Human error data breaches remain one of the number one causes when it comes to data protection incidents, and it’s important for victims of these kinds of breaches to know their rights.
The important thing to know is that it doesn’t stop you being able to claim if the cause of a breach stems from an error by a human. The organisation that employs the person can be held liable for a legal case, and in this article, we’ll explain why.
It’s not an acceptable excuse for an organisation to simply try and defend a claim on the basis that the fault lies with a human.
Claiming compensation for human error data breaches
You can be entitled to make a claim for compensation arising from human error data breaches. The organisation that employs the person at the centre of the breach can be vicariously liable for the employee’s actions. This means that it’s the organisation who can be liable to compensate victims whose data has been exposed or misused due to a human error.
Given that data breaches can lead to significant distress for the victims that’s caused by the loss of control of information, or the distress from information misuse, claiming is important. Data breach compensation valuations are based on the extent and severity of the distress that’s caused, as well as taking into account any financial losses as well.
Look beyond the human error
We often try to look beyond the people at the centre of human error data breaches.
Think about these things instead:
- What has the person’s employer done to ensure that there are proper procedures in place to avoid data breaches?
- What training has been put in place, and how thorough is this and how is this followed up?
- What systems are in place to help to prevent incidents before they occur?
We often find that far more could – and should – have been done by the organisation in the case of a human error data breach. Taking one of the most infamous examples of a group action we’re involved in, the 56 Dean Street Clinic leak, it’s clear that this was far more than just a “human error”. Instead of an employee being charged with emailing hundreds of people, why weren’t systems used instead that could have prevented the leak from taking place? How was an email of such a sensitive nature now dealt with far more carefully by the NHS?
Human error data breaches still a number one cause
More recent figures have indicated that human error data breaches remain a number one cause of incidents here in the UK.
Some recent statistics indicated that more than half of the incidents reported to the Information Commissioner’s Office (ICO) in the first half of 2019 were reportedly the result of a human error. Many are down to simple cases of incorrect disclosure and inadvertent disclosure by sending data to the wrong recipient.
Victims of human error data breaches can be entitled to make a claim for compensation from the organisation that employs the person at the centre of the breach.
We can offer No Win, No Fee representation, and we’re happy to offer you our advice on an entirely free and no-obligation basis.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Matthew on August 28, 2019
Posted in the following categories: Claims ICO Security and tagged with compensation | data breach | data controllers | data leak | employee breaches | human error | ico | personal data