A Guide To HR Data Breach Claims

HR departments exist to help employees navigate workplace issues and to help the day-to-day run smoothly for companies and businesses. But what happens when an HR data breach affects your personal data?

In this guide, we’ll discuss everything you need to know about making a personal data breach compensation claim. First, we’ll explore the criteria that your claim needs to meet in order to be valid. Then, we’ll talk about how an HR data breach could occur.

A lot of people ask our team how much compensation they could receive if they were to make a successful claim. Our guide will discuss the different kinds of damage that could be caused by a breach of your personal data, and how these translate into compensation.

Lastly, our guide will explore the benefits of making your claim with a No Win No Fee solicitor.

Our team of advisors are here to help you. When you get in touch, they can offer you a free consultation. Get started today by:

A personal data breach solicitor helps an employee claim compensation

Browse Our Guide

  1. Can I Make An HR Data Breach Claim?
  2. What Are Examples Of An HR Data Breach?
  3. How Could An HR Department Prevent Data Breaches?
  4. What Should I Do After An HR Data Breach?
  5. How Much Compensation For An HR Department Data Breach?
  6. See If You Can Claim For An HR Department Data Breach
  7. Learn More About How To Claim For Data Breaches

Can I Make An HR Data Breach Claim?

To make an HR data breach claim, you need to be able to prove that:

  • Your personal data was affected in a data breach
  • The breach was caused by wrongful conduct
  • You suffered mentally or financially as a result of this

Personal data is any information that can be used to identify you. For example, this might include your full name or your phone number. If you are a UK resident, then your personal data is protected by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2019. Together, these set out the rules and regulations that all organisations that process your personal data must follow.

A data breach occurs when the confidentiality, integrity, or availability of your personal data is compromised by a security incident. This can happen in a number of ways, but to be able to claim compensation, you need to prove that the organisation failed to adhere to data protection laws (e.g. wrongful conduct).

What Personal Information Would An HR Department Have?

An HR department could have personal data like your name, address, and email address, but they could also have special category data. This is a kind of personal data that needs extra protection because of its sensitive nature.

For example, this might include data regarding your:

  • Religion
  • Ethnic origin or race
  • Sexual orientation
  • Political opinions
  • Health, like information on your medical conditions
  • Biometric data
  • Trade union membership

If you’d like to learn more about personal data and when you could make a claim, get in touch with our team today.

What Are Examples Of An HR Data Breach?

So, how could an HR data breach occur? Some examples of the types of incidents that could lead to a data breach within an HR department could include:

  • Verbal disclosure: An employee in the HR department of your workplace reads that you have a medical condition in your file. They then verbally disclose this to your colleagues, causing you anxiety.
  • Sending information to the wrong address: You are sent a letter discussing a previous conviction on your criminal record by your HR department, but they send it to your colleague’s address instead of yours. This causes you to feel unsafe at work, and you leave your job.
  • Stolen or lost devices: An employee in the HR department keeps information about your pregnancy and health on a computer that isn’t password protected. This computer is then stolen, allowing a stranger to access your health data, causing you severe anxiety.

These are only a few examples of a data breach could occur in an HR department. Contact our team today to learn more.

How Could An HR Department Prevent Data Breaches?  

There are many steps that an employer can take to prevent a data breach from occurring within their business. Some of these steps might include:

  • Making sure firewalls are up to date
  • Training employees on data handling
  • Making sure devices are secure
  • Providing lockable filing cabinets for physical data

Keep reading to learn more about claiming for an HR data breach.

What Should I Do After An HR Data Breach?

There are a number of steps that you could take following a data breach, including:

  • Talking to the HR department: If you’ve been notified of a breach, or if you suspect that one has occurred, you can talk to those responsible and ask for more information.
  • Seeking medical advice: A data breach can have considerable effects on your mental health. Seeking medical treatment ensures that you get the help you need, and it can also be helpful if you choose to make a claim.
  • Seeking legal advice: If you think you could potentially have a valid data breach claim, our team may be able to help. When you contact our advisors, they can evaluate your claim for free, and may then connect you with a solicitor from our panel.

