Claiming For An Internal Email Data Breach

This guide explores when you could be eligible to begin a claim for data breach compensation following an internal email data breach that has caused you financial loss and/or psychological harm. It will discuss the eligibility requirements for starting a personal data breach claim, the evidence you could collect to support your case, and how compensation is calculated.

internal email data breach

Claiming For An Internal Email Data Breach

Additionally, we look at the parties who have a responsibility to protect your personal data and the legislation they must adhere to when storing, handling, or processing your personal information. Later in our guide, we look at examples of how an email data breach at work could occur and the impact it could have.

We conclude our guide by explaining the benefits of hiring a No Win No Fee solicitor to represent your case and the terms under which they could offer their helpful services.

For further guidance on data breach claims or to discuss your specific case, please get in touch with our team of helpful advisors. To reach them, you can:

  • Call 020 8050 3051
  • Speak with an advisor via the live chat function below.
  • Fill out our online contact form.

Browse Our Guide

  1. Eligibility Criteria When Claiming For An Internal Email Data Breach
  2. Examples Of How An Internal Email Data Breach Could Happen
  3. How Much Compensation Could You Receive After An Email Data Breach?
  4. What Evidence Could Help Prove Email Data Breaches?
  5. Claim For An Internal Email Data Breach Using A No Win No Fee Solicitor
  6. Learn More About Workplace Data Breach Claims

Eligibility Criteria When Claiming For An Internal Email Data Breach

There are two parties responsible for protecting your personal data, which is any information that can be used to identify you, such as your name, email address, and phone number. The parties are known as data controllers and processors. Controllers, often an organisation, such as an employer, decide how and when your personal data is used and sometimes process it themselves. If they don’t process the data themselves, they can outsource the task to a data processor who acts on their behalf.

Both parties must comply with the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR) when storing, processing, and handling your personal data. If they fail to do so, it could result in a personal data breach

The Information Commissioners Office (ICO) is an independent body set to uphold the information rights and freedoms of data subjects. The ICO defines a personal data breach as a security incident that impacts your personal data’s integrity, confidentiality and availability.

In order to begin a claim following a breach of your personal data, you must prove:

  • The data breach was caused by a failure on the part of the controller and/or processor to comply with the DPA and UK GDPR.
  • As a consequence, your personal data was compromised.
  • You suffered financial harm, psychological injury or both as a result.

Call our team to find out whether you’re eligible to begin a claim for an internal email data breach that compromised your personal data and caused you mental harm and/or monetary loss.

Examples Of How An Internal Email Data Breach Could Happen

An employer could store and process a variety of personal data. As mentioned, personal data is information that can be used to identify you either by itself or when processed alongside other identifiable data. For example, your phone number, name, email address, postal address, and credit or debit card details are all considered personal data.

Additionally, another type of personal data is given extra protection due to it’s sensitive nature. This is known as special category and can include data concerning your health, biometric data when used for the purpose of identification, and data revealing your racial or ethnic origin.

Below, we have provided examples of how an internal email data breach at work could happen leading to your personal data being compromised.

  • The company fails use the blind carbon copy (BCC) function before sending a group email to all employees in the company.
  • Information about your pay, including an attachment of your payslip, is sent to the wrong employee by accident.
  • The HR department sends an email concerning your health and medical conditions to the wrong employee.
  • The company has inadequate cyber security software in place and internal emails involving your personal data are hacked in a malware or ransomware attack.

Each of these incidents could cause you stress, anxiety, or depression. Additionally, you could suffer financial loss, such as lost earnings from having to take time off work to deal with the emotional impact of the breach.

If you wish to discuss your particular case, speak to an advisor on the number above to see whether you could claim for the impacts of a personal data breach.

How Much Compensation Could You Receive After An Email Data Breach?

Internal email data breach claims with a successful outcome can see a settlement awarded to address up to two types of damage. The first is non-material damage which refers to psychological harm caused by the personal data breach, such as distress and post-traumatic stress disorder, in more severe cases.

