Last Updated 27th August 2025. In this guide, we’ll look at the process of making a lost or stolen paperwork data breach claim for compensation. When an organisation holds or processes your personal data, they have to adhere to the laws that exist to protect it.
In 2018, the General Data Protection Regulation (UK GDPR) was introduced. This is a piece of legislation that dictates how organisations should act to protect your personal data. This was ratified into UK law with the Data Protection Act 2018, which now sits alongside the UK General Data Protection Regulation (UK GDPR).
4.8 (466 reviews) This guide outlines how a breach of the UK GDPR by an organisation could result in paperwork containing your personal data being lost or stolen. We cover when and why you could seek data breach compensation, and how it might be calculated.
For help claiming for a data breach, our experts can assess your case on a no-obligation basis. Additionally, you will receive advice on how to file a claim. We will connect you with a specialist solicitor if your data breach claim is strong enough. Your claim could be taken on by them on a No Win No Fee basis if the case is viable.
Call us now to find out if you can begin a claim today. You can reach an advisor by:
- Visiting our contact us page
- Calling us on 0800 073 8804
- Messaging us on our live web chat
A Guide About Lost Or Stolen Paperwork Data Breach Claims
The UK GDPR outlines the way organisations can use personal data. Personal data is classed as any data that can be used, either on its own or when combined with other data, to identify you. Furthermore, personal data can be stored online or digitally- the UK GDPR protects both.
In order for you to be able to claim, you need to show that the data breach caused you harm. You also need to show that the organisation did not do enough to protect your personal data.
If the organisation in charge of your data (the data controller) did all it could to keep your data secure, then you would not be able to claim. For example, if the paperwork was stored in a locked office in a secure filing cabinet, but a thief gained access and stole it despite this, then you may not be able to claim.
Once you’ve read our guide and are ready to start a claim, speak to a specialist for advice.
2021/2022 Data Security Trends
The ICO routinely publishes statistics about data breaches every year. There have been 2,431 data breaches for both non-cyber security incidents and cyber security incidents reported to the ICO in the second quarter of the 2021/22 financial year.
From 1st July 2021 to 30th September 2021, data breaches in the following sectors were reported to the ICO at the following rates:
- 313 breaches in education and childcare
- 435 breaches in the health sector
- 209 breaches in real estate or property services
- 251 breaches in the local government sector
- 209 breaches in retail and manufacturing
Non-cyber security incidents reported included:
- A device is lost or stolen that contains personal data.
- Loss or theft of paperwork
- Failure to use blind carbon copy (BCC) when sending an email.
- Disposing of personal data incorrectly
Cybersecurity incidents reported include:
- Denial of services (DoS)
- Brute force. This is where a hacker submits a large volume of passwords or passcodes in an attempt to gain access to a system
- Hardware or software failure
- Ransomware
- Malware
- Phishing
Below, we’ve included a graph demonstrating the breaches or attacks that were considered the most disruptive to businesses, relating to attacks they’ve experienced in the last 12 months. This is based on the Cyber Security Breaches Survey 2021.
What Is A Lost Or Stolen Paperwork Data Breach Claim?
A data breach is defined as a security incident resulting in the loss, destruction, alteration, unauthorised disclosure of, or access to, personal data. Breaches can happen as a result of a malicious attack on the part of a hacker. However, they can also occur accidentally.
A human error data breach occurs when a mistake is made that leads to personal data being exposed. Things like cyberattacks and data breaches caused by hackers would not be classed as human error breaches; however, if a breach of this nature occurred and you were harmed as a result, you may still be able to claim.
You cannot claim simply on the basis that a data breach has occurred. In order to claim, you need to show that the breach caused you harm. You can claim for financial harm, emotional harm or both.
When A Company Suffers A Data Breach, What Must It Do?
If an organisation becomes aware that a data breach has occurred, threatening the rights and freedoms of data subjects (individuals to whom the data relates), then this must be reported to the ICO within 72 hours. They should also let you know that a breach has occurred without undue delay.
