Doncaster Council Data Breach Compensation Claims Guide – How Much Compensation Can I Claim?
How To Claim If Your Privacy Is Breached By The Local Council
In this guide, we explore what you could do following a potential personal data breach by Doncaster Council.
We regularly share our personal details with a variety of different organisations. We also share it with our council. It is important that this personal data is kept secure and private. For example, you could be vulnerable to being targeted by cybercriminals if it is accessed by those who shouldn’t be able to access it.
A data breach could occur despite the council’s best efforts to secure personal information. For instance, they may provide adequate data security training to an employee who accidentally causes a data breach regardless.
However, a personal data breach could occur due to an organisation or local authority’s failings. For example, they may fail to provide proper data security measures. They could then be liable for compensation claims made by people who suffer psychiatric or financial effects because their personal information was involved in the breach.
This is otherwise known as a data breach compensation claim. To find out whether you could be entitled to make a claim, read through the rest of this guide. If you have evidence of a valid claim, use the following contact information to reach our advisors:
- Call 0800 073 8804.
- Use our online claim form to request a callback.
- Message our advisors instantly using our live chat.
Select A Section
- A Guide On Claiming For A Data Breach By Doncaster Council
- Data Breach Statistics In The Public Sector
- What Are Data Breaches By Doncaster Council?
- Does GDPR Apply To Local Government?
- How Could Your Data Privacy Be Breached By Doncaster Council?
- Breaches Of Tenants’ Personal Information
- How To Report A Personal Data Breach With The ICO
- What To Do After Different Types Of Data Protection Breaches
- How Are Data Breach Claim Amounts Calculated?
- What Is The Average Payout For A Data Breach By Doncaster Council?
- How No Win No Fee Agreements Help You Claim For A Data Breach By Doncaster Council
- Choosing The Right Person To Handle Your Case
- Talk To Us
- Articles Related To This Guide
Because allowing someone’s personal information to be accessed by those who should not be allowed access to it is so potentially dangerous for the data subject, laws exist that outline certain responsibilities. These responsibilities lie on the shoulders of organisations that collect and process people’s data.
There are requirements to ensure that data is held securely, used only for certain purposes, is not accessed by malicious third parties, and is disposed of when no longer needed.
If a situation arises where a data breach occurs because of the council’s failures, you could be entitled to make a data breach compensation claim. You would need to be able to prove that you suffered mental harm or financial loss as a consequence.
A data breach claim is a type of legal action where you seek compensation to cover the effects of a data breach on your personal circumstances.
This guide considers how a council data breach could occur and when you could be entitled to make a data breach compensation claim. It also breaks down how much compensation you could be entitled to and how it could be calculated.
We will also walk you through the process of preparing for and making a claim. In addition, we look at working with a data breach solicitor in order to make your claim.
The official Cyber Security Breaches Survey 2021 found that a quarter of respondent charities (26%) and four in ten respondent businesses (39%) had experienced cyberattacks or data breaches in the 12 months before March 2021. The figures for charities are unchanged from the previous year, but the number of reported attacks on businesses has decreased slightly.
One explanation for this is that the decreased business activity brought on by Covid-19 made businesses less detectible as targets for cybercriminals.
However, other evidence from the survey shows that businesses could be more at risk than the year before. For example, in the year before, 40% of businesses used security monitoring tools. This study showed that the percentage had reduced to 35%.
A personal data breach is caused by a breach of security. This leads to the unlawful loss, disclosure, destruction, access or alteration of personal information.
A data breach could occur as either the result of an accident or as a result of deliberate actions. It could be caused by the actions or the failures of a certain individual or the local authority. For example, a data breach could occur because the council has unreasonably poor data security measures. Or a staff member may have accidentally caused a data breach because there was no personal data security training in place.
A data breach situation could include the following:
- Personal information is deliberately shared with unauthorised parties
- Personal data is unlawfully accessed by unauthorised parties due to inadequate personal data security measures.
- It’s impossible to access personal data due to being lost.
Councils may not be liable for every data breach. It could occur despite their best efforts to protect personal data. However, if their failings do lead to a data breach that causes you to suffer psychological harm or financial loss because your data was involved, you could claim.
- Collecting personal data should be done legally, fairly and with transparency.
- Personal data should be collected for the specified purposes only.
- It should be accurate and updated.
- Storage of personal data must be secure and, where possible, anonymous.
- It should be destroyed once its purposes have been served.
- Only the minimum amount of personal data should be collected.
