We've been featured in:

Lancaster University Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Lancaster University Data Breach

Without storing personal information relating to students and staff, universities would be very difficult places to run. While personal data retention can be justified, it must be carried out in compliance with new legislation to try and stop it from being handled by unauthorised persons. This article is about examining what is meant by data breach compensation claims against Lancaster University. We’ll show you what a data breach is, what harm can result from one and when you could be allowed to claim compensation.

Lancaster University data breach claims guide

Lancaster University data breach claims guide

You have by now probably heard of the General Data Protection Regulation or GDPR as it’s more commonly referred to. The Data Protection Act was enacted in 2018 as a way to give data subjects control over how the information is handled. Keeping your information secure and safe from prying eyes is also important. When an organisation is found to have broken data protection legislation, it could face a severe financial penalty from the Information Commissioner’s Office (ICO). If the breach means you suffer in any way, then you could be eligible for compensation.

If you are considering claiming for a personal data breach, Legal Expert is here to help you. Our specialist advisors offer no-obligation assessments of any claim. They also offer free legal advice on your options. If your claim has strong enough grounds, we could put you in touch with a specialist solicitor from our team. Any claims we handle are managed on a No Win No Fee basis.

To find out more about claiming for a university data breach please continue reading this guide. If you’re already in a position where you’d like to start a claim, please call our team today on 0800 073 8804.

Select A Section

A Guide To Data Breach Claims Against Lancaster University

Many businesses found implementing the GDPR an arduous task. However, it is important that the new laws are followed to prevent the companies from being fined by the ICO. That’s the reason that whenever you make an appointment, shop online, visit a new website or sign up to an educational course, you’ll find lots of statements about data privacy are presented to you. On application forms, you may find tick boxes and websites might use pop-up boxes.

The reason these things happen is that any company that wants to process personal information has to tell you why, how and what for. Usually, they need your express permission to do so. Generally, after they have recorded your data sharing choices, they are bound to stick to them. As well as being more open about how your data is used, the organisation must implement procedures to keep your data safe. Not only could a data breach entitle you to claim compensation, but the ICO could also issue a large fine to the responsible organisation as well.

You might know that compensation claims have time limits applied to them in the UK. For data breaches, you’ll generally have 6-years to file a claim. However, if the claim is based on human rights breaches, you’ll only have a year. Although 6-years seems like a long-time, our advice is to start as early as possible. That way, you are likely to be able to recall the effects of the data breach much more readily. In addition, your legal team will usually find it easier to obtain evidence to support your allegations.

What Are Data Breaches By Universities?

Now, if we talk about data breaches, many people jump to the assumption that we mean cases involving cybersecurity problems like key loggers, ransomware, phishing attacks or viruses. While they are common reasons for data protection breaches, the law also covers physical documents as well. That means that companies need to secure any documents containing personal information in locked cabinets. They should securely dispose of them when they aren’t needed any more.

The legal definition of a personal data breach is where a problem occurs which leads to your personal information being lost, destroyed, exposed, altered or accessed in an unauthorised manner. The ICO can fine a company for a data breach regardless of whether it resulted from a deliberate, accidental or illegal act.

Any data subject who is at risk of being harmed has to be informed about it by the data controller. They need to explain when the breach took place, how it happened and what data was accessed.

If you believe a personal data breach has caused you to suffer in any way, please call our team today to have the merits of the case assessed for free.

Applying The GDPR To University Data

As a data controller, an organisation that processes data, it will need to be able to demonstrate compliance with a number of principles listed within the GDPR. They include:

  • Telling all data subjects why their personal information is needed.
  • Making sure that any data processing act is obvious, legal and fair.
  • Only requesting the personal information that is required to fulfil the processing requirement.
  • Ensuring data processing is confidential and secure.
  • Keeping all personal information up to date.
  • Not keeping personal information for any longer than it is needed (there is no actual time limit specified).

Personally identifiable data means any type of information that could be used to help, directly or indirectly, identify the data subject. For instance, this could include names, phone numbers, addresses or email information. Also, some information about protected characteristics could be used to help identify individuals such as information about their race, sexual orientation, disability or age.

If you are of the opinion that you’ve suffered harm following a university data breach, please contact us so we can review your claim with you.

Was My Data Privacy Breached By Lancaster University?

