This guide will discuss aspects of claiming data breach distress compensation after experiencing a personal data breach. We will explain what types of harm you could be compensated for and how these amounts are calculated.

Data breach distress compensation claims guide
In addition, we will explain some of the criteria that your case should meet in order to form a valid personal data breach compensation claim. Alongside this, we will discuss the legislation that regulates this particular area and what kind of data is considered personal information.
Keep reading to learn more about how you may be able to claim for distress following a personal data breach. Or, if you have more questions surrounding this topic, get in touch with our advisers to discuss your personal circumstances. You can reach us 24/7 by:
- Calling 0800 408 7827
- Filling in our online ‘Contact Us’ form
- Speaking to an advisor through the live chat widget
Choose A Section
- Claiming Data Breach Distress Compensation – A Guide
- Examples Of When You Could Receive Data Breach Distress Compensation
- What Evidence Can You Use In Data Breach Claims?
- How Much Data Breach Compensation Could You Receive?
- Why Use Our Panel Of No Win No Fee Data Breach Solicitors?
- Find Out More About Data Breach Distress Compensation Claims
Claiming Data Breach Distress Compensation – A Guide
Certain measures have been put in place that allow you to claim compensation following a personal data breach. The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA) outline the responsibilities certain entities have when processing personal data. Under this legislation, if the integrity, availability, or confidentiality of your personal data is affected in a security incident, this is a personal data breach.
Additionally, the Information Commissioner’s Office (ICO) is an independent body established in order to uphold information rights. They enforce this legislation and can inspect and fine data controllers and data processors that do not fulfill their legal responsibilities.
The organisation responsible for making all the decisions about using your data is known as the data controller. Then, by adhering to the controller’s instructions, your data is processed by the data processor.
It should be noted that not all forms of information are considered personal data. For it to be considered in this way, it must be able to identify you as a living person. This could include your postal address, phone number, or personal email address.
Later in this guide, we will provide information about the evidence you could gather if you suspect a data breach has compromised your information and the compensation that could be awarded for certain types of harm. To find out if you could be eligible to claim, get in touch with our team of advisors.
Examples Of When You Could Receive Data Breach Distress Compensation
In order to form the basis of an eligible claim, the UK GDPR states that you should be able to show that:
- The breach occurred due to the data controller or data processor and their wrongful conduct
- It compromised your personal data
- This lead to you suffering financial or emotional harm
With this in mind, some examples of potential data breach claims could include:
- An accountant mistakenly sends your tax information to the wrong postal address
- Your employer accidentally forwards your disciplinary records to several other employees who do not have authorisation to access that information
- An employee could fail to redact the names of a child’s adoptive parents while corresponding with the birth parents, constituting a social services data breach
- A payroll data breach could reveal your trade union membership payments, allowing your employer to discriminate against you
Any of the breaches mentioned above could have serious negative consequences for your mental health. If you would like to learn more about claiming compensation, get in touch with our team today.
What Evidence Can You Use In Data Breach Claims?
To support your compensation claim, it could be beneficial to gather evidence, either alone or with the help of a data breach solicitor. Evidence can help strengthen your claim, and can help you identify who is liable for the breach, and how it has affected you. Some examples of evidence that you could gather include:
- Correspondence with the organisation responsible for the breach, such as a letter of notification, or an email explaining how the breach occurred.
- Medical records that illustrate the effect that the breach has had on your mental health. A solicitor could help you arrange an independent medical exam, the results of which could help strengthen your claim.
- Bank statements, credit score reports, or credit card bills that document how the breach has affected you financially can also be used to help strengthen your claim.
This kind of information will form evidence that shows a personal data breach occurred, that a data controller or processor did not uphold their legal responsibilities, and that you sustained harm as a result.
Is There A Time Limit To Making A Data Breach Claim?
It’s important to know that certain time limits exist when claiming data breach distress compensation. Typically, you must start your claim within 6 years. However, this limit is reduced to 1 year if your claim is against a public body.
Speak to our advisers to learn more about the evidence that may help your claim. Our team can offer legal insight about the merits of your potential claim and offer advice about the data breach time limit.
How Much Data Breach Compensation Could You Receive?
There are two types of harm you could be compensated for following a breach of your personal data. These are called non-material damage and material damage.
Non-material damage is one of the consequences of a data breach. This type of harm involves the psychological impacts of the breach, such as suffering from anxiety, depression, or psychological distress.
To assess these areas of harm, data breach solicitors often consult a document called the Judicial College Guidelines (JCG). This document contains a series of guideline compensation brackets relating to a number of illnesses and injuries. The table below contains some of these figures, though they should only be considered estimates. Your actual award will vary depending on your personal circumstances.
Non-Material Harm | Judicial College Guidelines Brackets | More Information |
---|---|---|
Severe Psychological Harm | £54,830 - £115,730 | Very poor prognosis and distinct problems with respect to various aspects of life, including work and relationships. |
Moderately Severe Psychological Harm | £19,070 - £54,830 | More optimistic prognosis, though symptoms are similar to the bracket above. |
Moderate Psychological Harm | £5,860 - £19,070 | Good prognosis and marked overall improvement by the time the trial occurs. |
Less Severe Psychological Harm | £1,540 - £5,860 | Award considers the extent to which sleep and other activities are affected. |
Severe Anxiety Disorder | £59,860 - £100,670 | Permanent effects that prevent the injured individual from operating at anything near pre-trauma levels. |
Moderately Severe Anxiety Disorder | £23,150 - £59,860 | Some recovery can be achieved here with professional help. |
Moderate Anxiety Disorder | £8,180 - £23,150 | Symptoms are non-disabling. |
Less Severe Anxiety Disorder | £3,950 - £8,180 | Virtual full recovery is made within a period of 2 years. Minor effects that may persist beyond this point. |
Can You Claim For Material Damage?
You could receive a payment for a second type of harm, known as material damage. This involves compensation for the financial loss you sustained due to the personal data breach. For example, you may receive compensation for money stolen from your bank account, or for damage that has been done to your credit score.
For more information on claiming data breach distress compensation, get in touch with our team of advisors.
Why Use Our Panel Of No Win No Fee Data Breach Solicitors?
Our panel of No Win No Fee data breach solicitors may offer you a kind of No Win No Fee agreement called a Conditional Fee Agreement (CFA). By hiring a solicitor under the terms of this agreement, you typically do not have to pay upfront fees or make ongoing payments to them during your claim. Moreover, you generally don’t have to pay for your solicitor’s services if your claim fails.
Instead, a No Win No Fee solicitor will take a success fee at the end of the process, and only if your claim is successful. This fee is subject to a legal cap, to help ensure that you receive the majority of your compensation.
Want To Know If You Could Receive A Data Breach Payout? Contact Us For Free 24/7
If you want to know more about claiming compensation, our advisors are available to help. They can answer any questions you may have about eligibility or the compensation you could receive for the harm you experienced. This consultation is free and can take place at any time that is most convenient to you, so contact us by:
- Calling 0800 408 7827
- Filling in our online ‘Contact Us’ form
- Speaking to an advisor through the live chat widget
Find Out More About Data Breach Distress Compensation Claims
Related articles that you may find useful:
- Police Data Breach Compensation Claims
- Payouts For Mortgage Broker Data Breach Claims
- Payouts For Debt And Arrears Data Breach Claims
Resources from third parties about similar subjects:
For more advice on claiming data breach distress compensation, get in touch with our team.
Writer Morgan Feather
Editor Cat Hunt