We've been featured in:

  • bbc logo
  • daily mail logo
  • itv logo
  • skynews logo

My Employer Shared My Medical Records Without Consent – Compensation Claims Guide

By Stephen Hudson. Last Updated 22nd January 2025. If you’ve suffered harm because of a breach of medical confidentiality in the workplace, you might be able to make a data breach claim.

In this guide, we’ll discuss what a data breach is and how the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR) work together to protect the personal data of UK residents. We’ll also talk about the Information Commissioner’s Office (ICO), which is the UK’s independent data protection watchdog.

Then, we’ll discuss when you could potentially make a claim, and what kind of compensation you could receive if the claim succeeds. Finally, we’ll end our guide by exploring the benefits of working with a No Win No Fee data breach solicitor.

Contact Us

We understand that data protection law can seem complex, and it might be difficult to know where to start. Hopefully, our guide will answer all of your questions, but if it doesn’t, our team can help. Get in touch today by:

A digital rendering of a blue hexagon with the words "data breach" in the middle

If you’d like to learn about the key points from this guide, why not check out our video below:

Select A Section

  1. Can I Claim If My Employer Shared My Medical Records Without Consent?
  2. What Is Health And Medical Data Special Category Data?
  3. What Could I Claim If My Employer Shared My Medical Records Without Consent?
  4. Make A No Win No Fee Claim If Your Employer Shared Medical Records Without Consent

Can I Claim If My Employer Shared My Medical Records Without Consent?

A data breach occurs when the integrity, availability, or confidentiality of your personal data is affected by a security incident. This is any information that can identify you. We’ll discuss personal data further in the following section.

Data controllers and data processors are responsible for handling your personal data, and must do so in line with data protection law. A data controller decides how they want to use your data and why, whereas a processor follows the controller’s instructions in order to process it. 

You might be wondering if you could make a claim for compensation after the disclosure of medical information without your consent in the UK. While you don’t always need to give consent in order for your personal data to be shared, you may be able to claim if you can prove that:

  • A data breach occurred because a data controller or processor didn’t adhere to data protection law
  • The data breach affected your personal data
  • As a result, you experience financial and/or emotional losses

You can contact our advisors for free today to find out more about your eligibility to start a medical data breach claim.

Call Us For FreeCheck For Free If You Can Claim

What Is Health And Medical Special Category Data?

The legislation above protects the personal data of UK residents. This means any information that could identify you, such as your name, your email address, or your phone number. However, this also extends to a type of personal data known as special category data.

Special category data needs extra protection because it is sensitive in nature. Some examples of special category data can include information that reveals anything about your:

  • Health
  • Sexuality or sex life
  • Racial or ethnic origin
  • Religious beliefs
  • Political views
  • Genetic data
  • Biometric data

However, it is important to note that there are separate conditions that data controllers and processors must meet when processing special category data.

Get in touch with our team to help if your employer shared your medical records in some way without consent.

What Could I Claim If My Employer Shared My Medical Records Without Consent?

A personal data breach can cause significant damage to both your mental health and your financial wellbeing. For example, you may suffer from anxiety after a data breach. Or, you may suffer from depression after a breach. If a data security incident causes you suffer from psychological injuries or if it makes your existing mental health problems worse, you may be able to claim for non-material damage.

Because every personal data breach claim is unique, we cannot provide an average amount for personal data breach compensation. However, in terms of non-material damage, solicitors often use a document called the Judicial College Guidelines (JCG) to help them value compensation claims. This is because the JCG showcases guideline settlement amounts, some of which you can find in the table below.

Type of HarmJC Guideline Award Amounts
Severe Instances of Psychiatric Harm + Financial LossesUp to £250,000+
General Psychiatric Harm£66,920 to £141,240
General Psychiatric Harm£23,270 to £66,970
General Psychiatric Harm£7,150 to £23,270
General Psychiatric Harm£1,880 to £7,150
Post-Traumatic Stress Disorder (PTSD)£73,050 to £122,850
PTSD£28,250 to £73,050
PTSD£9,980 to £28,250
PTSD£4,820 to £9,980

You may also be eligible to claim for material damage. This head of compensation aims to recoup the financial losses you suffer as a result of the breach. For example, a breach of your credit card details could lead to identity theft and debt accrued in your name. Or, you may experience a loss of earnings as a result of taking time off work to recover from your psychological injuries.

To learn more about compensation in personal data breach claims, get in touch with our team of advisors today.

How Much Is My Claim Worth?Request A Free Call Back

Make A No Win No Fee Claim If Your Employer Shared Medical Records Without Consent

If you are wondering, ‘Can I claim if my employer shared my medical records without consent?’ this may be possible. However, you may benefit from the help of a data breach solicitor. Our solicitors may help you by:

  • Walking you through the claims process
  • Explaining key legal terms and documents 
  • Helping you obtain evidence
  • Building your case
  • Negotiating settlements on your behalf 

Although you may be worried about the cost of legal representation, our solicitors may help you on a No Win No Fee basis. If you sign a Conditional Fee Agreement (CFA) with our solicitors at the beginning of your claim, you will have no worries about paying for their services. Here are some of the financial benefits of claiming through a CFA:

  • You are not required to pay for the work our solicitors complete on your claim. This includes upfront or ongoing solicitors costs.
  • If your case is successful, a small legally capped percentage of your awarded compensation will be taken by our solicitors for their success fee. 
  • If your case is unsuccessful, you are not required to pay our solicitors for the work they have completed on your claim. 

If you are worried about the fact your employer shared your medical records without consent, speak to our advisors about starting your compensation claim today.

My Employer Shared My Medical Records Without Consent – Learn More About Health Data In The Workplace

For more helpful guides:

In addition to the articles above, you can read more below:

For more information on what to do if your employer shared your medical records without consent, contact our advisors today.

Written by Waters

Edited By Hampton

Meet The Team

  • Patrick Mallon legal expert author

    Patrick Mallon (BA, PgDl) is a Grade A personal injury solicitor and head of our EL/PL department, which handles accidents at work and public liability claims, such as slips, trips and falls. He qualified in 2005 and has over 20 years of experience. Patrick is an expert No Win No Fee lawyer and well-known for his successful case, Billie Mae Smith v McDonalds. You can learn all about Patrick, his qualifications and his experience as a solicitor here. Get in touch today for free to see how Patrick and the team can help you.

    View all posts Personal Injury Solicitor