King’s College Hospital Data Breach Compensation Claims Experts

100% No Win, No Fee Claims
Nothing to pay if you lose.

  • Free legal advice from a friendly solicitor.
  • Specialist solicitors with up to 30 years experience
  • Find out if you can claim compensation Call 0800 073 8804

Start My Claim Online

King’s College Hospital Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For King’s College Hospital Data Breach

How Could I Claim For A King’s College Hospital Data Breach?

You’ve probably heard of the General Data Protection Regulation referred to by its more common acronym GDPR. It is designed to provide individuals with greater control over their personal data and was enacted into British law by The Data Protection Act 2018. In this article, we’ll show you how breaches of these laws might mean you need to make a King’s College Hospital data breach compensation claim.

We’ll look at the NHS’s responsibilities regarding data security, sharing and retention and we’ll consider the types of mistakes that could lead to a data breach involving your personal information.

While your data is generally used properly by the NHS, we’ll look at your rights if a data breach happens, the harm they can cause and how much compensation might be awarded.

King's College Hospital data breach compensation claim

King’s College Hospital data breach claims guide

If you are looking to make a claim for a medical data breach, Legal Expert is here to help you. We provide a no-obligation telephone assessment of your claim and free legal advice on your options. If the claim appears to have a reasonable chance of success, your advisor could refer you to one of our specialist solicitors. If they decide to take on your case, they’ll work on a No Win No Fee basis for you.

We’re here 24-hours a day so you can start your claim right away by calling 0800 073 8804. If you’d rather learn more about GDPR in hospitals and claiming when things go wrong, please continue reading.

Select A Section

A Guide To King’s College Hospital Data Breach Compensation Claims

Organisations collect data about us for many different reasons. For some, it’s used for marketing purposes and for others it might be used to improve the way we interact with their website.

For NHS organisations, like King’s College Hospital, data is usually obtained to help treat us medically and to improve our experience with the NHS. With regards to the GDPR, the hospital might ask for your permission to share your medical information with other departments within the NHS. This will usually occur at the time you register for a service or when you undergo some form of medical procedure and will usually consist of a number of tick boxes where you can approve who the data can be given to. The most important part of the data protection rules is that once your preferences have been collected, they are adhered to.

As we progress through this article, we’ll consider when a King’s College Hospital data breach compensation claim might be needed, reasons why data breaches might occur and when a breach might entitle you to claim compensation.

If making a claim is what you decide to do, you’ll need to do so within the 6-year time limit (this is restricted to 1-year for claims relating breaches of your human rights). Our advice regarding limitation periods is to start the claim as soon as you find out about the breach because it’s a lot easier to remember the details earlier on. Also, starting the case earlier will allow your solicitor more time to obtain the evidence required to support the claim.

We’ll consider what role the Information Commissioner’s Office (ICO) plays in healthcare data breaches but its important to note that our solicitors could help you claim even if your case isn’t reported to the ICO. For more details on starting a claim, please call Legal Expert today.

What Is A Loss Of Data Or Data Breach By King’s College Hospital?

A personal data breach is where a security lapse results in personal information about you being accessed, disclosed, altered, destroyed or lost in an unauthorised manner. The data can be physical or electronic and the act which caused the breach may be deliberate or accidental.

In some cases, a data leak might not ever be noticed. However, even if a data breach doesn’t cause any problems because it was spotted early, the GDPR places a duty on organisations to report what happened as soon as possible if there is any risk to the person who’s data was leaked.

Obviously, a lot of our data is stored digitally these days, but not all data breaches are caused by computer or network security problems. It’s still fairly common for data to be exposed because of human error involving physical documentation.

For instance, if printed medical records are disposed of incorrectly, then the information could be collected by unauthorised individuals. Another example could be where a letter is sent to another patient but contains personal data about you.

Legal Expert could help if you’re considering making a King’s College Hospital data breach compensation claim. However, supplying evidence of the breach and harm it caused you will be vital to the success of any claim. Therefore, please contact us with as much information as possible and one of our specialists will assess your case for free.

The Importance Of The GDPR In Managing Hospital Data

Within the 88-pages of the GDPR, several roles relating to managing personal data are established, including:

  • The Data Controller: The person or organisation responsible for defining why and how data is processed.
  • A Data Processor: The organisation who performs data processing functions for the data controller.
  • The Data Subject: The individual whose personal data is being processed (this is the patient for the purposes of this guide).

Anyone who’s identified as a data processor needs to follow several principles outlined in the GDPR, including:

  • Making sure the data subject has been informed of the legitimate purpose behind the processing of their data.
  • Only retaining data for the time specified at the point of collection.
  • Ensuring personal information is kept up to date.
  • Only obtaining the minimum amount of data required to fulfil the purpose of processing.
  • Making sure data processing is secure and confidential.
  • Ensuring processing is fair, lawful and transparent to the data subject.

Additionally, the data controller needs to be able to prove compliance and awareness of these principles.

If you believe that a breach of data has occurred because the principles above weren’t followed, we could help you claim for any harm caused. Please contact our team and an advisor will review your claim with you for free.

