Employer Shared My Medical Records Without Consent – Data Breach Claims Experts

100% No Win, No Fee Claims
Nothing to pay if you lose.

  • Free legal advice from a friendly solicitor.
  • Specialist solicitors with up to 30 years experience
  • Find out if you can claim compensation Call 0800 073 8804

Start My Claim Online

My Employer Shared My Medical Records Without Consent – Compensation Claims Guide

By Stephen Hudson. Last Updated 17th November 2023. If your employer shared your medical records without your consent, and this caused you harm, you may be wondering if you can claim. In this article, we will explain who can make a personal data breach claim and how data protection legislation works in the UK.

Employer shared my medical records without consent data breach compensation claims guide

My employer shared my medical records without consent claims guide

Under two pieces of legislation called the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR), any organisation that handles the personal data of UK residents must follow certain steps. These laws are enforced by the Information Commissioners Office (ICO), an independent data protection watchdog based in the UK.

Our advisors can tell you if you have a valid personal data breach claim when you get in touch today. They can also provide a free consultation of your claim. If our advisors can identify that you are eligible for compensation, they may put you in contact with one of our expert solicitors. To learn more, get in touch by:

Select A Section

  1. Can I Claim If My Employer Shared My Medical Records Without Consent?
  2. What Is Health And Medical Data Special Category Data?
  3. What Could I Claim If My Employer Shared My Medical Records Without Consent?
  4. Make A No Win No Fee Claim If Your Employer Shared Medical Records Without Consent

Can I Claim If My Employer Shared My Medical Records Without Consent?

Under Article 4 of the UK GDPR, a data breach is defined as a breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data. This is any information that can identify you. We’ll discuss personal data further in the following section.

Data controllers and data processors are responsible for handling your personal data, and must do so in line with data protection law. A data controller decides how they want to use your data and why, whereas a processor follows the controller’s instructions in order to process it. 

You might be wondering if you could make a claim for compensation after the disclosure of medical information without your consent in the UK. While you don’t always need to give consent in order for your personal data to be shared, you may be able to claim if you can prove that:

  • A data breach occurred because a data controller or processor didn’t adhere to data protection law
  • The data breach affected your personal data
  • As a result, you experience financial and/or emotional losses

You can contact our advisors for free today to find out more about your eligibility to start a medical data breach claim.

What Is Health And Medical Special Category Data?

The legislation above protects the personal data of UK residents. This means any information that could identify you, such as your name, your email address, or your phone number. However, this also extends to a type of personal data known as special category data.

Special category data needs extra protection because it is sensitive in nature. Some examples of special category data can include information that reveals anything about your:

  • Health
  • Sexuality or sex life
  • Racial or ethnic origin
  • Religious beliefs
  • Political views
  • Genetic data
  • Biometric data

However, it is important to note that there are separate conditions that data controllers and processors must meet when processing special category data.

Get in touch with our team to help if your employer shared your medical records in some way without consent.

What Could I Claim If My Employer Shared My Medical Records Without Consent?

A personal data breach can cause significant damage to both your mental health and your financial wellbeing. For example, you may suffer from anxiety after a data breach. Or, you may suffer from depression after a breach. If a data security incident causes you suffer from psychological injuries or if it makes your existing mental health problems worse, you may be able to claim for non-material damage.

Because every personal data breach claim is unique, we cannot provide an average amount for personal data breach compensation. However, in terms of non-material damage, solicitors often use a document called the Judicial College Guidelines (JCG) to help them value compensation claims. This is because the JCG showcases guideline settlement amounts, some of which you can find in the table below.

Type of HarmDescriptionJC Guideline Award Amounts
General Psychiatric HarmA very poor prognosis shows a negative impact in all areas of the individual's life.(a) Severe - £54,830 to £115,730
General Psychiatric HarmStill reflective of a long-standing disability but a better prognosis than the bracket above.(b) Moderately Severe - £19,070 to £54,830
General Psychiatric HarmAn improvement is seen by the time that the case may need to be heard in court.(c) Moderate - £5,860 to £19,070
General Psychiatric HarmA consideration here is given to the length of time affected by symptoms and how the symptoms affect activities such as sleep.(d) Less Severe - £1,540 to £5,860
Post-Traumatic Stress Disorder (PTSD)An acute and profound impact on daily life, leaving no ability to function at the pre-trauma level.(a) Severe - £59,860 to £100,670
PTSDA better prognosis than above due to a chance of recovery with professional treatment.(b) Moderately Severe - £23,150 to £59,860
PTSDA large recovery though some non-disabling symptoms continue.(c) Moderate - £8,180 to £23,150
PTSDThis award bracket is reflective of a full recovery within 1 - 2 years, with minor issues persisting beyond this point.(d) Less Severe - £3,950 to £8,180

You may also be eligible to claim for material damage. This head of compensation aims to recoup the financial losses you suffer as a result of the breach. For example, a breach of your credit card details could lead to identity theft and debt accrued in your name. Or, you may experience a loss of earnings as a result of taking time off work to recover from your psychological injuries.

To learn more about compensation in personal data breach claims, get in touch with our team of advisors today.

Make A No Win No Fee Claim If Your Employer Shared Medical Records Without Consent

If your employer shared your medical records without consent, you might be interested in hiring legal representation to assist in your claim. Our No Win No Fee data breach solicitors could help you through a Conditional Fee Agreement (CFA).

Generally, a solicitor that you hire under a CFA won’t require any ongoing fees or upfront costs to start working on your claim. The only fee they will take comes if your claim is a success. This success fee is taken as a percentage of your compensation, though this percentage has a legal cap. But, if your claim does not succeed, you do not pay this fee.

My Employer Shared My Medical Records Without Consent – Learn More About Health Data In The Workplace

For more helpful guides:

In addition to the articles above, you can read more below:

For more information on what to do if your employer shared your medical records without consent, contact our advisors today.

Written by Waters

Edited By Hampton

    Contact Us

    Fill in your details below for a free callback

    Meet The Team

    • Patrick Mallon

      Patrick is a Grade A solicitor having qualified in 2005. He's an an expert in accident at work and public liability claims and is currently our head of the EL/PL department. Get in touch today for free to see how we can help you.