Has your personal data been involved in a veterinary surgery data breach? Were your bank details or contact information breached, and this caused you financial or emotional harm? If a vet surgery processes your personal data, they become known as a data controller. All data controllers must legally take steps to protect any personal information they handle in regard to their clients and employees.
This guide explains how data controllers and processors must adhere to data portection laws; the Data Protection Act 2018 and UK General Data Protection Regulation (GDPR).
In order to make a personal data breach claim, you must be able to show how an organisation that had a responsibility in keeping your data safe failed in this regard.
To find out if you have a valid veterinary surgery data breach claim, contact us today by:
- Call our advisors for free, no-obligation help on 0800 073 8804
- Contact us online to see how we could connect you with a data breach solicitor
- Or use the live support option, bottom right, for immediate help
Select A Section
- What Is A Veterinary Surgery Data Breach?
- Data Protection Guidelines For Vets
- Insurance And Financial Records Held By Vets
- How To Report A Data Breach By A Vet
- What Could You Claim For A Veterinary Surgery Data Breach?
- How To Claim For A Veterinary Surgery Data Breach
What Is A Veterinary Surgery Data Breach?
The Data Protection Act 2018 and UK GDPR define personal data as any information that could be used to identify you as a living person. This data can be used independently or alongside other details to infer or indicate personal facts about you.
Certain sensitive information called special category data has even more potential to harm the data subject if leaked or breached and must be processed with greater care. With this in mind, all companies must fulfil at least one of the six lawful bases for data processing.
An independent body called the Information Commissioner’s Office (ICO) regulates, investigates and can penalise those who fail to do this.
Furthermore, a personal data breach can take place when your personal information is accidentally or unlawfully;
- Lost
- Deleted
- Destroyed
- Accessed by unauthorised parties
- Or verbally disclosed
Data breaches can happen through human error, such as sending an email to the wrong recipient or posting details to an incorrect address.
External hacks are quite rare compared to these mistakes. A claim may not be valid if the veterinary surgery can prove they were trying their best to defend against an external breach.
Data Protection Guidelines For Vets
Vets need to keep more information than just the name of our pets. Names, addresses and contact details are essential, and possibly debit or credit card information may also be retained on record.
In order to keep secure the personal data vet surgeries process they may opt to:
- Secure documents in locked filing cabinets or other safe places to prevent lost or stolen paperwork
- Train staff on how to avoid wrong person fax mistakes or wrong postage address errors
- Apply passwords to access information
- Have ‘time out’ functions on computer screens
- Train staff fully in the UK GDPR obligations
- Encourage a culture of open communication with staff and clients about data processing
To make this as easy for companies as possible, the UK GDPR details ‘7 Core Principles’ that must be followed when processing data.
Insurance And Financial Records Held By Vets
In addition to the basic contact details and bank information that a veterinary surgery may need to hold, there are insurance details that may apply. Pet insurance is a popular way of ensuring that funds are available if a pet falls ill or needs surgery and other expensive procedures.
Information that could be held on record includes;
- Name, address and contact details like email address
- Bank details and direct debit instructions
- Salary or earnings information
- Details of spouse or partner
- Insurance provider details
If your personal or special category data is involved in a data breach caused because of failure on the part of the organisation to comply with data protection laws, you may be eligible to claim for any harm caused.
How To Report A Data Breach By A Vet
Discovering a data breach is something that can happen long after the actual security incident itself. Worryingly, the first you may know of it is when money has already left your account, or email accounts start to feature strange activity.
All companies faced with a data breach must inform the ICO within 72 hours if it infringes the data subject’s rights. The company must also let you know about the breach as soon as possible.
You can raise a complaint with the surgery if you suspect they are at fault for breaching your data. If you do not get a response or an unsatisfactory response, you can complain to the ICO; however, they do not pay compensation.
What Could You Claim For A Veterinary Surgery Data Breach?
After a successful veterinary surgery data breach claim, you could be eligible to seek compensation in two areas. Material damage can be claimed for any financial losses.
Being able to present bank statements or invoices that clearly show a directly-related cost to you is important when claiming compensation.
The second area is non-material damage which looks at the level of psychiatric distress the data breach caused you. Such as:
The Judicial College Guidelines demonstrate:
Psychiatric Harm – What Kind? | How Severe and What JC Guideline Award? | Supporting Notes |
---|---|---|
Psychiatric & Psychological Damage – General | (A) Severe Degree Cases – £54,830 to £115,730 | Very marked impact on work, education, relationships and all areas of normal life |
Psychiatric & Psychological Damage – General | (B) Moderately Severe Degree – £19,070 to £54,830
| A level that results in a long-standing disability. |
Psychiatric & Psychological Damage – General | (C) Moderate Degree -£5,860 to £19,070
| Similar issues to the brackets above but an improvement by the time the case may possibly be heard at trial |
Psychiatric & Psychological Damage – General | (D) Less Sever Degree – £1,540 to £5,860
| Awards like this reflect the length of illness and emergence of any specific phobias or anxiety conditions |
Post-Traumatic Stress Disorder (PTSD) | (A) Severe Degree – £59,860 to £100,670
| A specific and severe reactive disorder that impacts all areas of life with very poor prognosis |
Post-Traumatic Stress Disorder (PTSD) | (B) Moderately Severe Degree – £23,150 to £59,860
| Similar issues to the bracket above but professional counselling can help alleviate the worst extremes |
Post-Traumatic Stress Disorder (PTSD) | (C) Moderate Degree – £8,180 to £23,150
| A comparable recovery with continuing effects being tolerable |
Post-Traumatic Stress Disorder (PTSD) | (D) Less Severe Degree – £3,950 to £8,180
| A complete recovery which takes place within a 1 – 2 year period and persisting symptoms beyond this being only minor |
These guidelines are used when legal professionals are valuing injuries and illnesses in civil claims.
It’s important to bear in mind that these amounts are guide brackets only.
How To Claim For A Veterinary Surgery Data Breach
As you approach your veterinary surgery data breach claim, you could consider working with a data breach solicitor under a No Win No Fee agreement.
Contracts such as this mean a data breach solicitor requires no upfront hiring fees or ongoing fees.
Cases that win require a deduction from the settlement. This is capped at a maximum of 25%. This is to reward the solicitors for their efforts but ensures you receive the bulk of any compensation given.
Find out more about how a No Win No Fee agreement could help you with a veterinary data breach claim:
- Call our advisors on 0800 073 8804
- Contact us online for more help
- Or use the live support option below
Similar Data Protection Breach Guides
Read more on:
- Details about compensation after a dentist data breach
- Private healthcare data breach compensation claims explained
- More on how to report a data breach incident
- Helpful tips on data protection
- Statistics showing the prevalence of security incident trends reported to the ICO
- In conclusion, more reading on the Data Protection Act