- The data controller should be able to show proof that they can meet the UK GDPR requirements.
A data controller is a party (such as a council or organisation) that decides why and how they’ll use personal information. A data subject is someone whose personal data is collected or processed.
The local council should abide by the UK GDPR just as any other party acting as a data controller should. However, there are certain situations in which exemptions could be made.
What might not be a data breach by Doncaster Council?
Exceptions to personal data privacy could be made when information is required to be handed over to the police, National Crime Agency, or other authorities carrying out an investigation into possible criminal activities such as fraud.
Data subjects have certain rights over their data. For example, they have a right to access their own personal information. In the aforementioned example of a criminal investigation, there could be an exemption to the right of access if informing the data subject could impede an investigation.
However, if a data controller’s failings cause a personal data breach, it could be due to a failure to adhere to data protection law. If the data breach affected your personal data and caused you psychological harm or financial loss, you could claim.
Because of the multiple different responsibilities held by local government and the many different forms of data stored, there are different kinds of data breaches that could potentially occur. Below is a list of examples of some of the things that could happen in a local council data breach:
- Posting a letter containing personal information to the wrong address, despite knowing the correct address, where an unauthorised recipient accesses it.
- Failing to redact personal information when sending letters to third parties who don’t have a lawful reason to access it.
- Employees or ex-employees of the council accessing peoples’ personal information without a lawful basis.
- Social services disclosing persona information to unauthorised parties with no lawful basis.
- Cyberattacks leading to criminals stealing personal data due to insufficient cyber security measures.
- Neighbour complaints or planning application complaints containing personal data being shared with third parties with no lawful basis.
- Council employee information being unlawfully accessed.
Not all personal data breaches are caused by the council. However, if a data breach occurs because of the council’s failings (such as not providing cybersecurity), they could be liable for the mental and financial damage it causes you if your personal data was affected.
Social housing is a service managed and provided by local councils and housing associations in many areas. When managing social housing, councils can store and process various forms of personal information. This can include things like:
- Passport information and other forms of ID documentation
- Wage slips
- Banking information and information for financial background checks
- Personal addresses
Data breaches involving this personal information could include:
- Staff sending mail containing personal information to the wrong address, despite having the correct address, where an unauthorised recipient unlawfully accesses it.
- An email between the tenant and the council that contains personal data is sent to unauthorised recipients without a lawful reason to do so.
- Failure to redact personal data from information that is published online without a lawful basis.
The body that handles and enforces reports of data breach cases in the UK is the Information Commissioner’s Office (ICO). You have the option of reporting a local council data breach to the ICO. They could investigate the complaint, and if they find that the council is indeed at fault, could take action.
If you wish to raise your concerns to the ICO, the first step is to make sure that you have made a complaint to your local council first. This allows the council the opportunity to respond with a resolution.
If the council fails to satisfy you with their response, you can then take matters to the ICO. If you do, be sure to make contact with the ICO within three months of your last correspondence with the council. The ICO may not pursue cases where an unreasonable amount of time has passed between the breach and the complaint.
Going to the ICO is optional. Once you have made a complaint to the council and have not received a satisfactory response, you could come to us. Speak to one of our advisors about making a claim with a data breach solicitor.
As mentioned in the previous section, you can start by making a complaint to the council about the data breach. The council will hopefully offer you a satisfactory resolution to the issue and you will be able to move past things. However, things may not work out that way.
You have the option to complain to the ICO. But if you’d like to claim compensation, you would need to make a claim. You could contact a data breach lawyer.
If at any point you are unsure about what to do next, or if you want information and guidance on how to make a claim, you could contact our advisors. They can offer you a free, no-obligation discussion about your situation and about your options in regards to making a claim.
Calculating the amount of compensation you could be entitled to can be done by looking at how badly you have been affected by the data breach. In a data breach claim, the types of compensation you could be entitled to are divided into two categories. You could be entitled to claim both at the same time.
Potential Material and Non-Material Damages For A Data Breach By Doncaster Council
A data breach could put you at risk of a number of different crimes. These could include someone using your banking details to steal money from you or making fraudulent purchases. You could be put at risk of harassment or mistreatment due to sensitive personal information being accessed by others. You could also experience nuisance phone calls and emails.
If you are impacted financially by the data breach, you could claim back the equivalent amount of your losses in compensation. This could include both the value of money that has been stolen, as well as other factors, such as the loss of earnings from taking time off work due to stress caused by the data breach. Compensation for financial loss falls under material damages.