You might be concerned with the way your data is being used but not have been told that a breach has occurred. If this is the case, you can raise your concerns with the organisation in question. The ICO have a template you can use to do this.
To discuss claiming for a data breach, you can get in touch with one of our advisors today. They can assess the validity of your claim and may be able to connect you with a data breach solicitor from our panel.
What Types Of Paperwork Could Be Stolen Or Lost?
There’s a wide range of personal information that organisations hold on us for a number of different reasons. The amount and kind of data that is held on you may vary depending on the organisation in question.
For example, your employer might need to hold data related to your salary, details of any disciplinary measures or your home address and telephone number. On the other hand, your GP surgery will hold your medical records. If you’re under the care of social services, they may store information on your personal circumstances.
Some of the information that could be exposed in a personal data breach might include:
- Council tax information.
- Your contact information, for example, an email address.
For more information on whether you could make a lost or stolen paperwork data breach claim, why not get in touch with an advisor today? They could assess your claim and connect you with a No Win No Fee solicitor.
How Could Human Error Cause The Loss Or Theft Of Paperwork?
Human error data breaches can happen for a number of reasons. There are two different kinds of human error that could lead to a breach. These are skill-based and decision-based errors.
Skill-based errors are ones where there is a lapse or mistake made when performing tasks and activities that the person is familiar with. For example, they may forget to add an email into the “BCC” section of an email, instead putting it in the “CC” bar and exposing the information.
Decision-based errors are those where an incorrect decision is made. For example, they might not have all of the information to make the right decision. Human error can be reduced by things like awareness training.
Errors In Physical Security
Below are several examples of how errors in physical security could cause a data breach to occur:
- Files containing personal data being left on a desk or reception area instead of locked aware securely
- A file containing personal data is left on public transport in error
- Files containing personal data are disposed of incorrectly. For example, they may need to be shredded but instead are disposed of in the general waste
Call us now to find out how Legal Expert can be of assistance in filing a lost or stolen paperwork data breach claim. You will benefit from free legal advice, and if your case is valid, a specialist personal injury solicitor could offer you representation on a No Win No Fee basis.
What Type Of Information Could Be Exposed In A Data Breach?
The sort of personal information that could be exposed in a breach in data security that could entitle you to make a claim could include:
- Name
- Address
- Date of birth
- Email address
- Telephone numbers
- Passwords
Contact us now to speak with an experienced advisor. They can tell you if you have grounds to sue for harm caused by a data breach.
How To Minimise The Risk Of Data Being Lost Or Stolen
An organisation must put in place security protocols to minimise the risk of data being lost or stolen in a breach. Employees should be trained to handle personal data securely. They should also be trained on what to do if a breach in data security occurs.
If you are the victim of a data breach, you should:
- Change all your passwords and usernames straight away
- Make sure you use a strong password that is at least 8 characters long and contains a mix of upper and lowercase letters, symbols and numbers
- Use different passwords on each website you are linked to
How To Sue For Information Security Breaches
If you experience a data breach, you can begin by complaining to the organisation that lost your personal information. Let them know the losses and distress the breach caused you. Please be aware that the organisation may offer you compensation after your initial contact- if you accept this, you cannot then go on to make a lost or stolen paperwork data breach claim.
Secondly, you have the option to raise your concerns with the ICO. The Information Commissioner’s Office cannot deal with your claim or award you compensation. However, they can investigate the issue and may be able to fine the organisation if they decide in your favour. You should contact the ICO within three months of your last meaningful contact with the organisation; if you wait any longer, they might decline to investigate.
Thirdly, you can start legal proceedings against the organisation concerned. You don’t need to have a solicitor in order to make a claim; however, you might find the process is smoother and simpler with their advice and guidance.
This is where Legal Expert can help you. We can provide you with a solicitor who offers No Win No Fee agreements if your case is valid.
What Damages Could Be Awarded If Your Data Is Stolen?
