get in touch with our advisors for free legal advice if you’ve experienced a breach of sickness information at work caused because of lack of compliance with data protection laws. 

Do Workplace Data Breaches Need To Be Reported?

Your employer should notify you without undue delay if your rights are infringed after a data breach. They should tell you what information the breach included. This can help you take steps to protect your data. Once notified, you can ask them what they are doing to put it right. 

If you suspect your employer is failing to keep your data secure, you can report them. The Information Commissioner’s Office (ICO) is an independent body set up to protect data security. Your employer should report any data breach that affects your rights and freedoms to the ICO within 72 hours of discovery. 

If you want to make a personal data breach claim there are steps you can take: 

  • Firstly, make a complaint to your employer. Keep any correspondence as this can be used as evidence. 
  • You can request to see what information an organisation holds on you. If it is inaccurate, you can request it is changed. 
  • You can raise a complaint with the ICO if you have not received a response or the response is inadequate. Complaints need to be brought to the ICO within 3 months of the last meaningful contact with your employer or data controller. 
  • You can hire a solicitor if you want help with any of this. We have an expert panel of No Win No Fee data breach solicitors.

What Could Be Done After A Breach Of Sickness Information At Work?

Your employer should have data protection procedures in place should a breach of sickness information at work occur that contains your personal data. Human error could result in an accidental data breach. For example, a data breach occurs if your employer emails, faxes, or posts personal data about you in a letter to the wrong recipient. 

Your employer must decide if the personal information data breach will likely infringe on your rights and freedoms. For example, if the data breach included your medical data, this could infringe on your freedoms, such as discrimination. They must report this to you without undue delay. 

Free legal advice is available from our data breach claims team. 

Could You Claim For A Breach Of Sickness Information At Work?

Successful personal data breach claims can include material and non-material damage. 

Prior to the Court of Appeal judgement in the Vidal-Hall and others v. Google Inc. (2015) case, you needed to claim for a financial loss to qualify. However, this case set a precedent for awarding data breach damages. You can claim non-material damage, such as for post traumatic stress disorder (PTSD), stress or depression, without claiming material damage. 

Legal professionals refer to the Judicial College Guidelines (JCG) when accessing personal injury claims. Legal professionals will use the same document to help assign value to your psychiatric damage in a data breach claim. It contains injuries listed alongside compensation brackets. The table below contains figures for psychological injuries from the latest edition, published in April 2022. 

Mental Health Condition How Serious Bracket Amounts Description
PTSDSevere level £59,860 to £100,670The claimant will suffer with permanent severe symptoms. A return to life before the condition is very unlikely.
PTSDModerately severe level£23,150 to £59,860Seeking help in a professional could help the claimant recover. However they will also suffer with severe PTSD symptoms into the future.
PTSDModerate level£8,180 to £23,150The claimant will make a good level of recovery. If any symptoms persist they will not be of a major disability.
PTSDLess severe level£3,950 to £8,180Within two years a near full recovery if not full recovery will have been made.
Psychological InjurySevere level£54,830 to £115,730The claimant's ability to cope with life and in relationships is severely impacted. Additionally, the prognosis is very poor.
Psychological InjuryModerately severe level£19,070 to £54,830The claimant experiences significant problems coping in life and with relationships, but the prognosis is optimistic.
Psychological InjuryModerate level£5,860 to £19,070There have been problems coping with life and relationships, but improvements occur with a good prognosis.
Psychological InjuryLess severe level £1,540 to £5,860The claimant experiences a period of disability that impacts their day-to-day activities and sleep.

Claim Now

If you decide to make a breach of sickness information at work compensation claim, after your personal data was breached, you may want to hire a No Win No Fee solicitor. They could provide their services under a Conditional Fee Agreement (CFA). 

For you, this means that you won’t have to pay an upfront solicitors fee. If your claim is successful, your solicitor will take a success fee from your award. Legal caps apply. If your claim is not successful, however, you will not pay a success fee. 

Our advisors can give you free data breach legal advice. Why not get in touch with a member of our data breach advisory team? They can provide free legal advice about what to do after your personal data was compromised in a breach of sickness information at work. 

To speak to us:

External Resources

Guides Related To A Breach Of Sickness Information At Work