When Can You Claim For An Internal Email Data Breach?

This guide sets out when data breach compensation could be claimed following an internal email data breach that has caused financial or emotional suffering on your part. In law, certain parties have a responsibility to protect your personal data. We explain this throughout our guide and provide some email data breach examples that could lead to your personal data being exposed.

Later on, we look at what you could do to strengthen your case after an email data breach such as collecting supporting evidence. Also, we show you how data breach claims are calculated and what any compensation awarded covers.

Finally, we show you how one of the expert data breach solicitors from our panel could help you to claim for your suffering on a No Win No Fee basis.

Claim For An Internal Email Data Breach

Claims Guide For An Internal Email Data Breach

For a free review of your internal email data breach claim, you can:

  • Phone 0161 696 9685 to speak to an advisor.
  • Connect to our 24/7 live chat service.
  • Contact us here to arrange a callback.

Please carry on reading to find out more about email data breaches. If you have questions along the way, please don’t hesitate to call.

Jump To A Section

When Can You Claim For An Internal Email Data Breach?

Certain parties have a legal responsibility to protect your personal data. The applicable laws are the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA).

These parties are:

  • Data controllers – those who choose when (and how) your personal data is processed.
  • Data processors – those who process your data on behalf of the data controller.

In some cases, data controllers will process your personal data in-house and there won’t be an external data processor.

The Information Commissioner’s Office (ICO) is an independent body that acts to uphold your rights and to ensure that the laws listed above are adhered to.

Failure to comply with data protection laws by either the data processor or controller could lead to a personal data breach.

According to the ICO, a personal data breach is any type of security incident where your personal data’s availability, integrity or confidentiality is impacted.

If you wish to claim for an internal email data breach, it must be proven that:

  • Either the data controller or processer failed to protect your personal data in line with the UK GDPR and the DPA
  • That failure to comply caused your personal data to be exposed in a data breach; and
  • As a result, you have suffered financial losses or mental harm.

If you believe you’ve been the victim of an email data breach and suffered as a result, why not call our team for advice on your options?

How Could An Internal Email Data Breach Happen?

There are several ways in which your personal information could be exposed by an internal email data breach including:

  • When a hospital emailed its monthly employee newsletter, it contained an attachment of your patient medical record.
  • A file containing your disciplinary record was sent to finance in an email error.
  • The bank accidentally emailed your statement to a number of different colleagues in an error rather than emailing it directly to you.

Remember, if you want to make an email data breach claim following an internal email error, you must be able to prove that the incident occurred because the data controller or processor failed to adhere to data protection laws, and this caused you to suffer financially or emotionally.

To discuss your potential internal email data breach claim, please contact our team today.

What Should You Do If Your Personal Data Has Been Exposed By An Email Data Breach?

Following an internal email data breach, there are some steps you could take that may strengthen any future compensation claim.

Here are some examples of what to do after an email data breach:

  • Keep copies of any emails that prove the breach occurred. Also, you should be notified without any undue delay if the breach meant your freedoms or rights were at risk. Therefore, keep a copy of any letter or email you received.
  • Keep tabs on any financial losses incurred as a result of the breach and retain evidence to prove them. This may be in the way of receipts, bank statements or wage slips.
  • Make a note of any mental suffering you’ve endured. Copies of medical records or reports from a specialist could also be helpful.

Following some data breaches, organisations must report the incident to the ICO. This may result in a report about the incident following an investigation. If such a report exists relating to the data breach that has affected you, it could also be used as evidence in any subsequent compensation claim.

Data Breach Claims – Potential Compensation Payouts

If you make a successful internal email data breach claim, two types of compensation could make up any settlement you receive.

Anxiety, post-traumatic stress disorder (PTSD), and stress due to a data breach are all examples of non-material damage that you could be awarded compensation for.

To help calculate data breach claim values for non-material damage, your solicitor may refer to the Judicial College Guidelines (JCG). The JCG contains compensation guideline brackets for various types of harm.

Our table below uses data from the JCG. Please note, these amounts are not guaranteed and settlements can vary widely. The bracket amounts provided are merely guidelines.

Compensation Table

The first entry of the table was not taken from the JCG.

Injury (Non-material damage) Category Compensation Guidelines Detailed Information
Severe mental health impact plus significant financial losses. Severe Up to £150,000+ The claimant is affected very severely by poor mental health and a negative prognosis has caused them substantial financial losses such as lost earnings.
General Psychiatric Damage Severe £54,830 – £115,730 Marked problems affecting future vulnerability, relationships, the ability to cope with work and the likelihood of treatment helping will all result in a very poor prognosis.
Moderately Severe £19,070 – £54,830 The claimant will suffer significantly with the factors listed above but their prognosis will be much more optimistic.
Moderate £5,860 – £19,070 Similar problems to the very severe bracket initially but a marked improvement will lead to a good prognosis.
Less Severe £1,540 – £5,860 The amount awarded here will depend on how long the claimant was affected i.e. the impact on their daily activities and sleep problems.
Post-Traumatic Stress Disorder (PTSD) Severe £59,860 – £100,670 PTSD symptoms in this bracket will be permanent and affect every aspect of the claimant’s life badly. They will not be able to function as they did before the incident and they won’t be able to work.
Moderately Severe £23,150 – £59,860 While suffering will be similar to the category above, there will be hope of some recovery (with professional support) leading to a better prognosis.
Moderate £8,180 – £23,150 Where the claimant has largely recovered. Any ongoing PTSD symptoms won’t be massively disabling.
Less Severe £3,950 – £8,180 Only minor symptoms will continue after an almost complete recovery within a year or two.

Material Losses In An Email Data Breach Claim

Material damage is the financial losses or costs linked to the data breach.

For example:

  • Any income you’ve lost because of time you had to take off from work due to stress.
  • Any money lost because your personal data got into the hands of criminals after the breach.

These losses will need to be proven so you should supply financial records such as wage slips and bank records.

To find out if you could claim compensation for an internal email data breach, why not speak to us today?

Can I Make An Email Data Breach Claim On A No Win No Fee Basis?

Call our advisors now for a free case assessment. If they can see that you have good grounds, they could connect you to a No Win No Fee solicitor to manage your data breach compensation claim.

The solicitors from our panel use a specific type of No Win No Fee contract called a Conditional Fee Agreement (CFA).

The CFA means that:

  • There’s no requirement to pay for your solicitor’s work upfront or as the claim progresses.
  • If the claim is lost, you don’t pay fees for your solicitor’s services.
  • If the claim is won, your solicitor will deduct a success fee from your compensation for their efforts. To protect you, the success fee percentage is legally capped.

To see if you could be represented by a No Win No Fee solicitor from our panel for your internal email data breach claim, you can:

  • Call us on 0161 696 9685 to discuss your case.
  • Use our 24/7 online chat service.
  • Contact us here to arrange a callback.

Learn More About Claiming For Email Data Breaches

Here are a few more of our data breach compensation guides:

  • Find out if you could claim if a company sent personal data to the wrong address.
  • Seeking data breach compensation may be possible if an organisation sent your personal data to the wrong recipient via text message.
  • When a company sent your personal data in a mass internal email, did this make any existing mental health conditions worse? If, so, find out if you could be eligible to claim.

Finally, here are a few external links that might be useful:

Please let us know if you’ve any further questions about internal email data breach claims.