Contact us today to learn more about how our team could help you make a claim.

Can I Make A Complaint To The Information Commissioner’s Office (ICO)?

Yes, you can make a complaint or report a data breach to the Information Commissioner’s Office (ICO). This is the UK’s independent data protection watchdog. They enforce data protection laws on organisations and can also issue fines.

When complaining through the ICO, you must do this within 3 months of your last meaningful contact with the organisation responsible for the breach. After this time, the ICO can refuse to investigate.

You can’t claim compensation through the ICO, and making a complaint doesn’t guarantee that an investigation will be opened.

Two wooden blocks reading DATA BREACH on top of a notebook

How Much Compensation For An HR Department Data Breach? 

The first head of claim we’ll talk about is non-material damage compensation. This covers the damage to your mental health caused by the breach. For example, a data breach can cause a range of mental illnesses, including anxiety, depression, and post-traumatic stress disorder.

When this head of claim is calculated, reference can be made to the Judicial College Guidelines (JCG). This document provides guideline compensation brackets for different psychological injuries. You can take a look at some examples of these in the table below, but note that the first entry isn’t a JCG bracket.

Harm TypeLevel Of SeverityFurther DetailsGuideline Compensation Amounts
Severe Psychological Harm + Special DamagesSevereSevere damage to your psyche with financial losses.Up to £250,000+
Psychological Harm(a) SevereSevere issues with all aspects of life causing a very poor prognosis.£66,920 to £141,240
(b) Moderately SevereThere are still severe symptoms affecting different aspects of life, but they aren't as severe as the bracket above.£23,270 to £66,920
(c) ModerateBy the time the case goes to trial the claimant has made a significant improvement.£7,150 to £23,270
(d) Less SevereThe severity of symptoms and effectiveness of treatment dictates this bracket.£1,880 to £7,150
Post-Traumatic Stress Disorder (PTSD)(a) SevereThere is no longer an ability to function as they did pre trauma.£73,050 to £122,850
(b) Moderately SevereWith professional help there is an opportunity for a better prognosis.£28,250 to £73,050
(c) ModerateThere are no largely disabling symptoms remaining and a good recovery occurs.£9,980 to £28,250
(d) Less SevereWithin a couple of years a full recovery occurs and any remaining issues are minor.£4,820 to £9,980

What Is Material Damage In A Data Breach Claim?

Material damage refers to the financial losses caused by the data breach. For example, this might include the cost of prescription medications and counselling to overcome the mental effects of the breach. Likewise, if you could no longer work because your anxiety was too bad, your lost wages could be covered under material damage compensation.

All these financial losses will need to be proven with evidence such as invoices and payslips.

If you’d like to learn more about data breach compensation, contact our team. Or, read on for more information on how a solicitor from our panel could help you.

See If You Can Claim For An HR Department Data Breach

Personal data breaches can be overwhelming, and you might not know where to turn. If your workplace allows a data breach to occur by failing to protect your personal data, a solicitor from our panel may be able to help.

When you work with a solicitor, they can help you with every step of the claims process. Our panel have years of experience in data protection, with extensive knowledge of data protection laws and how businesses are expected to protect personal data. They can help you support your claim with evidence, negotiate a settlement, and even prepare to go to court if this is necessary.

Plus, our panel can do all of this on a No Win No Fee basis. You can access their services through a Conditional Fee Agreement (CFA), which means you don’t need to pay anything upfront or as the claim is ongoing. If the claim is not successful, then you won’t pay for their services at all.

If it is a success, then you’ll pay your solicitor a success fee, which they’ll take from your compensation. This is capped by law to help make sure that you get the most of what you win.

Contact Us

If a data breach occurred because the HR department failed to protect employee data or comply with data protection laws, contact us today by:

An HR department data breach solicitor sitting behind a desk

Learn More About How To Claim For Data Breaches

To learn more about making a data breach claim:

Or, for helpful resources:

Thank you for reading our guide on the HR data breach claims process.