This guide will explore the average compensation for a data breach. There are several factors that can be considered when valuing how much you could be entitled to following a successful claim. We will explore examples of data breach compensation amounts further in our guide.
What is the average compensation for a data breach?
Additionally, we will discuss when you could be eligible to start a claim if your personal information has been affected following a breach of data protection.
Certain entities have a responsibility to protect your personal data under legislation. This guide will provide further guidance on their roles and the ways in which a data breach could occur if they fail to adhere to data protection law.
Furthermore, we look at the evidence you can gather to support your claim and how a solicitor could help you through the data breach claims process.
For more information, you can get in touch with an advisor from our team. They can answer any questions you might have regarding your potential claim. To reach them, you can:
- Call 0333 241 2521
- Fill out our ‘make a claim’ online form
- Use the live chat option below.
Choose A Section
- What Is The Average Compensation For A Data Breach?
- When Are You Eligible To Make A Data Breach Claim?
- What Could Cause A Data Breach?
- Evidence You Could Use In A Data Breach Claim
- Claim With Data Breach Solicitors On A No Win No Fee Basis
- Learn More About The Average Compensation For A Data Breach
What Is The Average Compensation For A Data Breach?
You might be wondering what the average compensation for a data breach is. However, there are several factors that can be considered when valuing your potential settlement. As such, it can be difficult to provide a definitive figure.
Generally, though, each settlement awarded following a successful claim could comprise compensation for non-material damage and material damage.
The former relates to the psychological or emotional harm you have experienced due to a personal data breach. This can include stress, anxiety and distress.
When valuing this aspect of your claim, solicitors can refer to the Judicial College Guidelines. This contains guideline compensation brackets that relate to different types of mental harm. We have used these in the table below. However, you should only use them as a guide.
| Type of Harm | Severity and Guideline Award Bracket | Notes |
|---|---|---|
| General Psychiatric Harm | (a) Severe – £54,830 to £115,730 | A poor prognosis with significant problems present in several areas of life including work, education and personal relationships. |
| General Psychiatric Harm | (b) Moderately Severe – £19,070 to £54,830 | Similar significant problems to the bracket above but a better prognosis. |
| General Psychiatric Harm | (c) Moderate – £5,860 to £19,070 | Significant improvement across different areas of the person’s life and a good prognosis. |
| General Psychiatric Harm | (d) Less Severe – £1,540 to £5,860 | The duration and extent of the harm sustained will be considered when valuing the award. |
| Post-Traumatic Stress Disorder (PTSD) | (a) Severe – £59,860 to £100,670 | All areas of the person’s life will be impacted negatively and permanently. |
| PTSD | (b) Moderately Severe – £23,150 to £59,860 | The prognosis is better than the above case due to receiving professional help. However, the effects of the trauma are still likely to cause a significant disability for the foreseeable future. |
| PTSD | (c) Moderate – £8,180 to £23,150 | Any ongoing issues won’t be majorly disabling and the person will have largely recovered. |
| PTSD | (d) Less Severe – £3,950 to £8,180 | Almost a full recovery seen within a two year period and only minor issues lasting beyond this. |
What Else Could Make Up Your Compensation Data Breach Amount?
Material damage relates to the financial loss you have experienced due to the personal data breach. For example:
- Funds stolen from your bank account
- A negative impact on your credit score due to loans being taken out in your name
- Fraudulent purchases on your debit or credit card
Receipts, pay slips, invoices and other financial documentation can help prove any losses.
For more information on the compensation you could be awarded following a successful claim, get in touch on the number above. Alternatively, continue reading to learn when you could be eligible to start a claim.
When Are You Eligible To Make A Data Breach Claim?
A data controller sets the purpose for processing your personal data. A data processor acts on the instruction of the data controller by processing on their behalf.
Both have a responsibility to protect your personal data according to the Data Protection Act 2018 (DPA) and UK General Data Protection Regulation (UK GDPR).
Personal data is information that can be used to identify you as a living person, such as your name, email address, postal address and phone number. A breach of this information can be defined as a security incident leading to the confidentiality, integrity and availability of your personal data being affected.
In order to be eligible to make a personal data breach claim, you must demonstrate that:
- A data controller or data processor failed to adhere to data protection law
- Your personal data was breached as a result of their failings
- You experienced financial loss or psychological harm as a result.
Is There A Time Limit When Seeking Data Breach Compensation?
There is a 6 year time frame in which to start a data breach claim. This can reduce to 1 year in cases against public bodies.
For more information on when you could be eligible to seek data breach compensation, get in touch using the number above.
What Could Cause A Data Breach?
There are several ways a data breach could occur. There are different types, including cyber and non-cyber.
A cyber security incident leading to a breach of your personal data could include a website data breach. For example, an organisation who has failed to implement online security measures making them more susceptible to a ransomware attack.
Examples of a non-cyber security incident resulting from human error can include:
- If a letter containing information about a medical condition is posted to the wrong postal address, despite the organisation having the correct details.
- An email containing personal information relating to your finances being forwarded to the wrong email address.
- A mass email is sent to multiple recipients but the blind carbon copy (BCC) function hasn’t been used making everyone’s email addresses accessible.
If you have experienced financial loss or emotional harm as a result a personal data breach, get in touch with an advisor to discuss the steps you could take.
Evidence You Could Use In A Data Breach Claim
Evidence can help strengthen your personal data breach claim. To gather sufficient evidence, you can:
- Collect all correspondence between you and the organisation about the data breach, including what data was affected and how it occurred.
- Have any psychological injuries assessed by a professional and request a copy of any reports.
- Keep any receipts or bills that show any financial expenses.
If you have contacted the organisation directly about the breach and they have not provided a response or their response was inadequate, you could make a complaint to the Information Commissioners Office (ICO).
The ICO is an independent body protects the data rights of the public. Whilst the ICO cannot award compensation, they can investigate a breach. You can use their findings to support your claim.
If you’re unsure on the steps you could take following a breach of your personal data, get in touch with an advisor via the number above.
Claim With Data Breach Solicitors On A No Win No Fee Basis
There is no legal requirement to work with a solicitor when making a data breach claim, but their expertise could help you. Our panel of solicitors can help you:
- Collect supporting evidence
- Provide regular updates on the progress of your case
- Value your compensation
Additionally, they can offer their services under a No Win No Fee contract. They offer a version of this called a Conditional Fee Agreement (CFA) which provide a way for you to access their services without paying upfront, during the course of the claim or if the claim fails.
Successful claims mean that a percentage is taken from the compensation payout as a success fee. This is legally capped to ensure you keep the majority of your compensation.
Call our team to find out whether you could work with one of our panel solicitors on this basis. An advisor can also discuss when you could be eligible to claim and the compensation you could be awarded if you succeed. To reach them, you can:
- Call 0333 241 2521
- Fill out our ‘make a claim’ online form
- Use the live chat option below.
Learn More About The Average Compensation For A Data Breach
Additionally, we have provided additional external resources:
- ICO – Data security incident trends
- GOV – Tips for staying safe online
- National Cyber Security Centre – Guidance on data breaches
You could get more information by reading our other guides:
If you have any other questions about the average compensation for a data breach, please get in touch with an advisor using the details provided above.
