De Montfort University Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For De Montfort University Data Breach
Managing a university is a huge task. The coordination of thousands of students and hundreds of staff means that the university has no choice but to store sensitive personal information about them. However, that data needs to be kept safe because it could cause a lot of problems if it ends up in the wrong hands. This article is going to examine whether it could be possible to make data breach compensation claims against De Montfort University.
The Data Protection Act 2018 and the General Data Protection Regulation (GDPR) are new pieces of law that have revolutionised the ways in which organisations use their personal data. They provide us with a lot of control over who can use our data, why it is used and who it can be shared with. The new laws also mean organisations that control our data have a legal obligation to keep it safe. When data breaches occur, the Information Commissioner’s Office (ICO) is able to step in. They could issue massive financial penalties. On top of that, you might be allowed to claim for any harm caused if your information is leaked.
To help you make a claim, Legal Expert provides a no-obligation assessment of any case. Our advisors offer free claims advice. And, if the claim appears to have merit, could put you in touch with one of our Data Breach solicitors. If they decide to take your claim on, they will act on your behalf using our No Win No Fee solution.
To enquire about beginning a claim right away, please call us on 0800 073 8804 today. If you would prefer to find out more about data breach claims before calling, please continue reading.
Select A Section
- A Guide To Data Breach Compensation Claims Against De Montfort University
- What Is A University Data Breach?
- Universities Obligations Under The GDPR
- Has De Montfort University Been Affected By The Blackbaud Hack?
- Rates Of Breaches In University Data Security
- Stopping Criminal Thefts Of Data And Cybersecurity Breaches
- Types Of Compensation You Could Be Eligible To Claim
- Calculating Data Breach Compensation Claims Against De Montfort University
- Choose The Right Person To Handle Your Case
- No Win No Fee Data Breach Compensation Claims Against De Montfort University
- Talk To Us About Your Claim
- References And Further Resources
A Guide To Data Breach Compensation Claims Against De Montfort University
If you think of data breaches, it’s quite natural to assume they relate to phishing emails, cyberattacks, malware, viruses, keyloggers or ransomware. However, the GDPR covers all types of personal information whether it’s stored on a computer system or in a filing cabinet.
The main changes that have become apparent since the GDPR was introduced are that you have to click on a lot of pop-up boxes when visiting websites. Or you’ll need to tick boxes when filling in paperwork that relates to your personal data preferences. That’s because, if an organisation wants to use your personal information, usually they need your express permission. Additionally, any personal information they record must be kept as safe as possible. In cases where data protection rules are broken, the ICO could fine the responsible organisation. In addition, you could start a data breach claim for any harm that results.
There are time limits that apply to data breach claims. Mostly, you will need to begin your claim within 6-years. Cases relating to human rights breaches have only 1-year to be made. Our team of solicitors will usually tell you that it is probably easier to recall the effects of a data breach if you start your claim early. Also, obtaining the evidence to support your case will probably be simpler too.
After you have read this article on whether it is possible to make data breach compensation claims against De Montfort University, please feel free to contact our team. They will be able to answer any questions. Or could help you begin your claim once you are ready.
What Is A University Data Breach?
As mentioned earlier, data breaches aren’t only computer-related. For instance, a data breach may have occurred if physical documentation containing personal information is disposed of with normal rubbish rather than being securely shredded. That said, the case study we will review later in the article concerned cyber hackers. Information was taken from an IT solutions company’s system. We will review that case later on.
The GDPR explains that data breaches are when a security problem results in personal information being accessed, destroyed, altered, lost or disclosed when not unauthorised.
If a university finds out they have been the victim of a data breach, they are obliged to let anyone who has been affected know about it. They also need to keep the ICO informed of the progress of their investigation into the breach.
Universities Obligations Under The GDPR
When universities want to obtain and handle your personal information, they are classed as a data controller within the context of the GDPR. All data controllers need to be able to prove that they comply fully with the following data collection principles:
- When processing data, the minimum amount possible should be collected.
- Data processing has to be carried out securely and confidentially.
- When storing personal information, it should be kept up to date.
- While there is no official time limit, personal data should not be stored longer than necessary.
- The processing of any personal information needs to be obvious, within the law and fair.
Has De Montfort University Been Affected By The Blackbaud Hack?
As we briefly mentioned earlier, De Montfort University was caught up in a data breach when Blackbaud systems were hacked.
