Disciplinary Information Data Breach – Can I Claim Compensation?
By Cat Way. Last Updated 6th October 2023. This guide will provide advice on whether you can claim compensation if your employer is liable for a disciplinary information data breach. It is normal for employers to collect, process, and store their employees’ personal data for operational purposes, including their disciplinary information. However, under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, organisations must protect their employee’s personal and sensitive data. If an employer breaches your data because they failed to put the required precautions in place to keep it safe then you may be eligible to claim compensation.
So, contact Legal Expert today if your disciplinary information has been exposed in a data breach that has affected you. An advisor will be happy to speak to you about your ordeal. And, if we can see that your employer owes you compensation, we can provide you with an experienced data breach solicitor to handle your claim.
- Call us today on 0800 073 8804
- Or visit our website to make an online claim
Disciplinary information data breach compensation claims guide
Select A Section
- What Is A Disciplinary Information Data Breach?
- How To Report A GDPR Breach Involving Disciplinary Data
- How Could Your Employer Expose Your Disciplinary Information?
- What Disciplinary Information Data Could An Employer Breach?
- Data Breach Compensation Payouts – Examples
- Find Out More About Making Disciplinary Information Data Breach Claims
What Is A Disciplinary Information Data Breach
Personal and special category data are the two forms of information that are protected by the data security laws in this country. Personal data relates to information that can identify you as a person whereas sensitive data is information about you. A personal data breach in the workplace could see your information, through human error, by accident or deliberate action:
- Destroyed, altered or encrypted.
- Lost or stolen
- Disclosed to unauthorised parties
However, in order to be able to claim against your employer for a personal data breach, you must show how they are responsible for the breach.
Is A Disciplinary Record Personal Data?
Disciplinary information is data about disciplinary action against an employee at work. Including information about disciplinary procedures or disciplinary hearings, the employer took out against the employee. Disciplinary information can be highly sensitive because it reveals private information about the employee’s conduct at work.
When personal or special category data are involved in a data breach caused because those responsible for the information failed to protect it accordingly then a data breach claim may be pursued.
How Common Are Breaches Of Data Privacy?
The Cyber Security Breaches Survey 2021 can help us understand how common data breaches or attacks are in the UK. Over 1,400 businesses and almost 500 charities took part in this survey.
- Of those surveyed 39% of businesses and 26% of charities reported having a cyber security breach or attack during 2021.
- Medium-sized businesses were the most likely to suffer a cyber security breach or attack. Indeed, 65% of medium-sized businesses that took part reported a cyber security breach or attacks over this period.
- Moreover, 51% of high-income charities reported a cyber security breach or attack in 2021.
How To Report A GDPR Breach Involving Disciplinary Data
Normally if an organisation suffers a breach that includes personal information of a data subject that will have an impact on their rights they will inform you without undue delay. Moreover, the employer should report this type of data breach to the ICO within 72 hours.
If you suspect that your personal information held by your employer has been breached at work, you should contact your employer to raise your concerns. Subsequently, your employer should provide advice on whether this is the case and what information has been breached. If you believe your employer is not doing enough to rectify the problem, you can escalate the complaint.
But if you are unsatisfied with your employer’s actions, you can complain to the ICO. However, please contact the Information Commissioner’s Office within three months of the last communication with your employer, as the ICO is unlikely to investigate an older complaint.
What’s more, you can contact us about claiming for a disciplinary information data breach. Please call our claims helpline today to speak with an advisor.
How Can I Prove A Disciplinary Information Data Breach?
In order to make a disciplinary information data breach claim, you must be able to provide proof that the breach not only occurred as a result of wrongful conduct but that it affected your personal data and caused you harm. Some examples of evidence that you could collect include:
- A letter of notification from the organisation responsible, stating that the breach occurred and that it affected your personal data.
- Medical records or the results of an independent medical assessment that illustrate how the breach has harmed you emotionally.
- The findings from an ICO investigation of the breach.
- Any correspondence with the organisation responsible regarding the data breach.
- Financial documents that show how the breach has affected your finances, such as payslips, invoices, and bank statements.
One of the benefits of working with a solicitor on your data breach compensation claim is that they can help you gather evidence that is relevant to your case. To find out if you could be eligible to work with one of our solicitors, get in touch with our team of advisors today.
How Could Your Employer Expose Your Disciplinary Information?
Accidents or “human error” often cause data breaches at work. Unfortunately, other data breaches happen because of lack of training, poor cyber security defences, fraudulent activities, cybercriminals and so on and so forth. Let’s look at how a potential disciplinary information data breach could occur:
- An employer could send disciplinary information to the wrong email address.