Your lost or stolen paperwork data breach claim may include material damage and non-material damage. Your monetary loss is material damage, whilst non-material damage is the mental harm a breach caused you. This could include a claim for stress or post-traumatic stress disorder, amongst other things.
Call us now to find out if you have good cause to seek compensation for a data breach that caused you to suffer financial loss, mental anguish, or both.
Calculate Lost Or Stolen Paperwork Data Breach Claims
The table below is sourced from the Judicial College Guidelines. This document publishes suggested compensation brackets for many kinds of harm, making it useful for solicitors who are assessing this part of a claim.
Please note that the top row isn’t from the JCG, and the table is included only for guidance.
| Injury | Further notes | Potential compensation awarded in non-material damages |
|---|---|---|
| Severe Post Traumatic Stress Disorder (PTSD) | Claimant experiences extremely severe symptoms that prevents them from holding down a job or working. Their relationships also suffer and all aspects of their life will be affected. | £56,180 – £94,470 |
| Moderately Severe PTSD | Claimant experiences symptoms that are moderately severe. Similar to above although the prognosis is more positive. With treatment the claimant is expected to recover over time; however, they will be significantly disabled for the forseeable future | £21,739 – £56,180 |
| Moderate PTSD | Claimant is expected to make a good recovery and their ongoing symptoms will not cause gross disability in the future. | £7,680 – £21,730 |
| Less severe PTSD | Claimant is expected to make a full recovery from the mental harm caused by the data breach which is expected within two years | Up to £7,680 |
| Psychiatric damage | The claimant will have a poor prognosis | £51,460 – £108,620 |
| Psychiatric damage | There will be a better prognosis than in more serious cases | £17,900 – £51,460 |
| Psychiatric damage | There will be a good prognosis and marked improvement. | £5,500 – £17,900 |
| Psychiatric damage | The level of award will depend on how long the person was disabled by their symptoms. | Up to £5,500 |
For a more precise discussion of compensation, please call our advisory team now.
No Win No Fee Lost Or Stolen Paperwork Data Breach Claims
Our friendly team of advisors are here to help answer any questions you have about making a No Win No Fee lost or stolen paperwork data breach claim. As part of the free services we offer, they will provide a carefully reviewed eligibility assessment to look at the merits of your claim.
If your case is strong, you could be connected with one of our expert No Win No Fee solicitors to help you claim stolen documents data breach compensation. Our solicitors operate under a Conditional Fee Agreement (CFA), ensuring that there is:
- No requirement to pay any solicitor service fees at the start of your claim
- No charge for solicitor fees throughout the claims process
- No solicitor fees if your claim in the event that your claim is unsuccessful
If your claim wins, you’ll be required to pay a small success fee for your solicitor’s services. This will be taken as a legally capped percentage of your compensation, ensuring you receive the bulk of it.
Under a CFA, you can access the following benefits:
- Consistent claim updates so you always know where your case stands
- Easy to understand explanations of key legal terms
- Advice that strictly adheres to the rules of confidentiality
- Assistance with gathering, reviewing, and assembling evidence
- Help with signing legal documents
- Expert representation at every stage of the claim
To learn more about the benefits of CFAs and working with one of our solicitors, please contact one of our friendly advisors today.
Get In Touch About Your Case
If you’d like to begin a lost or stolen paperwork data breach claim today, call us to find out how Legal Expert can be of assistance. You can reach an experienced, friendly advisor by:
- Calling our freephone number 0800 073 8804
- Using our live chat
- Contact us by filling out our online claims form
Our lines are open 24/7, seven days a week. Call today to benefit from free legal advice and to find out if you have a valid claim. We provide an initial, no-obligation consultation that is free of charge.
Learn More About Data Privacy
Please consider these resources to learn more about data privacy:
- The role of the Information Commissioner’s Office (ICO)
- Nursery data breach claims guide
- Claiming for a pension data breach
Thank you for reading our guide on whether you can make a lost or stolen paperwork data breach claim.
