This guide will explore when you could be eligible to claim following a charity data breach. We will discuss the eligibility requirements that must be met, the steps you can take to support your claim and the data breach compensation you could be awarded if your claim succeeds.
Charity data breach claims guide
Entities known as data controllers and data processors must adhere to the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR). These pieces of data protection law set out the responsibilities they have to protect your personal data. Each has a different role with controllers deciding on the purpose for processing and processors acting on the controllers instruction. In this guide, we will look at how a failure to adhere to these pieces of legislation could lead to a breach of your personal data.
Additionally, we will discuss the ways in which a No Win No Fee solicitor could help you throughout the claims process.
Please continue reading to learn more. Alternatively, you can get in touch with an advisor from our team. They can offer a free assessment of eligibility and possibly connect you with a data breach solicitor. To reach them, you can:
- Call on 0333 241 2521
- Make a claim online
- Access advice through the live support option
Choose A Section
- When Are You Eligible To Claim For A Charity Data Breach?
- How Could A Charity Data Breach Occur?
- What Compensation Could You Receive From A Charity Data Breach?
- What Evidence Will You Need To Claim For A Data Breach?
- Our Data Breach Solicitors Could Work Your Case On A No Win No Fee Basis
- Learn More About Making A Data Breach Compensation Claim
When Are You Eligible To Claim For A Charity Data Breach?
Personal data is information that can be used to identify you. This can include your name, email address, debit or credit card details and phone number. There is also another type of personal data that requires extra protection, known as special category data. This can include data relating to your health, including information about a medical condition. It can also include data relating to your trade union membership. A personal data breach is a security incident in which the confidentiality, integrity and availability of your personal data becomes affected.
Data protection laws including the DPA and UK GDPR outline the responsibilities a data controller and processor have to prevent the breach of your personal data.
In order to seek compensation following a charity data breach, you must prove the following:
- A data controller or data processor did not adhere to data protection law
- Their wrongful conduct resulted in a breach of your personal data
- You experienced emotional harm or financial loss as a result.
Is There A Time Limit When Claiming Data Breach Compensation?
There is a 6-year time limit for starting a data breach claim normally. This is reduced to 1-year for claims made against a public body.
For more information on the time limits and when you could be eligible to seek compensation following a charity data breach, get in touch on the number above.
How Could A Charity Data Breach Occur?
There are several ways in which a charity data breach could occur. For example, the organisation might fail to ensure they have adequate cyber security measures in place making them more susceptible to an online security incident such as a ransomware attack.
Alternatively, a security incident could occur through human error. For example:
- A device containing personal data could be stolen due to a lack of physical security measures.
- Personal data can be involved in an email data breach due to being sent to incorrect recipient or address.
If you have had your personal data compromised in a breach, you could be impacted in several ways. For example, you could experience psychological harm in the form of stress, anxiety and distress due to a data breach. In addition, you could experience financial loss if your bank details are stolen leading to money being taken from your account and loans being taken out in your name.
The compensation you could potentially receive can address the way in which you have been affected. Learn more about how your settlement could be calculated in the section below.
What Compensation Could You Receive From A Charity Data Breach?
You could be awarded compensation for two types of damage, these are:
- Non-material damage which refers to the emotional injuries you have sustained because of the personal data breach.
- Material damage which refers to the monetary harm you have experienced as a result of the personal data breach. Evidence of these losses could help when claiming them back, including bank statements and credit score statements.
A data breach solicitor can use the Judicial College Guidelines to help them when valuing how much your psychological injuries are worth. This document contains guideline compensation amounts. We have included these in the table below.
Please only use them as a guide, however, as each settlement is unique.
| Harm | Severity | Guideline Award Amount | Description |
|---|---|---|---|
| General Psychiatric Injury | (a) Severe | £54,830 to £115,730 | A very poor prognosis with several areas of the person’s life affected such as their work, education and relationships. |
| General Psychiatric Injury | (b) Moderately Severe | £19,070 to £54,830 | Significant affect on several areas of the person’s life but with a better prognosis. |
| General Psychiatric Injury | (c) Moderate | £5,860 to £19,070 | Significant improvement with a good prognosis. |
| General Psychiatric Injury | (d) Less Severe | £1,540 to £5,860 | How long the person is affected and to what extent is considered. |
| PTSD | (a) Severe | £59,860 to £100,670 | The person will experience a negative and permanent effect on all aspects of their life. |
| PTSD | (b) Moderately Severe | £23,150 to £59,860 | A better prognosis due to the person receiving professional help but they will still experience a significant disability in the future. |
| PTSD | (c) Moderate | £8,180 to £23,150 | Significant recovery with any ongoing effects not being majorly disabling. |
| PTSD | (d) Less Severe | £3,950 to £8,180 | Virtually a full recovery within a two year period and only minor symptoms persisting beyond this period. |
What Evidence Will You Need To Claim For A Data Breach?
Gathering as much evidence as possible can help to support your claim. You can do this by:
- Raising your concern with the organisation. You can do this via email or letter to find out more about the data breach, including what information was affected and how it happened. The correspondence you have with them can be used as evidence to support your claim.
- Seek a medical assessment of your psychiatric injuries. In doing so, you can request a copy of the medical report.
- Retain all bills, invoices and bank statements that show financial expenses.
Additionally, if you have not received any response from the organisation or they have not responded adequately, you could report your concern to the Information Commissioner’s Office (ICO).
The ICO are responsible for upholding the rights and freedoms of a data subject. Whilst they cannot award compensation, they can investigate your concern. Additionally, the findings from their investigation could be used to support your claim.
Call our team to find out more about the steps you could take following a charity data breach.
Our Data Breach Solicitors Could Work Your Case On A No Win No Fee Basis
The solicitors from our panel can offer you a Conditional Fee Agreement (CFA). This is a type of No Win No Fee contract.
Typically, a CFA allows you to access their services without paying for them upfront or during the course of your claim. You also won’t usually need to pay for the work they have completed on your claim if it does not win. However, a success fee is deducted from your compensation if your claim succeeds. This is a percentage with a legal cap.
If you have any further questions about starting a charity data breach claim or would like to discuss working with a solicitor from our panel, you can get in touch with an advisor using the details provided below.
- Call on 0333 241 2521
- Make a claim online
- Access advice through the live support option
Additionally, you can find helpful external resources:
- ICO – Be Data Aware
- GOV – Make A Data Protection Complaint
- National Cyber Security Centre – Guidance For Individuals And Families
Learn About Different Types of Data Breaches and How to Claim Compensation
We hope this guide on when you could be eligible to start a charity data breach claim has helped. However, if you have any other questions, you can get in touch using the details provided above.
Writer Jeff Wallowing
Editor Meg Morgan