Many UK universities use Blackbaud software to manage information. Blackbaud identified that a data breach had occurred. They realised that a section of data had been downloaded illegally. Later on, it was contacted by the hackers and a ransom was demanded.
In line with GDPR regulations, Blackbaud started an investigation and let the customers who were affected know about the breach. They were told that the Identifiable data had been exposed. After they had been informed, the universities involved made contact with anybody at risk and explained that they should be vigilant.
In the end, Blackbaud decided that they would pay the hacker’s ransom. In return, they were assured that the data which had been illegally obtained had been destroyed.
Rates Of Breaches In University Data Security
Are university data breaches becoming more and more common? Data security firm produced some key findings from their research. They asked 86 universities about their data security policies and their responses were used as the basis of the report. It showed that:
- Nearly half of the university staff had not received any formal data safety training in the security systems.
- The budget set annually to train staff averaged out at just over £7,500 per year
- Proactive data security training was only offered in 51% of Universities.
- While 12% of universities stated they hired 3rd party penetration testers quarterly to assess their network security, 27% indicated that such a test had never happened.
- The headline statement was that 54% of respondents said their university had needed to inform the ICO about data breaches in the past 12-months.
Not only do universities control sensitive personal information relating to students and staff, but there is also the potential for such information to be used in research projects conducted by students as well. In the next section of this guide, we will show you some of the steps that could be taken to try and prevent data breaches in the future.
Stopping Criminal Thefts Of Data And Cybersecurity Breaches
What can be done to prevent data protection breaches? While we are not experts in computer security, industry best practices suggest that the following could help:
- Providing data security training to all members of staff, contractors and students.
- Using encrypted memory sticks, tablets and laptops to prevent any information from being accessed if lost or stolen.
- Asking a security firm to audit the university and its IT infrastructure to help identify weak spots before criminals do.
- Keeping device and software up to date.
- Assessing data protection policies regularly.
Types Of Compensation You Could Be Eligible To Claim
Making a data breach claim can benefit from the help of a legal expert. That’s because every claim is different, and each claimant will have suffered differently from others. Getting the claim right is really important. If you settle your claim in full, you are not able to ask for further compensation later on. That means your claim will need to consider any initial harm caused by the data breach as well as any long-term damage that could occur.
In most cases, your claim will be made up of two main elements. Material damages might be claimed if you have lost out financially due to the data breach. Then non-material damages could be claimed if the data breach has caused you to suffer psychological injuries.
When claiming for financial losses, you would usually start with money that you have already lost. Then you might need to look at any losses that could happen in the future. For instance, you might incur additional costs when taking out a mortgage or loan in the future because your credit file has been damaged by an identity thief.
In a similar way, as well as asking for compensation to cover any mental illnesses you’ve already suffered, you could also ask to be compensated for any future suffering. For instance, you might look at the ways your ability to cope with work, life and relationships will be affected by anxiety, Post-Traumatic Stress Disorder (PTSD) or depression.
If you choose to let Legal Expert represent you, your solicitor will go through your case with you thoroughly before it is lodged with the third party. They will carefully assess your case to try and avoid any details being missed. Please call today if you are ready to make a claim.
Calculating Data Breach Compensation Claims Against De Montfort University
In the previous section, we explained what types of compensation could be claimed for relating to university data breaches. In this section, we will show you how much could be paid. However, we are not looking at the financial losses you may have incurred. We provide a table rather than a calculator. The table looks at figures that can be claimed in personal injury cases.
We should make you aware that it is possible to claim for psychological injuries relating to data breaches even if you haven’t lost any money. That decision was made after the case, Vidal-Hall and others v Google Inc  was settled in the Court of Appeal. Furthermore, the ruling said compensation should be awarded at the same rates as in personal injury cases.