Lancaster University was involved in a data breach in July 2019. The breach led to personal information relating to applicants and students being accessed. In the main, the data included email addresses, names, telephone numbers and addresses. However, a number of records containing ID documents and student records were also accessed.

The university said that the breach followed a sophisticated phishing attack. The hackers used the information to create and send fake invoices to a number of student applicants.

As well as the ICO being informed of the breach, which it said it would investigate at the time, the National Crime Agency had started an investigation into what had happened.

The university released a statement. It explained what had happened and what it was doing to investigate the matter.

Source: https://www.bbc.co.uk/news/uk-england-lancashire-49081056

If you think that you may have suffered as a result of this, or any other, data breach, please get in touch today for a free assessment of your case.

Rates Of Breaches In People’s Personal Data

You might be sceptical about how often data breaches affecting universities occur even though we have an example above. To help demonstrate data security issues, an IT firm has conducted a study recently. Its report, based on responses from 86 universities, reveals some staggering statistics, including:

  • Just under half of university staff have not been trained on data safety in the previous 12-months (46%).
  • Only 49% of universities proactively train students on cybersecurity
  • 27% of universities said that their network had never had a penetration test to try and identify security flaws.
  • The annual training budget for university staff averaged out at £7,529.
  • 54% of universities have reported a data breach to the ICO in last 12 months

If you suspect that you have been harmed because a breach involving your personal information has occurred, please contact our team so that your case can be reviewed for free.

Source; https://www.redscan.com/media/The-state-of-cyber-security-across-UK-universities-Redscan-report.pdf

How To Stop Criminal Breaches Of Your Cyber Security

Due to the amount of personal information stored by universities, it’s important that they put measures in place to try and prevent data security breaches. While they do hold information relating to students and staff, some universities will also capture and use sensitive data used for research projects. We are not experts in IT security, but there are some standard measures that could help make systems more secure;

  • Applying the latest software patches to all devices on the IT network.
  • Encrypting disks on portable storage devices so the information cannot be accessed if they are stolen or lost.
  • Ensuring data privacy policies are constantly reviewed and updated in line with best practice guidelines.
  • Offering training to all staff and students so they are aware of their data protection obligations.
  • Using external companies to review the security of the IT network and university buildings so flaws are spotted, and fixed before criminals exploit them.

One of the main reasons these things don’t happen in many organisations could be budget constraints. However, a much larger cost could be incurred if the ICO decides to investigate and issue a fine because of a data breach.

What Rights To Compensation Do Victims Have?

Making a compensation claim isn’t just a matter of requesting a certain amount of money. Any claim you make needs to be justified and backed up by evidence. The process of putting a claim together can be complex. You may need to look at the suffering that has already taken place and any which might occur in the future.

Most claims for data breaches are separated into two parts: material damages and non-material damages. The material damages element looks to compensate you for any money which has been lost. Non-material damages are used to claim for any suffering that has resulted from the breach.

For the first part of your claim, the calculation will start with any money you have already lost. Then you might need to calculate any long-term financial losses that could occur as well. For example, if your credit file has been damaged because identity thieves have used for name and address to take out financial products, you could suffer increased costs in the future.

Similarly, while you would include any suffering caused by medical conditions that have already been diagnosed and attributed to the data breach, you may also suffer in the longer-term. Your ability to work, manage relationships and cope with everyday events might continue to suffer. This will also need to be included.

We have a team of solicitors who could use their experience to assess your claim. Their role would be to try and ensure every aspect of your suffering is considered both in the short and long-term. That’s important because only one claim is allowed to be made.

For a thorough no-obligation assessment of your case, why not speak to a member of our team today?

Calculating Compensation For Data Breach Claims Against Lancaster University

Now we’re going to look at what amount of compensation could be awarded for non-material damages in any data breach claims. The table below is not specific to university data breaches. With data breach claims you do not have to have suffered financially to claim for the effects on your mental health. That fact was established when the court of appeal presided over the case of Vidal-Hall and Others v Google Inc [2015]. It was announced that any award of compensation should be made using levels set for personal injury claims.

The following table provides example settlement amounts for relevant injuries taken from the Judicial College Guidelines (JCG). Legal professionals often refer to the JCG to help calculate compensation figures for personal injuries.

