Claiming Compensation If An Employer Breached Data Protection

100% No Win No Fee Claims
Nothing to pay if you lose.

  • Specialist solicitors with up to 30 years experience
  • Find out if you can claim compensation Call 0800 073 8804

Start My Claim Online

Can I Sue My Employer For An Accidental Data Breach At Work?

By Lewis Cobain. Last Updated 20th December 2023. In this guide, we talk about what steps to take if an employer breached data protection and it caused you harm. We discuss what steps you can take, including how you can prove a personal data breach claim. We also discuss how a solicitor could help you claim for harm caused by a data protection breach.

If you have any questions about what to do if your employer breached data protection and the breach included your personal data, get in touch with our advisors. To contact us:

accidental data breach at work

What to do if your employer breached data protection

Select A Section

  1. Can I Claim For An Accidental Data Breach At Work?
  2. What Is Personal Data?
  3. Examples Of Employer Data Breaches
  4. How Can I Prove A Claim For An Accidental Data Breach At Work?
  5. Employer Breached Data Protection Compensation Payouts
  6. Breach Of Data Protection In The Workplace – Get In Touch For No Win No Fee Legal Help
  7. Check out this short video below which summaries our guide:

Can I Claim For An Accidental Data Breach At Work?

Your personal data is protected under the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR). These two pieces of legislation set out the responsibilities of a data controller, who decides how and why your data is used, and a data processor, who processes the data on the controller’s behalf. Your employer may play both roles.

If either the data controller or processor failed to adhere to these pieces of legislation, it could potentially lead to an accidental data breach at work. A personal data breach occurs when the availability, confidentiality, or integrity of your personal data is compromised in a security incident.

Article 82 of the UK GDPR sets out the eligibility criteria that need to be met in order to begin a personal data breach claim:

  • The breach of data protection at work must have occurred because the data controller or processor failed to adhere to the data protection legislation.
  • Your personal data must have been compromised in the breach.
  • You must have suffered financial harm and/or emotional harm as a result of the breach of your personal data.

In addition to meeting the eligibility criteria listed above, you must start your data breach claim before the time limit expires. For most data breach claims, this is generally six years. However, this is reduced to one year if you are claiming against a public body. 

Speak with an advisor from our team today to discuss your eligibility for data breach compensation. Or, read on to learn more about the personal data breach claims process.

What Is Personal Data?

You may wish to know what personal data could be compromised should an employer data breach occur. Firstly, personal data is information that can identify you as the data subject.

When you ask, “my employer has lost my personal data; what was compromised?” you may like to see examples. Personal data that your employer may have on file could include your:

  • Name
  • Address
  • Phone number
  • Personal email address, but not an email address connected to the company you work for. For example, is not considered personal data.
  • National insurance number

Some personal data that may be included with your employment records could be considered special category data. This is data that is sensitive in nature and therefore given additional protections under the UK GDPR. Special category data that may be included in employment records includes:

  • Racial or ethnic background.
  • Religious or philosophical beliefs.
  • Medical information. For example, if you told your employer of a disability so they could make reasonable adjustments to allow you to carry out your work duties.

If a lost or stolen device contains employment records with any of the personal data listed above, it could be considered a data breach. Additionally, if your employer sends a mass email using personal rather than company email addresses and fails to use the blind carbon copy (BCC) feature to conceal the addresses from each other, it could also be considered a data breach.

If the loss of your personal data by your employer caused you harm, whether financial or emotional, call our advisors. They’re available with free legal advice 24/7.

employer data breach

Claim Compensation For An Employer Data Breach

Examples Of Personal Data Breaches

You might be wondering how a personal data breach could occur. As we’ve already mentioned, a breach in data protection laws alone is not enough to start a compensation claim; you must also be able to prove that the breach included your personal data, and that it caused you harm.

Some examples of employer data breaches that could lead to a compensation claim include:

  • If your employer stored files that contained your personal data in an unlocked filing cabinet, then other employees could access this data, causing you financial or emotional harm.
  • If company devices such as laptops or phones are not password protected, this could lead to thieves accessing your personal data.
  • If your employer were to send out an email containing your personal data to the wrong email address, this could lead to significant financial or emotional harm.

These are just a few examples of how a workplace data breach could occur. To learn more about data breach claims, or to find out if you could claim for a workplace data breach, contact our team of advisors today.

How Can I Prove A Claim For An Accidental Data Breach At Work?

If you want to sue your employer for a breach of confidentiality, then you need evidence to do so. Gathering and presenting this evidence is part of the claims process.

Here are some examples of evidence that could help support your claim if you’ve suffered due to a data protection breach at work:

  • Correspondence – Whether you are informed of a data breach via email or written letter, make sure to keep a copy. If you are informed verbally, request that you are given the information in writing too.
  • Financial records/bank statements – Your workplace may have information pertaining to your bank account. If so, the breach could result in unusual and unauthorised transactions leaving your account.
  • Medical records – If the data breach has affected you financially, medical records could show any diagnoses or treatments you have needed.