The table which follows contains potential compensation amounts relating to some relevant injuries. The figures have been extracted from the Judicial College Guidelines which is often used by solicitors when valuing injuries in personal injury cases.
|Diagnosed Injury||Severity||Settlement Range||Additional Comments|
|General Psychiatric Damage||Severe||£51,460 - £108,620||The claimant will receive a very poor prognosis in this category because treatment is unlikely to help and they will remain vulnerable.|
|General Psychiatric Damage||Moderately Severe||£17,900 to £51,460||While significant problems will affect the claimant's ability to deal with relationships, cope with life and their ability to work, a more optimistic prognosis will be offered than above.|
|Post-Traumatic Stress Disorder||Severe||£56,180 to £94,470||There will be permanent PTSD symptoms in this settlement category that means the claimant won't be able to function anywhere near the levels that were seen pre-trauma.|
|Post-Traumatic Stress Disorder||Moderately Severe||£21,730 to £56,180||In this category, it is hoped that professional support will help aid recovery. However, in the immediate future, the claimant will still suffer significantly.|
|Post-Traumatic Stress Disorder||Less Severe||To £7,680||This settlement range is used when most symptoms are resolved within 1 to 2-years with the possibility of minor issues continuing.|
Importantly, you will need to demonstrate the severity of any injuries. This will be considered the main factor used to determine non-material compensation levels. That means that as part of the claims process, you will need to visit a local independent medical specialist for an assessment. The specialist should have access to any relevant medical records. They will ask questions about how the data breach has affected you during the appointment.
Choose The Right Person To Handle Your Case
We have now examined the criteria for making data breach compensation claims against De Montfort University. So now it’s time to show you how to find a data breach solicitor. You might think that it’s as simple as looking for a local firm of lawyers. Or maybe, asking family for recommendations. Importantly, reading solicitor reviews online. However, those steps could all take time and might not result in you finding the right solicitor to help you.
An alternative option is to call the Legal Expert advice line. We have a team of specialists who will provide free legal advice. They can also assess your case and answer as many questions as you ask – even if you don’t make a claim! If you do want to start a claim with us, and your case is accepted, your solicitor will make sure they translate any legal complex terms for you. They will keep you up to date with progress in your case. Answering any questions that pop up. Their main aim will always be to try and ensure that any compensation paid is fair and the maximum possible.
No Win No Fee Data Breach Compensation Claims Against De Montfort University
Many claimants worry that they will have to pay huge legal fees for a solicitor to accept their case. lf so, you needn’t worry about that any longer. All our solicitors work on a No Win No Fee basis. That means no upfront payments to get the claim underway.
When you contact our team, a solicitor will have to spend some time considering the merits of your case before agreeing to take it on. If they decide to proceed, and you are happy to do so, you will be given a Conditional Fee Agreement (or CFA). The CFA clearly tells you how the claim will be handled. Additionally, you will see that:
- You won’t be asked for payment upfront.
- Your solicitor won’t ask for any of their fees to be paid during the claim.
- If the claim is not won, you won’t be expected to cover the solicitor’s fees at all.
In the event that your claim is won, and compensation is awarded, a small portion will be retained to cover your solicitor’s work. This is shown in the CFA as a success fee. So that you know what percentage you will pay at the start of your case, the success fee is listed clearly in the CFA before you sign it. The percentage is capped by law.
Talk To Us About Your Claim
We are just about at the end of this article on whether you could possibly make data breach compensation claims against De Montfort University. If you are ready to begin a claim, and you want Legal Expert to represent you, then you can:
- Call and speak with a data breach advisor on 0800 073 8804
- Ask a specialist for free advice via our live chat tool.
- Start your case online and request a call back when it is convenient.
- Write an email explaining the impact of the data breach and send it to firstname.lastname@example.org.
Legal Expert will never overstate your chances of making a successful claim as we don’t want to waste anybody’s time. When you contact our support line, your case will be reviewed by an advisor. You will receive free advice on how to proceed. If the advisor believes your claim has strong grounds, they could refer your case to a specialist solicitor. Please remember, any claims that are accepted are managed by our solicitors on a No Win No Fee basis.
References And Further Resources
You have completed our guide on the potential criteria for data breach compensation claims against De Montfort University. We hope that we have provided all the information you’ll need to help you make a claim. To provide further assistance, we have listed links to some external resources that you might need to access during your claim. Additionally, you will find some of our guides relating to different types of claims we could support you with in the future. If you need anything further, please speak to one of our advisors.
Deleting Data – An ICO guide that shows you when it is possible to ask an organisation to delete your personal data.
Mind – A charity that offer to support and advise anybody who is suffering from mental health issues.
Personal Injury Compensation – Details on the types of personal injury claim Legal Expert’s solicitors can help with.
Hospital Negligence Claims – Information on how we could help you if you are made ill or suffer an injury due to hospital negligence.
Care Home Claims – A guide that shows the types of claims which could be made if a resident is injured as a result of negligence.
Written By Hanbridge
Edited By Melissa.