Employer Data Breach Claims – Am I Eligible To Make One?

Your workplace holds various pieces of your personal data. These may be due to your employment or for paying your salary. We explain who could make employer data breach claims after an employer has breached your personal data.

We begin this guide by explaining what personal data is and how you could be eligible to claim if your personal data is breached. Following this, we share examples of how an employer may breach your personal data. Additionally, we will also provide some advice on how employers can prevent breaches in the first place.

We will then explore how data breach compensation is calculated and the evidence you will need to claim it. Finally, you will be given the chance to consider instructing a No Win No Fee solicitor from our panel.

You can also get started straight away by contacting our advisors. They can help answer your questions and offer you free advice:

A document called Personal Records on a wooden desk next to books and a keyboard.

Choose A Section

Employer Data Breach Claims – Can I Make One?

Any information that can identify you, either directly in combination with other information, is classed as personal data.

Under the UK General Data Protection Regulation (UKGDPR) and the Data Protection Act 2018 (DPA) anyone who processes your personal data, such as your employer, must take all necessary steps and procedures to protect your data. This is per data protection law. If they fail to do so, this could lead to a personal data breach.

A personal data breach is any security incident that affects the integrity, availability or confidentiality of personal data. This could be caused by human error or a cyber incident, for example.

For any employer data breach claims to be eligible, they would need to prove:

  1. Your employer must have failed to adhere to data protection law.
  2. This caused your personal data to be breached.
  3. This breach led to you suffering financial or mental harm.

What Personal Data Could My Employer Have?

Your employer likely holds different kinds of personal data about you, such as you:

  • Name.
  • Address.
  • Date of Birth.
  • National Insurance number.

Your employer may also hold some special category data about you. This is personal data that requires extra protection due to being sensitive. This may include data regarding your:

  • Health.
  • Racial or ethnic origin.
  • Religious or philosophical beliefs.

Your employer must have a lawful basis for processing your data. If your data is breached due to your employer not adhering to data protection law, you may be able to claim.

Contact our advisors today to discuss your case.

The words Data Breach surrounded by a blue holographic circle on a black background.

How Can Employers Prevent A Data Breach?

There are various steps and procedures an employer could take to help minimise the risk of a data breach occurring within their workplace. Some examples include:

  • Keep networks secure with strong passwords, scheduled backups, and regular access reviews.
  • Ensure all staff members are up to date on data protection training.
  • Ensure all paper documents containing personal data are filed correctly and locked away.
  • Regularly update and ensure employees’ details are correct.

If your personal data has been breached due to your workplace failing to adhere to data protection regulations, you may be able to make a data breach compensation claim. Contact our advisors today to learn more.

How Could A Data Breach Happen In The Workplace?

There are various types of incidents that could lead to a workplace data breach. Some examples include:

  • Your former employer emails your dismissal records to the wrong employee due to not checking the email address. This causes you to suffer from anxiety as this employee now has access to these records containing your personal data.
  • A paper file containing your personal data is not locked away, leading to it being stolen. This causes you stress and lost earnings as you take time off work due to the stress.
  • Your employer fails to update their cyber security measures. This results in your personal data being accessed during a cyber attack and causes you to suffer from post-traumatic stress disorder.

These are only a few examples of data breach claims. To see whether you may be eligible to make a claim for compensation, you can contact our advisors.

Can I Complain To The ICO About A Workplace Data Breach?

The Information Commissioner’s Office (ICO) is the UK’s data regulator. They can investigate data breaches and also award fines to organisations that have caused data breaches and have breached data protection law. They cannot, however, award compensation.

If you decide to complain to the ICO about a data breach, they may choose to investigate. If they do, their findings could be used as evidence to support your claim. However, you must make this complaint within 3 months of your last meaningful communication with the organisation responsible for the breach about the breach. If you leave it any longer than this, the ICO may refuse to investigate.

To see whether you may be eligible to take legal action for a data breach, you can contact one of our advisors.