If you’ve been affected due to an issue with data protection at work, get in touch with our advisors today. We can also give you more examples on how to help support your claim.

employer data breach

Make A Workplace Data Breach Claim With A Data Breach Solicitor

Employer Breached Data Protection Compensation Payouts

Following a breach of data protection at work, you might be interested in finding out the potential value of your claim. You could be awarded compensation for both your material and non-material damage.

The mental harm you have suffered due to your personal data being compromised in an accidental data breach at work is referred to as non-material damage.

When making a claim following a breach of data in the workplace, those valuing your claim for your non-material damage may refer to the Judicial College Guidelines (JCG). This is because the JCG provides compensation guidelines for various psychological and physical injuries.

In the table below, we have listed some of the guidelines found within the 16th edition of this document. Please only use it as a guide. The first entry in this table has not been taken from the JCG.

Type of Suffering Severity Compensation Bracket Details
Serious Psychological Harm + Special Damages Serious Up to £200,000+ Multiple serious psychological injuries combined with several severe financial losses, such as lost earnings and the cost of prescriptions.
Psychiatric Damage Generally (a) Severe £54,830 to £115,730 This bracket applies to cases where the person is suffering severe symptoms and their prognosis is very poor.
Psychiatric Damage Generally (b) Moderately Severe £19,070 to £54,830 Under this bracket, the person will be experiencing significant problems. However, the prognosis will be much more optimistic than in severe cases above.
Psychiatric Damage Generally (c) Moderate £5,860 to £19,070 Those covered by this bracket may have experienced serious problems, but there will be marked improvements by trial and the prognosis will be a positive one.
Psychiatric Damage Generally (d) Less Severe £1,540 to £5,860 Consideration is given to symptoms and the length of time affected.
Post-Traumatic Stress Disorder (PTSD) (a) Severe £59,860 to £100,670 This bracket applies to those who are suffering permanent issues that badly affect all aspects of their life.
Post-Traumatic Stress Disorder (PTSD) (b) Moderately Severe £23,150 to £59,860 Those covered in this bracket will be experiencing significant disabilities from their symptoms. Some recovery should be possible with professional help.
Post-Traumatic Stress Disorder (PTSD) (c) Moderate £8,180 to £23,150 For this bracket, the person will likely already have largely recovered. Any symptoms which remain will not be considered grossly disabling.
Post-Traumatic Stress Disorder (PTSD) (d) Less Severe £3,950 to £8,180 A virtually full recovery occurs within two years.

What Is Material Damage?

As we stated above, you might receive compensation for your material damage if your personal data was included in a data breach in the workplace. To be compensated for your material damage, you should submit evidence of this, such as a copy of your credit report.

Examples of what financial losses you could be compensated for include:

  • Losses related to identity theft. For example, if a criminal gained access to your personal data, they could use it to take out credit in your name.
  • Money stolen from your bank account. For example, if criminals gained access to your banking details, they could spend your funds.

Get in touch with our advisors to learn what else you could include in your claim if your personal data was compromised in a data protection breach at work.

employer data breach

Claim Compensation For An Employer Data Breach On A No Win No Fee Basis

Breach Of Data Protection In The Workplace – Get In Touch For No Win No Fee Legal Help

Now that you’ve learned more about data protection in the workplace and how your personal data should be handled, you may be interested in starting a claim. One of our solicitors could help you through this process by working under a Conditional Fee Agreement (CFA), which is a kind of No Win No Fee contract.

When you work with a solicitor under a CFA, you won’t be asked to pay any fees for them to work on your case. Likewise, your solicitor will not take a fee for their work if your claim is unsuccessful.

However, if your claim does succeed, then they will take a success fee. The success fee is taken directly from your compensation award and is deducted as a small percentage. This percentage has a legislative cap, which helps make sure that the larger share of your settlement stays with you.

Working with a professional on your personal data breach claim can come with many benefits. For example, one of our expert solicitors could help you build a strong case by helping you collect evidence.

To find out if one of our solicitors could help you after a personal data breach caused by poor data protection at work, contact our team today for a free consultation. They can tell you if your claim could be valid, and if so, they could connect you with one of our solicitors.

You can contact our advisors by:

Remember, if you have any questions at all about what you can do after an accidental data breach at work, please get in touch.

Data Breach Solicitors

Regardless of where you’re based, we can help you claim data breach compensation. Please see below for some of our dedicated guides:

Essential References If Your Employer Breached Data Protection

If you believe your employer breached data protection laws resulting in your data breach, we have provided some additional guides which could be helpful.

Below, we’ve also linked the relevant data privacy and protection laws for the UK:

Other Useful Compensation Guides

    Contact Us

    Fill in your details below for a free callback

    Meet The Team

    • Patrick Mallon

      Patrick is a Grade A solicitor having qualified in 2005. He's an an expert in accident at work and public liability claims and is currently our head of the EL/PL department. Get in touch today for free to see how we can help you.