How Could The NHS Or King’s College Hospital Breach Data Protection Law?

Now it’s time to review what could cause a data breach in a hospital. The obvious candidate in many people’s mind will be issues relating to cybersecurity. While that’s entirely possible and does cause data breaches, a more common reason for data to be exposed is human error.

For example, the following could all lead to data breaches which, in turn, may lead to a compensation claim:

  • Staff viewing your medical and personal information when they have no medical reason to do so.
  • If documentation with information that can identify you is left in public view.
  • Where the network or computer security is breached by viruses, malware or ransomware.
  • If a letter intended for you is sent to another recipient by mistake.
  • Where a batch of data, including yours, is sent to an organisation you’ve not approved.
  • If computer screens aren’t locked by staff meaning non-medical staff can read information about you.

When a data breach is identified, which has the potential to put you at risk, the NHS is obliged to let you know about it. They should tell you what happened, the date the data leak occurred and what information about you was disclosed.

We’re able to help you start a King’s College Hospital data breach compensation claim provided you have clear evidence of the breach and harm caused. Our team can assess your case on a no-obligation basis and provide free advice on how to proceed so why not get in touch with us today?

Fines Issued By The ICO Against NHS Organisations

In this section, we’re going to look at some real-life examples of when the ICO has got involved with data breaches within the NHS.

In the first case, St George’s Healthcare NHS Trust was fined £60,000 by the ICO for sending medical information regarding a patient to the wrong address. While the address was where the patient used to live—nearly 5-years ago—the ICO acted because the hospital had failed to update their records.

The patient had provided the new address to NHS staff and it was recorded correctly on another IT system. The ICO administered the fine because the staff had failed to use the address supplied to them by the patient and had failed to check the address they had on file was correct.


In another case, the ICO fined a former GP practice manager for sending personal data to her private email address.  The former employee had been suspended on another matter but, at the time, was also employed by the Care Quality Commission as an advisor. That meant she retained access to her NHS email account.

While on suspension from work, she forwarded an email containing personal details of job applicants and their referees to her personal email account with no professional reason for doing so.

What Does The Information Commissioner’s Office Do?

Before you ask the Information Commissioner’s Office to investigate a data breach, you’ll usually need to complain formally to the NHS. When you follow their complaints procedure, you’ll receive a reply with their findings. If you’re not happy with the outcome of their investigation, you’ll usually be told where you can escalate the enquiry to.

If after you’ve exhausted all avenues of the NHS complaints procedure, you’re still not happy, you could ask the ICO to begin an investigation.

In most cases, the ICO should be contacted around 3-months after you last had a meaningful communication with the NHS. However, you shouldn’t leave it too long as they don’t like to get involved in cases that are too old.

Taking either of the steps above could mean you find out more about how the data breach occurred. The ICO investigation could even lead to a fine for the NHS, but neither will result in you being awarded compensation for any harm that you’ve suffered.

It’s only possible for you to ask for compensation if you begin a data breach claim against the NHS trust responsible directly.

If you decide to let Legal Expert help you claim, your solicitor will work out whether it’s possible to negotiate compensation on your behalf through the NHS without the need for ICO intervention.

However, where it’s not as easy to establish liability for the breach, your solicitor may advise you to contact the ICO so it’s easier to understand what has happened and who was to blame. The ICO may not be able to award compensation but their findings could be used to help support a claim.

To discuss the best way of making your claim today, please get in touch with one of our specialist advisors.

What Could I Claim In Medical Record Data Breach Compensation?

Over the course of the next few parts of this article, we’re going to discuss what can be claimed following a data breach, how much compensation may be paid and how to claim using a No Win No Fee Agreement.

In general, claims are settled on the basis of:

  • Material damages which are used to cover any monetary losses you’ve incurred.
  • Non-material damages which can be used to compensate you for psychological damage caused by the breach.

It would be nice if we could list everything you could include in your claim within this guide. However, each claim is unique because everybody is affected in different ways. Once you’ve discussed your claim with a solicitor, they’ll be able to explain what can be claimed in your case.

During your discussions, the solicitor will consider any financial losses that you’ve sustained as a result of the data breach. Also, they’ll try to calculate any potential future losses that could be incurred. For instance, if you’re credit file has been affected by identity theft, you may be impacted for many years to come. In a similar way, your solicitor will need to look at how stress, anxiety or Post-Traumatic Stress Disorder (PTSD) has affected life, work, relationships or your education.

As you can see, there are a lot of things that need to be taken into account and this is one of the main reasons we advise having a specialist solicitor on your side. Also, it’s important that everything is considered before filing a claim because after you’ve settled, you’re not able to go back and request further compensation for something you realised that you’ve forgotten.

If you’d like Legal Expert to help you try and achieve the correct level of compensation for you, please reach out to us today.

Estimating Medical Data Breach Compensation Settlements

OK, so now you know what could be included in your claim, it’s time to look at compensation amounts.

