Administrator Breached My Data Privacy, Can I Claim Compensation?
An administrator breached my data – what can I do? Are you asking this question after your personal details were breached in a data security incident? Did an administrator through human error expose your personal information?
The aggravation and distress caused by a personal data breach can cause problems for months or years to come. At Legal Expert, our team can assess your claim in a free, no-obligation conversation. We could connect you with a data breach solicitor if you have a valid claim for compensation after a personal data breach problem due to poor administrative processes. Find out more by:
- Speaking to our advisors on 0800 073 8804
- Contact us online and request a callback
- Access free advice through our live support portal, bottom right
Select A Section
- How Could An Administrator Breach Your Data Privacy?
- What Data Could Administrators Have Access To?
- Administrator Data Breach Case Study
- An Administrator Breached My Data, How Do I Claim?
- An Administrator Breached My Data, What Could I Claim?
- How Legal Expert Could Help You
How did an administrator breach my data? Failure to protect personal data or allowing unauthorised access to personal information can be considered a personal data breach. In the UK, there are specific laws that seek to protect our personal data called the Data Protection Act 2018 and UK General Data Protection Regulation (UK GDPR).
All companies, organisations and businesses that process your personal data must abide by these data protection laws. The legislation is enforced by an independent agency called the Information Commissioner’s Office (ICO).
The 7 Core Principles
The 7 Core Principles of good data practice enable those using personal data to check that they are doing so in accordance with the UK GDPR. With this in mind, data collection and use must be fair, lawful and obvious.
Personal data should be used only for the reasons collected and kept up to date and accurate. In addition to this data should only be kept for limited periods of time, during which security and personal accountability must be displayed by all involved. Integrity and security should be at the forefront of all data handling.
A breach could be the consequence of a data handling failure in these areas. However, a claim for compensation must show financial and/or emotional harm occurred. It’s vital that you can pinpoint and prove where the third party involved failed to properly safeguard your personal information from a breach and are therefore liable as a result. Speak to our team for help.
If an administrator breached your information it may mean that personal and special category data was involved in the breach. But what sort of personal data could an administrator have access to? Administrators of organisations may require any or all of the following:
- Name and address
- Email address and contact phone numbers
- Date of birth
- Financial or even medical information
The UK GDPR recognises some data as a special category. This describes personal data that poses a potentially greater risk of harm to the subject if breached. Some examples of special category personal data are anything that reveals:
- Racial and ethnic background
- Political opinions
- Religious and other philosophical beliefs
- Trade union interests
- Genetic data and biometric data
- Health data
- Data that concerns someone’s sex life
- Or their sexual orientation
Who Is Liable If An Administrator Breached Your Personal Data?
An administrator may work for an organisation that collects and processes personal data. If you can prove that the organisation failed to protect any personal or personally sensitive data which led to a breach and caused you harm then you could be eligible to make a personal data breach claim.
The ICO details enforcement action that they have taken against organisations that have failed to adhere to data security laws. Human error can be the overwhelming reason for data breach security incidents. Below we look at Data Security Trends that are published quarterly by the ICO. These stats come from the third fiscal quarter of 2021/22.
The most common causes of human error data security incidents as reported to the ICO:
- Data emailed to the wrong recipient – 419
- Unauthorised access – 262
- Data posted or faxed to the wrong recipient – 181
Unfortunately, a personal data breach by an administrator could happen without you becoming aware of it for some time. During this period, cybercriminals have the opportunity to commit fraud or in severe cases, identity theft. To minimise the damage or if you are thinking about making a claim the checklist below offers help:
- Change all passwords and apply enhanced security on your devices
- Complain or request information from the party you believe breached your data
- Wait no longer than 3 months from the date of last meaningful contact on the matter if you want to make a complaint to the ICO
- Raise a complaint with the ICO (they may decline to investigate and do not pay compensation but their involvement can be used as part of your evidence)
- Start to track and collect evidence of loss or damage such as bank statements or other documents
- Access the medical records that show any psychiatric injuries caused to you such as stress, depression or Post-traumatic stress disorder (PTSD).
Important to note is that there is a 6-year time limit to personal data breach compensation claims. Although this may seem a long time, it is better to commence a claim while the details are as fresh as possible in your mind.
There are two heads of damages in data breach claims. Material damages look at the documented evidence you have that proves you suffered financially because of the data breach. This financial damage may happen in a variety of different ways:
- You could lose money through online theft or fraud
- Or incur costs to re-establish your data privacy, such as replacing IT devices or phones
- It may be necessary to relocate or move your children in severe cases
- You may need to pay for counselling to deal with the stress
Speak to our team for further advice on what other costs to you could be included or use our compensation calculator.
Administrator Breached My Data – Non-Material Damages
In addition to this, non-material damages can be calculated independently after a precedent was set in a case called Vidal-Hall v Google Inc. This case established that you can claim psychiatric injury in a data breach without claiming for financial losses.
Using the Judicial College Guidelines (16th edition published in April 2022) we created the table below.
|What Type of Psychiatric Harm||How Severe? What Award Bracket In JC Guidelines?||Further Notes|
|Psychiatric Damage General||(A) A severe level - £54,830 to £115,730||Cases of marked and significant impact in all areas of the sufferer's life|
|Psychiatric Damage General||(B) Moderately Severe Levels - £19,070 to £54,830||Psychiatric injury that has a more favourable prognosis than the bracket above|
|Psychiatric Damage General||(C) Moderate Levels - £5,860 to £19,070||Cases that indicate a noticeable improvement by the time the case is heard|
|Psychiatric Damage General||(D) Less Severe Levels -£1,540 to £5,860||Reflective of the extent of impact on sleep or daily activities|
|Post-Traumatic Stress Disorder (PTSD)||(A) Severe Level - £59,860 to £100,670||Profound impacts on all areas of the person's life, restricting life as lived prior to trauma|
|Post-Traumatic Stress Disorder (PTSD)||(B) Moderately Severe Levels - £23,150 to £59,860||A more favourable prognosis after professional intervention and help|
|Post-Traumatic Stress Disorder (PTSD)||(C) Moderate Levels -£8,180 to £23,150||Recovery with some continuing effects remain but are not badly disabling|
|Post-Traumatic Stress Disorder (PTSD)||(D) Less Severe Levels - £3,950 to £8,180||A full recovery within a 24 month period and no remaining severe symptoms|
With all this in mind, you may feel ready to launch a claim for damages when asking – an administrator breached my data – what can I do next?
Anyone is free to start a claim themselves. But collecting all the appropriate information to support your claim in data breach cases can be complex. A No Win No Fee solicitor could help.
When a data breach specialist works under an agreement like this, there are very real benefits to the claimant. Right at the start, you receive realistic advice as to how likely it is for your claim to win. You can also get an accurate assessment of what the damages could be. Cases that win require a maximum 25% deduction for solicitors’ fees. If the case fails, there is nothing owed to them.
This arrangement could work for you. So if you are wondering how to proceed after an administrator breached your data, get in touch with our experts to find out more:
- Speak with us on 0800 073 8804
- Contact us online to request a callback
- Use our live support portal, bottom right
Data Breach Resources
The administrator breached my data – what can I do next? This data breach question is just one that we offer guidance on:
- Read more if your paperwork was lost or stolen
- Furthermore, advice on credit card data breach compensation
- As well as this, more reading on HR data breach compensation claims
- Government advice on cyber security
- Also, you can read more on internet safety
- Lastly, here’s more reading on securing your device