Legal help for data breach compensation claims

Who is liable for a data breach?

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

If your information has been exposed or misused, one of the first things you may want to know is who is liable for a data breach given that you may be owed compensation.

Ultimately, anyone can be liable for a data breach if it’s their responsibility to look after and properly use your information and they’ve failed to do so. But a more important question may be whether those at the centre of a data  breach are liable to compensate you.

As expert Data Leak Lawyers with a long history of being at the forefront of data breach cases and group actions, we’re very well placed to answer these questions.

Who can be liable for a data breach?

An organisation or a person who misuses or exposes personal information can be liable for a data breach. If it’s an individual and they work for an organisation, their employer organisation can be vicariously liable for their negligence. This is important as it means you can then direct the claim to the organisation who ought to have the funds to settle a compensation claim.

Some simple examples can include:

  • The NHS if the data breach is caused by a hospital employee;
  • Your local council if a local authority service is responsible for a breach;
  • Your employer if they’re responsible for misusing or exposing your data.

Could I be eligible for data breach compensation?

Whether an organisation is liable for a data breach compensation claim depends on whether there has been any negligence and therefore a breach of the law, and the impact on you.

Some examples where you may be able to claim can include:

  • A medical records data breach compensation claim caused by the leak or unauthorised disclosure of your records;
  • An email that has been sent to many people where the recipients are visible (i.e. the “BCC” function hasn’t been used, or a proper ailing platform hasn’t been used). If the nature of the email is about private and sensitive matters, this could cause serious distress to victims. The 56 Dean Street Clinic leak is a good example of this;
  • Your data being accidentally posted to the wrong recipient, or emailed to the wrong recipient.

Ultimately, if it’s information private information that you haver lost control of in terms of who knows it, you could be eligible to make a claim.

How much can I claim?

Data breach compensation amounts are typically based on:

  • The nature of the information that has been exposed or misused;
  • The volume of the information that has been exposed or misused;
  • Who the information has been exposed to;
  • The level of personal distress you have suffered;
  • The amount of financial loss incurred.

You don’t have to have suffered a financial loss to be able to make a claim, as many cases are based on the impact of the distress caused.

For a free and no-obligation claims assessment, make sure to speak to our team today about our No Win, No Fee representation options.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Matthew on August 12, 2019
Posted in the following categories: Claims Data Security and tagged with | | |


British Airways compensation claim advice
Rising cybercrime costs: what about the victims?