- An employer can lose your data. For example, a colleague loses documents containing disciplinary information in a public place.
- Or, a disgruntled employee may publicly expose disciplinary information data to get revenge on the company.
- On the other hand, hackers may unlawfully access an employee database and hold the information for ransom.
As we have previously stated to make a data breach claim against your employer, firstly, you need to demonstrate that personal or sensitive data was breached. Secondly, your employer is liable for the breach because they failed to adhere to data protection laws. Lastly, you suffered mental and/or financial losses as a result.
What Disciplinary Information Could Your Employer Breach?
According to the ICO, personal data is data that identifies an individual. Organisations must keep personal data safe to protect their stakeholder’s privacy. Moreover, protecting personal data helps protect the data subject from fraud or identity theft.
Disciplinary information can include:
- The employee’s name, address, DOB,
- National insurance number
- An employee’s disciplinary record
- Information about disciplinary proceedings
- Information about the employee’s performance reviews
- Data regarding suspensions and other disciplinary measures the employer has taken against the employee.
- Moreover, the data breach can expose any medical considerations.
Data Breach Compensation Payouts – Examples
You can use the table as a data breach compensation calculator to estimate how much you can claim in non-material damages. The table includes compensation brackets guidelines for psychological damages.
| Form Of Psychological Injury | Severity | Description Of This Injury | JCG Value |
|---|---|---|---|
| PTSD | Less severe | The person should make a full recovery within 1-2 years. Any remaining symptoms will be minor. | £3,950 to £8,180 |
| PTSD | Moderate | A recovery should largely have been made. Any continuing symptoms are not grossly disabling. | £8,180 to £23,150 |
| PTSD | Moderately severe | Distinct from the most severe cases. With professional help there is a better prognosis for recovery. The effects may still have caused significant disabilities for the foreseeable future. | £23,150 to £59,860 |
| PTSD | Severe | The person will experience permanent effects which have prevented them from being able to work or being able to function at pre-trauma levels. All parts of this person's life may have been affected. | £59,860 to £100,670 |
| Psychiatric Damage - Generally | Less severe | Compensation takes factors such as duration and severity of symptoms into account when calculating damages. | £1,540 to £5,860 |
| Psychiatric Damage - Generally | Moderate | There may have been significant problems with the factors outlined. By the time of a trial a marked improvement has happened. The prognosis is good. | £5,860 to £19,070 |
| Psychiatric Damage - Generally | Moderately severe | There are significant problems that will affect the person's life in general. However the person may make some recovery. | £19,070 to £54,830 |
| Psychiatric Damage - Generally | Severe | Psychiatric damage will affect all parts of this person's life. It will impact the person's ability to work or continue with education. May also impact the person's relationships and social life. There is a poor prognosis. | £54,830 to £115,730 |
We used guidelines from the Judicial College to create the table. Data breach solicitors also use Judicial College guidelines to help them value data breach claims. However, if your claim is successful, your compensation may be lower or higher than the table’s contents. Please call our helpline, and we can offer you further advice.
There are two types of data breach compensation you can receive:
- Firstly material damages compensate claimants for financial losses. For example, if fraudsters used your personal data to target you, you may be able to claim back any money you lost.
- Secondly, non-material damages compensate people for any emotional distress or psychological injuries that the data breach caused.
Find Out More About Making Disciplinary Information Data Breach Claims
To find out if you can make a disciplinary information data breach claim, please contact Legal Expert today. And if we can see that you have legitimate grounds to claim compensation, we will appoint a skilled data breach lawyer to work on your claim.
You can make a No Win No Fee claim. You will only pay a success fee if your data breach claim is successful. So, you are taking less of a gamble with your finances.
You would need to sign a Conditional Fee Agreement. This agreement includes all the terms and conditions of a No Win No Fee service. There are no upfront fees to pay for the solicitor to start working on your case. If for whatever reason the case fails then you do not have to pay for the service the No Win No Fee solicitor has provided. Only when the case succeeds will you pay a success fee.
Please contact us today to inquire about making a No Win No Fee claim for a workplace data breach. You can use the details below to reach out to us.
- Use the Live Support widget to chat with an advisor.
- Call our advice line on 0800 073 8804.
- Or fill out our online claims form.
Where To Read More About Data Breaches
Please read these online guides if you want to know more about claiming compensation for a data breach.
- GP Data Breach Compensation Claims Guide
- My Data Has Been Breached; what Can I Do?
- Lost Or Stolen Paperwork Data Breach Claim
- An ICO guide to personal data breaches
- An ICO guide to avoiding identity theft
- Your data protection rights
We appreciate you reading our guide to whether you can claim for a disciplinary information data breach.