Those responsible for calculating the value of your mental harm can refer to medical evidence and the Judicial College Guidelines (JCG). The JCG is a document containing guideline award brackets for multiple kinds of mental harm. You can find a selection of these in the following table. However, please use the figures as a guide only.

Award Bracket Examples

Type of HarmSeverityNotesAward Bracket Guidelines
General Psychological/Psychiatric Harm(a) SevereA very poor prognosis and marked problems with respect to different areas of the person's life, such as their ability to cope with life, education, and work.£54,830 to £115,730
(b) Moderately SevereSignificant issues with respect to multiple areas of the person's life, such as being able to cope with work, life, and education but with a better prognosis than in more severe cases.£19,070 to £54,830
(c) ModerateThe person has shown a significant improvement and they will have a good prognosis.£5,860 to £19,070
(d) Less Severe Consideration will be given to how long the person was affected and to what extent they were affected. £1,540 to £5,860
Post-Traumatic Stress Disorder (PTSD)(a) SevereThe person experiences permanent and negative impacts on all areas of their life and is unable to function at a pre-trauma level.£59,860 to £100,670
(b) Moderately SevereWhilst the effects are still likely to result in a significant disability affecting the person for the foreseeable future, there is a better prognosis and some recovery after professional help is sought.£23,150 to £59,860
(c) ModerateA substantial recovery is made and any persisting issues won't cause a major disability.£8,180 to £23,150
(d) Less Severe Almost a full recovery seen within a 2-year period and minor symptoms only persisting beyond this point.£3,950 to £8,180

How To Claim For Material Losses

The other type of damage you could receive compensation for is called material damage. This refers to money that you lost due to the personal data breach. Examples of the losses and evidence that can prove them include:

  • Bank statements that reveal money taken from your account.
  • Evidence of a damaged credit score, such as a statement.
  • Proof of fraudulent credit card and debit card purchases.

Please feel free to connect with our team on the number above to ask any questions about how compensation for a data breach is calculated.

What Evidence Can Help Prove Email Data Breaches?

Evidence that could help prove an internal email data breach and the impact it had on you includes:

  • Correspondence with the organisation. Organisations must notify you of a breach that puts your rights and freedoms at risk without undue delay from when they discovered the breach. They can do so via a letter of notification that should inform you of the breach occurring and what personal data was affected. You could use this letter as evidence to support your case.
  • Findings from an ICO investigation. Organisations need to notify the ICO within 72 hours of discovering a breach that affects your rights and freedoms. The ICO may investigate and any findings could help support your claim.
  • Evidence of financial loss caused by the data breach. This can include wage slips or bank statements.
  • Evidence of any mental harm, such as reports from a doctor.

For more information on how you could build a strong case, please contact an advisor.

Claim For An Internal Email Data Breach Using A No Win No Fee Solicitor

You might wish to seek legal representation when seeking compensation for an internal email data breach. If so and you have a valid claim, you could benefit from working with an expert solicitor from our panel. They can use their knowledge of the data breach claims process to guide you through the different stages of taking legal action against your employer for a breach of your personal data.

Additionally, they offer their services via a version of the No Win No Fee contract called a Conditional Fee Agreement (CFA). Under this arrangement, no fees for the solicitor’s services are required:

  • As your case begins.
  • While your case is in progress.
  • If your case has a failed outcome.

If the claim wins, you will need to pay a success fee. This is taken as a percentage of your compensation by your solicitor before your settlement reaches you. However, there is a legislative cap on this percentage. This means you always benefit the most from your data breach payout.

It’s easy to discover if you could be eligible to work with one of the expert data breach solicitors on our panel under these terms. Simply contact a team member for a free case check. Alternatively, they can provide further guidance on claiming for an internal email data breach.

To reach them, you can:

  • Call the team on 020 8050 3051
  • Speak via the live chat bubble below.
  • Fill out our online contact form.

Learn More About Workplace Data Breach Claims

You can find more of our helpful guides relating to data breach claims below:

You can find more external resources below:

Thank you for reading our helpful guide on claiming for an internal email data breach. If you have any questions, please contact an advisor via the details provided above.