We've been featured in:

Shropshire Council Data Breach Claims

You have a right to expect your personal data to be protected. There are a number of different pieces of legislation that inform how organisations should handle your personal data. But how might a data breach at Shropshire Council happen, and what kind of impact could this have on you? These are just some of the questions we will address in this guide.

Working Out Council Data Breach Compensation Amounts

Shropshire Council data breach claims guide

Shropshire Council data breach claims guide

Your claim will be based on its own set of circumstances. It may share similarities with other claims, but it will still be unique in some way.

Because of this, you might still have unanswered questions once you have read this guide. If you do, we can answer them for you. You just need to call 0800 073 8804 and speak to one of our advisors to get the answers that you need. Our lines are open 24 hours a day, 7 days a week, so call any time.

Select A Section:

A Guide On How To Claim Should A Data Breach At Shropshire Council Occur

The guide begins with a graph that shows some causes of data security incidents in central government. We have followed this with a basic overview of the UK data privacy and security laws. Additionally, we will illustrate what shapes a data breach can take by providing you with example scenarios.

Next, we look at how the council has to comply with the UK General Data Protection Regulation GDPR and the Data Protection Act 2018 DPA to keep your data safe. We have provided a number of examples of how a failure to comply with these laws could put your data at risk.

There is a process that you can follow to make a formal report and complaint about a council data breach, and we have outlined this. Furthermore, we have also explained the eligibility criteria for claiming for a data breach.

We’ll continue with a discussion of the justifications for claiming damages following a data breach. Additionally, you will find we have provided an example compensation table. No Win No Fee claims are covered, with an emphasis on explaining the benefits of such a service.

Some general advice on starting a claim comes at the end of this guide. Also, we have added some reference links and also a short FAQ at the end. After reading this guide, if you’re left with any more questions about what steps to take if a data breach at Shropshire Council were to occur, please don’t hesitate to get in touch.

Is There A Claim Time Limit?

In order to make a claim for a data breach, you need to start your claim within the appropriate time limit. However, these time limits can vary. For example:

  • If you are claiming against a public body or organisation such as a council, then you have one year within which to start your claim
  • For all other organisations, the time limit for starting a claim is six years

But, there are other factors that could have an impact on this time limit. Therefore, we recommend you call and talk to one of our expert claim advisors. Explain your case to them, and they can tell you how long you have left to start your claim.

Rates Of Data Breach Incidents

Later on in this guide, we will take a look at what the duties of the Information Commissioner’s Office (ICO) are. But here, we want to talk about the publicly accessible data that the ICO publishes about data breaches in the UK. We used some of the data they have provided to make the graph below. It shows some of the main causes of data security incidents in central government.

Government Data Breaches

What Could A Data Breach At Shropshire Council Be?

Let’s start this section of the guide by looking and the rules and regulations that apply in the UK. In short, this is the legislation that is in place to protect your personal data.

In the European Union (EU), the General Data Protection Regulations (GDPR) are followed. This was enacted into UK law with the Data Protection Act 2018 (DPA). Now that the UK has left the EU, we refer to the UK-GDPR along with the amended DPA in relation to data privacy laws.

There are a number of different reasons that a council could hold your personal data. For instance, you may use a service such as social housing or social services. If you have applied for a school or nursery placement for your child, this information will be stored on the council website. And if you work for the council, they will need to hold certain details on you, such as your bank details.

A data breach is defined as a security incident in which personal data is lost, destroyed, altered or disclosed to or accessed by an unauthorised party. Despite the regulations that exist to protect our personal data, breaches can happen. Sometimes, they’re the result of a malicious attack by a cyber-criminal. In other cases, however, data breaches can occur as the result of human error or a lack of training of staff.

If you can prove that a data controller did not take all the necessary steps to protect your data, you might be able to make a compensation claim. However, the onus is on your to provide such proof. You can call and speak to one of our expert claim advisors for some advice on how to collect the evidence that could support your claim.

Does Shropshire Council Have To Comply With GDPR?

In short, yes, Shropshire Council has to comply with UK-GDPR and data privacy laws the same as any data controller. There are seven key principles. These are:

  • Acting in a way that is transparent, fair and lawful.
  • Limiting data storage to that which is necessary
  • Keeping personal data completely secure.
  • Limiting the time that data is stored.
  • Purpose limited
  • Making sure that data is kept accurate and up-to-date.
  • Being accountable for data security and demonstrating compliance with the rest of these principles.