The word evidence written in red ink on white paper next to glasses, a pen, and a plant on a red and white background.

What Evidence Is Needed For Employer Data Breach Claims?

All employer data breach claims need to be supported with evidence. Some examples of evidence you could use to support your case include:

  • Correspondence between yourself and your employer about the data breach.
  • The findings of an ICO investigation.
  • A confirmation letter or email stating what personal data was breached.
  • Medical records detailing what psychological injury you’ve been diagnosed with.
  • Financial evidence of any losses you’ve suffered, such as wage slips showing a loss of earnings.

If you work with a solicitor from our panel, they can gather this evidence for you and more. They can also discuss any other evidence you may have. Reach out to our advisors to see if you could work with a solicitor on our panel following a breach of data protection at work.

How Much Could I Receive Following An Employer Data Breach?

The amount of compensation you receive will depend on the factors affecting your case. However, you could receive compensation for your:

  • Material damage (financial losses)
  • Non-material damage (psychological harm)

The Judicial College Guidelines (JCG) may be used to value your claim for your non-material damage. Within this document are compensation guidelines for different forms of harm.

In the table below, we have listed some of these compensation guidelines regarding psychological injuries; aside from the first entry,

Type and SeverityCompensation GuidelineNotes
Severe Psychiatric Injury plus Compensation for Material DamageUp to £250,000 or moreCompensation for suffering a severe psychiatric injury and any financial losses suffered, such as lost earnings.
Severe Psychiatric Damage£66,920 to £141,240Marked effects on the person's ability to cope with life and work and they will also experience future vulnerability.
Moderately Severe Psychiatric Damage£23,270 to £66,920Significant issue with coping with life and future vulnerability but there is a more positive prognosis.
Moderate Psychiatric Damage£7,150 to £23,270Prognosis is good with marked improvements made despite suffering with the problems associated above.
Less Severe Psychiatric Damage£1,880 to £7,150How much daily activities and sleep were impacted will affect the amount awarded.
Severe Post-Traumatic Stress Disorder (PTSD)£73,050 to £122,850The person will be unable to work or function as they did previously due to permanent effects.
Moderately Severe PTSD£28,250 to £73,050Specialist help may bring some recovery but a significant disability is still likely for the foreseeable future.
Moderate PTSD£9,980 to £28,250Large recovery made with any persisting issues not being grossly disabling
Less Severe PTSD£4,820 to £9,980Virtual to full recovery likely within two years.

Material damage is any financial harm the personal data breach has caused you. For example, you may wish to claim for:

  • Loss of earnings due to taking time off work due to the psychological injury the data breach caused you.
  • Relocation costs following a breach of your home address.
  • Therapy costs for the psychological harm suffered.

To see whether you could claim compensation following a personal data breach, you can contact our advisors.

Claim Data Protection Breach Compensation On A No Win No Fee Basis

Our panel of solicitors have years of experience working on various types of personal data breach claims. Some of the services they could provide you with include:

  • Help with gathering evidence.
  • Communicating with the defendant.
  • Negotiating your settlement for both your material and non-material damage.
  • Explaining every step of the claiming process.

They can also work on employer data breach claims on a No Win No Fee basis by entering into a Conditional Fee Agreement (CFA) with you. Advantages of claiming with a No Win No Fee solicitor include not having to pay:

  • Upfront for their services.
  • For their services as the claim progresses.
  • Anything for their work if the claim fails.

They will, however, take a small percentage of your compensation if the claim succeeds. This is legally capped and often referred to as a success fee.

Contact our advisors today to get started with a free initial consultation:

  • Call us anytime 24/7 on 020 8050 3051.
  • Submit a query via our Contact Us page.
  • Reach out using the chat feature below.

A solicitor shakes their client's hand while explaining how to claim employer data breach compensation.

Read More About How To Claim For Data Breaches

Learn more about other types of data breaches you may be able to claim for:

External resources:

Thank you for reading our guide on employer data breach claims.