Edit
Injury Type Level of Severity Compensation Range Additional Details
General Psychiatric Damage Severe £51,460 – £108,620 The victim will have serious problems managing relationships, dealing with work and coping with life. A very poor prognosis will be given as treatment won’t help which means the victim will remain vulnerable.
General Psychiatric Damage Moderate £5,500 to £17,900 Although there is likely to have been a lot of improvement in this category, the victim will have suffered in similar ways to above initially.
Post-Traumatic Stress Disorder Moderately Severe £21,730 to £56,180 Significant problems caused by PTSD symptoms will last for the foreseeable future. However, professional help should mean that the symptoms improve over time.
Post-Traumatic Stress Disorder Less Severe To £7,680 Where all of the most significant symptoms have resided within a year or two.

Importantly, the table demonstrates that compensation amounts are based on how severe your injuries are. That’s why, during the claims process, you will need to visit a local medical specialist to have your injuries assessed. The independent medical professional will question you about the impact of the data breach, They will also refer to your medical records. After they have completed the assessment, they will list all of their findings in a report which will then be sent to your solicitor. As the report will be used as evidence to demonstrate your level of suffering in conjunction with any other medical records.

Why Choose Legal Expert To Help With Your Case?

You may have further questions about data breach claims against Lancaster University. You might also be wondering how to pick a solicitor if you are thinking of making a claim. Some people will read countless online reviews, others might ask for a recommendation from their family, and others simply pick the closest law firm to them.

You could take a much easier route, though. One simple call to Legal Expert might be all you need to do. Our advisors are friendly and will let you ask any questions you like in relation to starting a claim. Once they’ve reviewed your case, and if it is accepted, you’ll have specialist solicitor appointed. They will be available throughout your claim to explain any complex legal terms and answer questions. You’ll also be kept up to date with any progress. Ultimately, our solicitors will work hard to try and make sure the highest amount of compensation is paid.

Please call today if you need to know how we could help you start your claim.

No Win No Fee Data Breach Claims Against Lancaster University

There is a significant number of people who put off data breach claims because they’re worried about the cost of hiring a solicitor. Although a solicitor is not mandatory many claimants find the process much easier when they have legal representation. To give you access to hire a legal professional with a lower financial risk, Legal Expert provides a No Win No Fee service for all cases that we agree to take on.

In the first instance, one of our solicitors will review your case. If it’s feasible that you’ll win compensation they may agree to work with you. They will give you a Conditional Fee Agreement (CFA). The CFA will clearly set out the way in which your case will be handled. It will also show you that:

  • You don’t need to pay anything to your solicitor for the case to begin.
  • Solicitor’s fees won’t be billed to you during the claim.
  • If the claim isn’t won, you are not liable to pay any solicitor’s fees.

In cases where your solicitor goes on to win compensation for you, they will keep a percentage of it to cover their time and the cost of their work. This is listed in the CFA as a ‘success fee’ which, by law, is capped. The percentage you’ll pay if your case is won will be listed so it will be clear before you sign the CFA.

Please let us know if you’d like to claim on a No Win No Fee basis and we’ll assess your case for free.

Contact Us To Discuss Your Data Breach Case

You have now reached the end of this article about data breach claims against Lancaster University. We hope that you have found the content helpful and that you are now ready to contact Legal Expert to begin your claim. If so, you can:

We will always be completely open and honest about your chances of receiving compensation so that we don’t waste your time. When you begin, an advisor will run through your case with you and consider any supporting evidence you can supply. If they believe you have a chance of winning your case, they might connect you with one of our solicitors. If they take your claim on, it will be funded using a No Win No Fee agreement.

References

Now that you have completed this article. You may want further information regarding data breach claims against Lancaster University. We’re going to provide you with some additional resources that you might need to access. In addition, we have linked to some more of our guides to show some other types of claims we could help you with. Please feel free to ask for more information by calling our free advice line.

Post-Traumatic Stress Disorder Symptoms – This NHS article lists the most common PTSD symptoms.

Identity Theft – An ICO guide that provides the warning signs to look for in identity theft cases.

Whiplash Compensation – This detailed guide shows how much compensation could be awarded for whiplash.

Pub Injury Claims – Information on starting a claim for injuries sustained in a pub.

Beauty Treatment Claims – Advice on claiming for injuries caused by negligent beauty treatment.

Other Compensation Guides

Written By Hambridge

Edited By Melissa.