It may not always be clear if a data controller has allowed personal information to be breached. If the organisation has done all they can to protect your personal data and a breach occurs exposing personal information you would unlikely be able to make a claim. Call our claims team to have your case assessed today.

How Could My Data Privacy Be Breached?

Should a data breach at Shropshire Council arise would it mean that data privacy has been breached? Data breaches, on the whole, can happen for a variety of different reasons. They can happen to personal information in files stored digitally or through physical files kept in office spaces. Not all data breaches will mean those affected can make a data breach claim. To hold any valid data breach claim the onus is on you to prove your personal information was not protected accordingly.

Below we look at example scenarios of potential data breaches:

  • An external hard drive or USB memory stick containing your personal data is left on a train and is not encrypted.
  • Lax cybersecurity systems allow a cybercriminal to gain access to your data.
  • Your personal data is emailed to a recipient that is not authorised to have it.

In each of these examples, the onus would be on you to prove that failures led to your personal information being exposed. In short, you need to show that the actions (or inaction) allowed a personal data leak. 

Housing Data Breach

If you use council services then you may need to supply quite a bit of personal information so that you can be provided with what you need. Councils’ will usually use a data protection policy to limit any risk of this information being exposed. Below we look at potential ways that information a local authority may hold on you could be exposed:

  • Financial records such as a rent statement are mistakenly sent to the wrong address.
  • Data held by social services about you and your family is shared with an unauthorised party following a request for information that was wrongly approved.
  • Scans of a document such as a tenancy agreement are left displayed on a  computer screen where passers-by without authorisation can see them.

Our claims team can assess your case along with any evidence you have. They can take your call 24 hours a day and 7 days a week. So, give them a call to get started.

Who Should I Report The Data Protection Breach To?

If you are concerned that a data breach at Shropshire Council may have occurred, your first port of call should be the Shropshire Council Data Protection Officer. The ICO are the independent body that upholds information rights and data privacy for individuals, and it offers a template that you can use to express your concerns about how your data is being used.

There are certain data breaches that need to be reported to the ICO. These are ones that affect the rights and freedoms of the data subject. The organisation should inform the ICO within 72 hours, and the data subjects should be told about the breach with no undue delay.

If the local authority fails to respond to your satisfaction, you can move on to contact the ICO. The ICO deals with data breach complaints and can take punitive action against organisations that breach UK GDPR. However, they cannot award you compensation; they can only fine organisations who breach UK GDPR.

However, you must raise your complaint to the ICO within a reasonable timeframe. If it has been more than three months since your last meaningful communication with the council about the incident, the ICO are not likely to investigate.

How To Proceed With A Data Protection Breach Claim

This section will take you through the process of claiming compensation for the harm caused to you.

If you do make a complaint to the ICO, and they decide in your favour, then this could benefit your claim. However, even if they do decide in your favour, their decision isn’t final, and the courts can still come to a different conclusion.

For this reason, it’s really important that you collect evidence to support your claim. You could provide medical records to show that you were caused emotional harm by the breach. Bank statements and details of your credit score could be used to show the financial harm you have experienced.

The process of collecting evidence and building a claim can be complex. For this reason, we recommend that you seek legal advice in making your claim. An expert data breach solicitor could offer support and guidance in building your case.

If you would like some more general advice on starting a claim, reach out to one of our advisors. They can evaluate your claim for you and connect you with a solicitor to start working on your claim for you.

Costs And Losses You Could Be Compensated For

If your claim for a data breach is a success, there are basically two main sources of compensation that could be applicable. There may be damages available for psychological injuries and financial loss. Let’s take a look at each of these a little more closely.

Non-material damages

Whether you suffer some form of financial loss due to a data breach or not, you may still try to claim for mental injury. This is because a precedent was set in 2015 in the Court of Appeal case Vidal-Hall and others v Google Inc. The Court held that non-material damages could be claimed, even if the victim did not suffer any financial harm. This means that you can claim for things like stress, depression and Post-Traumatic Stress Disorder even if you haven’t lost any money.

