We've been featured in:

A Guide To Human Error Data Breach Claims

By Danielle Jordan. Last Updated 24th June 2024. A human error data breach is one of the most common forms of privacy violations. Simple errors like sending an email to the wrong person could create myriad problems, from identity theft to the disclosure of sensitive information. In this guide, we’ll discuss what human error is in data loss. We’ll also explain how and when you may be able to make human error data breach claims.

To speak to our advisers about human error data breach claims, you can call us on 0800 073 8804.

Or you can contact us online using our claim form or our live chat service. If you’d like to read about human error data breach examples before contacting us, please continue reading.

A button that reads 'data breaches and reporting' being pushed

Select A Section

  1. What Is A Human Error Data Breach?
  2. Can I Claim For A Human Error Data Breach?
  3. Human Error Data Breach Examples
  4. How Do You Prevent Human Error Data Breaches?
  5. What Kind Of Damage Can A Data Breach Cause?
  6. Compensation Payouts In Human Error Data Breach Claims
  7. No Win No Fee Human Error Data Breach Claims
  8. Get In Touch With Our Data Breach Solicitors

What Is A Human Error Data Breach?

Human error data breach claims might be possible when a mistake leads to personal data being accessed, lost, destroyed, disclosed or changed by an unauthorised party. If the data breach causes a data subject to lose money or suffer from psychological injuries, then a claim for damages might be successful.

The types of psychological suffering that could be covered by a data breach compensation claim include stress, embarrassment, anxiety or depression.

Similarly, the claim might be possible if hackers managed to access a database of personal data because IT staff forgot to update the security firewall.

Deciding whether you have the grounds to file a claim is something we can help with. Therefore, why not call today to have your case reviewed for free?

Can I Claim For A Human Error Data Breach?

To claim for a data breach due to human error, your case needs to meet the following criteria:

  • The breach was caused by wrongful conduct.
  • The breach affected your personal data.
  • You suffered mentally or financially as a result.

Wrongful conduct occurs when companies and organisations fail to comply with the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR).

An example of wrongful conduct in terms of human error could be if your personal data was sent to the wrong address because an employee at a doctor’s surgery wrote the wrong address on the envelope despite having your correct address on file. 

Another example could be your manager sending a fax containing your personal data to a coworker by putting in the wrong fax number. 

Personal data is any kind of information that can be used to identify you. For example, this can range from your name to your bank account information. If the confidentiality, integrity, or availability of this information is compromised, this is known as a personal data breach. 

A human error data breach can cause significant emotional distress, but it can also cause financial losses. To learn more about making a personal data breach claim, get in touch with our team of experts.

Human Error Data Breach Examples

In this section, we’re going to look at some mistakes that could lead to a human error data breach claim. If your scenario isn’t listed, don’t worry, we could still help you to claim.

Skills-based data breaches

These are mistakes where somebody knows what they should do to meet their UK GDPR obligations but where a momentary lapse of concentration, a mistake or negligence means they fail to do so. Some accidental data breach examples involving such errors include:

  • Where a computer screen is left unlocked and allows an unauthorised party to view personal data records.
  • If a laptop or memory stick that contains unencrypted personal data is lost.
  • Where a letter containing personal information is put into the wrong envelope and ends up at the wrong address.

Physical security errors

There are many different types of data breaches involving personal information held physically (on paper records, for example). They could lead to human error data breach claims. Some accidental data breach examples that involve physical security errors include the following:

  • Where a manager writes down a member of staff’s address and phone number on a piece of paper and leaves it on the desk where others can see it though they don’t have a lawful reason to.
  • If a computer screen is in full display of a public waiting area meaning they can read personal records though they don’t have a lawful basis to.
  • Where a patient’s medical records are left on the counter in a GP surgery and another patient picks them up and reads them.

Other Factors That May Cause A Human Error Data Breach

While we can’t tell you all of the scenarios that could result in human error data breach claims, there are a number of factors that could contribute to them occurring. They include:

  • It is only possible for a human to make a mistake if the opportunity exists to let them. For example, if a customer database has the facility to copy all entries, a member of staff could accidentally send those entries by mistake. If you remove that functionality, such a mistake would not be possible.
  • Business premises should be designed to try and reduce the risk of data breaches from occurring. For example, an estate agent shouldn’t have their computer screen facing the shop window if it means members of the public can view personal information.
  • Lack of awareness can lead to examples of a human error data breach as well. If somebody doesn’t properly understand the potential consequences of their actions, human error data breaches could be more likely. For instance, if someone is unaware of the risks associated with links in phishing emails, they might be more likely to click on them.

How Do You Prevent Human Error Data Breaches?

Rather than organisations acting retroactively to personal data breaches, it is much better to implement measures to help prevent data breaches. But how can this be done?

Well, it can be helped by:

  • Ensuring staff only have access to the systems they need to use. Good privilege management can help reduce unauthorised access.
  • Providing adequate training to staff so that they have the skills to reduce decision-based mistakes.
  • Encouraging staff to be open about any data protection concerns they have. Also having an open-door culture within a business to allow staff to speak to senior management easily.

By implementing some of these measures, data breach claims could be reduced.

