When you give your personal information to an organisation, whether that’s an employer, the NHS, an airline, or a bank, they are expected to guard those details against becoming public knowledge. The Data Protection Act (2018) states that any company or public body that stores sensitive information must do so responsibly, and any failure to oblige can result in prosecution.
In recent years, the amount of personal data harvested has increased at an unprecedented rate. As a result, the opportunity for data leaks has bloomed, and data protection breach compensation claims are becomingly increasingly common.
If you’re concerned you may have been the victim of a data breach, then read on to learn about your next steps. You may be able to make a claim and be entitled to compensation.
What is Data Protection Breach Compensation?
If sensitive personal information isn’t stored safely, it can result in a data protection breach. The data can get stolen, lost, destroyed, altered, or accessed, all without the owner’s permission.
Some examples of private, sensitive information include:
- Your name
- Your address
- Your email address (provided it contains your full name)
- Your date of birth
- Medical data
- Financial information
Cyber attacks pose a significant threat to companies looking to keep their data safe, as a study from earlier this year found a third of UK firms are suffering breaches at the hand of hackers every week. However, human error, inaccurate storage and processing, and failure to protect your data from unlawful access can also cause data breaches.
The consequences of a data breach can range from a mild inconvenience to a threat to an individual’s safety. Identity fraud and financial loss are two of the biggest concerns raised following a data breach, as 86% of all breaches are financially motivated. However, psychological harm is a significant component of the experience, as the victim may find it highly distressing.
Am I Entitled to Data Protection Breach Compensation?
If your data was compromised in a breach within the past six years, then you can claim compensation under the following circumstances:
- If someone used your private data without your permission
- If you suffered a financial loss as a result
- If you lost control of your data
- If you became distressed and your mental health declined
- If you suffered no loss – as the organisation is legally obliged to protect your data
To be entitled to compensation, you must prove that the organisation did not take all reasonable measures to keep your information safe and that their action or inaction caused your data to be lost or improperly used. The limitation period is six years, so be sure to report any data loss as soon as possible.
All organisations are required to keep your data safe – public bodies, such as the government and the police, and private companies, such as your internet provider and social media platforms.
How Much Data Protection Breach Compensation Can I Get?
As data breaches become more common, compensation to claimants has grown. With more data than ever being harvested by big technology companies, court cases have risen, and the average pay out has increased.
The amount of compensation you can receive depends on the severity of the breach:
- Breach of personal data such as your name, date of birth, and address: up to £2,000
- Loss or manipulation of medical data: £2,000 – £5000
- Significant data breaches with catastrophic repercussions: £8,600 – £25,700
- Physical or emotional distress: Up to £42,900
In the event of an emotional distress claim, you’re required to provide proof of your physical and mental state and how it’s impacted your day-to-day life.
If the accused organisation is found guilty, they may be required to cover your legal costs and administration fees accrued throughout the trial. Tech giant T-Mobile has agreed to pay $350 million to customers after a hack saw social security numbers stolen and are covering the legal and administrative fees involved.
How Do I Get Data Protection Breach Compensation?
According to the Information Commissioner’s Office – the UK’s independent data privacy regulator – you should approach the organisation responsible. They can agree outside of a court to give you compensation. However, should they fail to respond or offer inadequate compensation then you’re advised to file a lawsuit.
You can report the guilty party to the ICO on their website. While the ICO can’t award you compensation themselves, they can find the organisation if they find they have failed to adhere to the Data Protection Act. Their ruling is influential and could prove highly beneficial should your case be taken to court.
In some instances, a group action claim can be made, as large groups of people may have suffered because of the same data breach. British Airways suffered a major data breach affecting over 400,000 people in 2018 and finally reached a settlement three years later. The case is believed to be the largest group-action personal-data claim in the UK.
HNK Solicitors Can Help You Get Data Protection Breach Compensation
If you believe you’ve been a victim of a data protection breach, get in touch with HNK solicitors today. Email us at firstname.lastname@example.org or give us a call on 0151 668 0816 or fill in the enquiry form on our website to arrange your free consultation with one of our experts.
We offer a no-win, no-fee service – so you don’t have to pay anything upfront.
HNK solicitors are specialists in data protection breach compensation and can get you the compensation you deserve, so get in touch today.