Material damages

Additionally, you may be able to claim for any financial losses the data breach caused. For instance, if your bank details are exposed in a breach, this could lead to money being stolen from your account. Furthermore, identity theft could result in someone taking out loans in your name. This could damage your credit score and stop you from taking a loan out in the future.

If you would like to find out the kinds of damages you may be able to pursue, please call and talk to our claims team about your case. They can help you further.

How To Calculate Settlements For A Data Breach At Shropshire Council

The amount of compensation you could get in a successful data breach claim is based on the unique circumstances of your case. This means we cannot calculate an average settlement amount, as all claims are different. But, we can provide you with this example compensation table.

In the case of Gulati v MGN, the Court held that mental harm caused by data breaches could be valued in the same way as in personal injury claims. Because of this, we’re able to provide the table below which is based on the guidelines produced by the Judicial College. This is a document that legal professionals can use to help value claims.

Edit
Severity Health Problem Possible Damages More Information
Less severe Psychiatric issues Up to £5,500 We would include all less severe mental disorders in this category. Some form of shock, such as a traumatic event, probably led to this. The victim may fully recover after some time, but they may have ongoing mental health issues that affect their lives in some way.
Moderately severe Psychiatric issues £17,900 – £51,460 All moderately severe psychiatric damage would fall into this category. A traumatising event could potentially lead to this. Given time, the victim may fully recover, but he or she is likely to experience ongoing symptoms post-recovery, possibly into the future.
Severe Psychiatric issues £51,460 – £108,620 All severe mental damage would be placed in this category. Most likely, this was the result of repeated traumatising experiences. The victim may be able to recover somewhat, given time, but there will almost certainly be ongoing mental health problems, perhaps for the rest of the victim’s life.
Moderate Psychiatric issues £5,500 – £17,900 Psychiatric damage of moderate severity falls under this category. An event that is both stressful and shocking may lead to this. Post-recovery, there might be minor symptoms that continue but won’t be problematic.

We can help you to get a more accurate idea of the amount of compensation you might win by getting more details from you about your case. Call our claims team, and they can connect you with an expert solicitor to evaluate your claim for you.

Using A No Win No Fee Solicitor For A Data Breach At Shropshire Council

You may have come across the phrase No Win No Fee before, but not be sure what it means. Or you may have a general idea of what it consists of but are not sure how it could help you fund legal representation for a claim following a data breach.

A No Win No Fee agreement would mean you’re not asked to pay an upfront fee and that the solicitor would not expect to collect ongoing fees while the claim is ongoing. And if the claim fails, then they won’t ask you to pay anything at all.

However, if the claim is won, your solicitor will deduct a small success fee (legally limited in amount). The cap on this fee ensures that you always get the majority of the compensation you are awarded. Our team can answer any questions you have about No WIn No Fee claims if you give them a call.

Choosing Between Data Protection Breach Lawyers

“If a data breach at Shropshire Council were to occur, how could I find a solicitor to represent me in my claim?” You may find yourself asking this question or questions that are similar to it. If so, we can help.

We have access to a team of expert data breach solicitors who can process your claim for you. All you have to do is explain your case to one of our advisors, and they will then take you through our new claims process as simply and quickly as possible. It doesn’t matter where you are; we offer remote working, so there is no need to worry about choosing a solicitor local to you.

Start Your Claim

Should a data breach at Shropshire Council happen then our team can answer any questions you may have with no obligation to proceed. Just use the contact information below to speak to an advisor; they can help you from there.

Telephone: 0800 073 8804

Use our webchat service to the bottom right of this screen

Fill out our online form.

Related Services

Here, we have added some links to other guides with useful info.

Additionally, these other websites have some great information.

FAQs On Protecting Your Data

Here are some simple answers to the types of questions you may have about a data breach.

What are Subject Access Requests?

A subject access request is when you contact the council to find out about what data they hold on you.

When could I make a Subject Access Request?

You can make a subject access request at any time.

Can I claim if my childs’ data privacy has been breached?

If a data breach at Shropshire Council took place could it involve a child’s personal information? You can act as a litigation friend to make a claim for a child.

Thank you for reading our guide on what steps you could take if a data breach at Shropshire Council occurred.

Written by Wheeler

Edited by Stocks