The fear of the consequences of a personal data breach and the loss of your privacy could cause you serious emotional distress. The data breach itself could cause you psychological harm.
There is a legal precedent set out in Vidal-Hall and others v Google Inc  for awarding compensation for the psychiatric damage caused by a data protection breach:
- Firstly, the Court of Appeal held that you could claim compensation for psychological harm for the data breach even if you’d not suffered financial loss because of it.
- Secondly, this compensation could be valued as it would be for a personal injury claim.
This compensation falls under non-material damages.
In some circumstances, a data breach could leave you with lasting mental health impacts. You could experience anxiety, stress, and trauma from the anguish and fear caused by the loss of your personal data privacy.
There is no one set figure that can be awarded to successful data breach claimants. Each situation is different and compensation has to be calculated to reflect accurately the extent to which the claimant has suffered.
There are certain guidelines that are used to work out the amount of compensation that the claimant could be entitled to. These are the Judicial College Guidelines (JCG). Legal professionals use these guidelines.
The following compensation table displays the amount of compensation that could be potentially claimed for the psychological effects of a data protection breach. We took the figures from the JCG.
|Severe Psychiatric Damage||£51,460 to £108,620|
|Moderately Severe Psychiatric Damage||£17,900 to £51,460|
|Moderate Psychiatric Damage||£5,500 to £17,900|
|Less Severe Psychiatric Damage||Up to £5,500|
|Severe Post-Traumatic Stress Disorder||£56,180 to £94,470|
|Moderately Severe Post-Traumatic Stress Disorder||£21,730 to £56,180|
|Moderate Post-Traumatic Stress Disorder||£7,680 to £21,730|
|Less Severe Post-Traumatic Stress Disorder||Up to £7,680|
If you can’t see your injuries in the compensation table above, why not contact us? Our advisors give free valuations of claims for psychiatric damage.
One factor that could be an obstacle to making a compensation claim is the cost of funding a solicitor. Legal representation can be beneficial in a compensation claim. But the idea of paying solicitor fees if your claim loses could deter you. Luckily, there’s a solution.
No Win No Fee claims allow you to only pay solicitors fees if your claim loses. If the claim wins, you don’t pay these.
The solicitor’s work is paid for by a “success fee” that is drawn from the compensation awarded to the claimant. It means you would only pay solicitor fees once the compensation comes through.
Other benefits of No Win No Fee agreements include:
- No upfront solicitor fees.
- No ongoing solicitor fees.
- Legal representation.
If a solicitor agrees to work with you on a No Win No Fee basis, it’s likely that they believe the case has a strong chance of winning. Our solicitors offer their services on a No Win No Fee basis. Why not call our advisors today?
We should note that it’s not necessary to use the services of a solicitor to help you claim. However, it can be beneficial.
Finding the right lawyer is important. You may prefer a lawyer who has experience and specialisation in making compensation claims. A good lawyer can be the difference between winning the claim and losing. They can also have an effect on the compensation you are awarded.
At Legal Expert, our solicitors are not only experienced but can work on your claim from anywhere in the country. That means you don’t need to worry about being limited to the solicitors in your area.
To get help with finding the right No Win No Fee data protection solicitor for your claim, contact us using the details provided below.
You can reach our advisors to ask questions by:
- Calling 0800 073 8804
- Sending a query through our online claim page to get a callback at a time best for you.
- Messaging our live chat.
Our advisors are ready to help you 24/7 and they give free legal advice. You’ll also be under no obligation to proceed with our solicitors’ services.
We hope that this guide on what to do after a potential data breach by Doncaster Council helped you. If you’d prefer to research data breaches before getting in touch with us, take a look at the guides below.
Personal Data Breaches: an ICO guide
Make A Complaint: a Government page to help you raise concerns about data breaches.
How much have people been awarded for previous data breaches?
The amount of compensation that people could be entitled to claim can depend on the extent to which they have suffered because of the data breach. To find out more about how much you could be entitled to, call our advisors.
How long do claims take to process?
Many compensation claims are resolved in a matter of months. If the claim is more complicated, or if the party you are claiming against denies any wrongdoing, then it could take longer.
What solicitors fees may you have to pay?
Depending on the outcome of your case, under No Win No Fee terms, you may not be liable for paying any legal fees. In a No Win No Fee claim, you will not be liable for paying legal fees if the claim is unsuccessful.
Thank you for reading our guide that considers what you could do after a data breach by Doncaster Council.
Written by Yates
Edited by Victorine