Data Protection Act Claims
The Data Protection Act 1998 sets down rules to ensure we can access personal data and to protect us from data breaches. A huge and growing number of organisations hold large amounts of personal data about us which includes highly sensitive personal information.
Under the General Data Protection Regulations of 2018 (GDPR), the data protection principles set out the main responsibilities for organisations.
- Information must be processed lawfully, fairly and in a transparent manner in relation to individuals.
- Information must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- The information must be used for what it was gathered for
- The information must be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- Information must be kept in a form which is easy to find and can be destroyed easily if requested and not kept for longer than necessary, beyond the purposes for which the personal data was obtained for
- The information must be processed in a manner that ensures appropriate protection of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical measures.
Public Sector Data Breaches
While the threat of cybercrime is something that is taken seriously, human error remains the leading cause of data breaches in government organisations such as hospitals, councils and the police.
Common breaches include wrongly releasing information to third parties, sending information to the wrong people, or sharing the information inappropriatly on social media or otherwise.
As well as data breaches due to a lack of care, individuals with access to our data sometimes breach data protection laws by accessing data outside of the lawful purpose for which it is held.The Act includes provisions to enforce your rights where they have breached and/or to claim compensation where an organisation has broken data protection law. This includes damages for a material breach (for example where you have lost money) or a non-material breach (for example if you have suffered distress).
Our Civil Liberties & Public Law team has experience of helping individuals who have been victims of a data breach recover compensation.
If you’ve been the victim of a data breach and would like help in taking your case further, fill in the details below and we’ll get in touch and advise how we can help.
Data Protection Act Fees
Different levels of legal aid may be available for your case and we always assess new enquiries to see if they are in scope for funding – this will depend on the facts/type of case and means assessment. Wherever a case falls outside of scope we may be able to offer you a fixed fee and/or our hourly rates. All these funding options can be discussed with our new enquiry team.
2 steps to contacting Howells:
Call our New Enquiry Team on 0114 249 66 66 or email [email protected] for an initial chat about your situation.
We’ll listen carefully to you, clarify what you’re trying to achieve, and then explain if and how we can help you. We will take some initial information and liaise with a legal professional regarding your case. If it looks like we can help, we will book you in for a consultation with a legal professional.