With data breach claims, you’re able to claim compensation for any psychiatric damage caused even if you’ve not suffered financially. That’s different to some other claims and only became possible following a hearing in the Court of Appeal (Vidal-Hall and others v Google Inc [2015]). The judgment also meant that settlement amounts for non-material damages should be aligned with personal injury claims.

To provide some examples of potential compensation awards for relevant injuries, we’ve provided the table below. The data we’ve provided comes from the Judicial College Guidelines (JCG) which is used by courts to help work out settlement figures.

Claim Severity Settlement Bracket Detailed Comments
Psychiatric Damage Moderately Severe £17,900 to £51,460 The claimant’s ability to cope with everyday life (including work and education) and also with handling relationships will have been affected significantly. There may also be some risk of future vulnerability but there will be an optimistic prognosis.
Psychiatric Damage Less Severe Up to £5,500 In this category factors such as the period of disability and the extent that sleep and daily activities were impacted will be taken into consideration.
Post-Traumatic Stress Disorder Severe £56,180 to £94,470 The permanent effects on the claimant caused by PTSD will mean they will not be able to function anywhere close to pre-trauma levels or it may not be possible for them to work at all. Every aspect of their life will be badly impacted.
Post-Traumatic Stress Disorder Moderately Severe £21,730 to £56,180 The difference between this category and the one above is that the prognosis will be better because it is expected that, with professional help, there will be some recovery.
Post-Traumatic Stress Disorder Less Severe £3,710 to £7,680 In the category, the claimant will have made an almost full recovery, with only minor symptoms persisting, in around 1 to 2-years.

The amounts shown are directly linked to the severity of any injury. As solicitors don’t have the medical expertise to prove that, they use medical specialists instead. Therefore, during the claims process, your solicitor will make an appointment for you to see a local medical expert. During your appointment, your medical documents will be reviewed, and the specialist will ask questions about how you’ve suffered. They’ll then prepare a report with details of their findings for your solicitor.

No Win No Fee King’s College Hospital Data Breach Compensation Claims

One of the main reasons some people never make a compensation claim following a data breach is because they’re worried about how much a legal team will cost them. We completely understand that worry and it’s the reason our solicitors provide a No Win No Fee service for all cases they agree to work on.

Before committing to such a service, the solicitor will, of course, need to check that they have a chance of winning the case. Once they’re happy, and if you want to continue, you’ll receive a Conditional Fee Agreement or CFA to sign.

The CFA explains clearly that:

  • You won’t be asked to pay any fees upfront.
  • During the course of the claim, no solicitor’s fees will be charged.
  • In the event the claim fails, you’ll not be liable for any solicitor’s fees whatsoever.

If your solicitor achieves a positive outcome, a small percentage of your compensation will be retained by them to cover their costs. This is called a success fee. So that you know how much you’ll pay from the start, the success fee (which is legally capped), is listed prominently in the CFA.

Lawyers Handling Breach Of Data Protection Claims

To help decide which law firm you’ll let handle your case, you might well ask a friend for a recommendation. You could refer to online reviews of solicitors or simply look for one who’s based in your area. However, all of this takes time and might not necessarily result in the right solicitor for you.

Instead of wasting time, why not call Legal Expert today? Our team of solicitors have decades of experience in representing clients with different types of claims. You can speak to us to find out how we’ll help you before agreeing to work with us. Also, if your claim is accepted, your solicitor will provide you with regular updates as things progress.

Contact Our Specialist Team

If you would like to discuss starting a claim with Legal Expert, you can get in touch by:

  • Using our live chat channel and explaining what happened to a real online advisor.
  • Call our team for free legal advice on 0800 073 8804.
  • Start your claim online and one of our specialist advisors will call you back.
  • Begin your claim by emailing us the relevant details to

Our claims line is available 24-hours a day, 7-days a week. Please remember, any advice we provide is free and without obligation even if you don’t go on to make a claim.

Extra Supporting Resources

Thank you for taking the time to read our article about making a King’s College Hospital data breach compensation claim. This final section is provided to give you access to more useful guides and resources that may prove useful.

Dentist Data Breach Claims – Guidance on why you might be entitled to seek compensation for a data breach by dental surgery.

Medication Error Claims – Details on how to sue a hospital for suffering caused by a prescription error in a hospital.

Cancer Misdiagnosis Claims – Advice on how to make a claim for suffering caused by a medical misdiagnosis.

King’s College Hospital NHS Foundation Trust – The website of the NHS Trust who operate and manage services in this area.

Data Protection Guide – Information from the ICO on how companies should protect personal data.

King’s College Hospital Inspection Report – The latest grade and inspection report from the Care Quality Commission.

Other Useful Compensation Guides

Guide by Hambridge

Edited by Billing

    Contact Us

    Fill in your details below for a free callback

    Meet The Team

    • Patrick Mallon

      Patrick is a Grade A solicitor having qualified in 2005. He's an an expert in accident at work and public liability claims and is currently our head of the EL/PL department. Get in touch today for free to see how we can help you.

      View all posts