What Kind Of Damage Can A Data Breach Cause?

The process of claiming for a data breach can be tricky. That’s because you are only allowed to claim once. As a result, you must consider any future suffering as part of your claim as well as any that has already happened. Data breach claims will usually be separated into two different elements:

  1. Material damage. This element concentrates on any financial losses, costs or expenses you’ve incurred due to the data breach.
  2. Non-material damage. This element of a data breach compensation claim looks at any suffering caused by psychological injuries caused by the data breach.

For material damages, you’d calculate any money that has already been lost because of the data breach. For example, you might claim for any money stolen from you because human error allowed a criminal to use your data for identity theft.

Similarly, if you have been made ill by stress, embarrassment or depression following the breach, you could claim for non-material damages.

What’s important though is to look at if you’ll continue to suffer in the future. To help with this, you’ll need to have a medical assessment during the claims process. It will be conducted by an independent specialist. Don’t worry about travelling too far for your appointment as our data breach solicitors can usually book them locally.

During your meeting, the specialist will review medical records and ask a series of questions. Afterwards, they’ll write a report that details how much you’ve suffered and they will offer a prognosis for the future too.

If you’d like to know what damages you could claim for a data breach caused by human error, please call today.

Compensation Payouts In Human Error Data Breach Claims

As stated above, data protection breach compensation for a successful claim could cover both material and non-material damage. Additionally, due to the Court of Appeal ruling in the Vidal-Hall and others V. Google Inc (2015) case, you can claim for any psychological suffering, such as anxiety caused by the data breach, without also claiming for material damage. Prior to this case, if you wanted to claim for psychological suffering, you needed to demonstrate that you suffered financially.

If you would like to know more about how data breach compensation could be calculated, we’ve provided a table below. Under the UK GDPR, a claim for non-material damage will be valued using the Judicial College Guidelines (JCG). This is due to the Gulati and Others V MGN Limited (2015) ruling, which stated that non-material damage in a data breach claim can be valued in the same way as psychological harm in a personal injury claim. The JCG is a document legal professionals use to help them assign value to injuries, including psychological. However, every claim is different, so we can only provide the figures for guidance.

Claim TypeSeveritySettlement Range
Sever Psychological Harm + Special DamagesSevereUp to £250,000+
General Psychiatric DamageSevere£66,920 to £141,240
Moderately Severe£23,270 to £66,920
Moderate£7,150 to £23,270
Less severe£1,880 to £7,150
Post-Traumatic Stress DisorderSevere£73,050 to £122,850
Moderately Severe£28,250 to £73,050
Moderate£9,980 to £28,250
Less Severe£4,820 to £9,980

Call our advisors for a free claim assessment and valuation. If they think your claim stands a reasonable chance of success, you could be put in touch with our data breach solicitors.

No Win No Fee Human Error Data Breach Claims

One of the reasons claims don’t get made is because people worry about losing money on solicitor fees. We completely understand that and so our solicitors offer a No Win No Fee service for any claim they take on.

When you get in touch, your claim will be assessed to see if a solicitor can represent you. If they agree, you’ll be sent a Conditional Fee Agreement (CFA). This is a formal term for a No Win No Fee agreement. It will show you what your solicitor must achieve before they are paid for their work.

Instead of you sending funds to cover the solicitor’s work, they will deduct a success fee from any compensation paid. This is a fixed percentage of your settlement that’s listed within the CFA. By law, the success fee is capped so that you can’t be overcharged.

How Long Do I Have To Make A Data Breach Claim?

If you are thinking of claiming, you should check how long you have to claim. That’s because depending on the type of organisation you’re claiming against, you’ll have anywhere between 1 and 6-years to take action. Therefore, starting the claims process as soon as you can might be imperative.

After you have finished this guide, why not call our advisors if you’d like to discuss your options or check how long you have to claim? Remember, we could connect you with a No Win No Fee solicitor to help if your data breach claim is strong enough.

To check your eligibility to use our No Win No Fee service, please contact one of our advisors today.

Get Free Advice From Our Data Breach Solicitors

Hopefully, this article about data breaches caused by human error has proven useful. If you’re now in the position where you’d like to talk to us, you can:

We are here to take your call 24 hours a day, 7 days a week. Not only will our advisors review your claim, but they’ll also provide free legal advice about your options too.

Learn More About Data Breach Compensation Claims

In this section, we’ve added some additional guides and resources to supplement this guide about human error data breach claims.

Electronic Marketing – Information on what rules companies must adhere to when sending emails or voicemails.

Dealing With Anxiety – NHS guidance on how to spot the signs of anxiety and methods that can help to control it.

Data Protection Complaints – Government advice on how to complain about data protection errors.

The Blackbaud Data Breach – This article studies the impact of a data breach that affected a number of institutions and charities.

Data Breaches At A Bank – Useful information on how to claim if your bank has exposed your personal data.

Nursery Data Breach – This guide shows when you could claim if a human error leads to a data breach at a nursery.

Other Useful Compensation Guides

If you still have any questions about human error data breach claims, then you are welcome to get in touch with Legal Expert for help. You can reach us using our live chat or the other contact details included in this guide.