,

Data breach compensation claims. Is your business protected?

data breach claims

HOW TO PROTECT YOUR BUSINESS FROM A DATA BREACH CLAIM

OUR DATA PROTECTION ACT SOLICITORS HAVE PULLED TOGETHER SOME TOP-TIPS TO ENSURE BUSINESSES DON’T FALL FOUL OF THE LAW

With your confidential data one of your most valuable assets, and an estimated 1,266% jump in cyber fraud in 2016, it’s vital that your business is alive to the commercial consequences of breaching the personal data of your clients, employees, and competitors.

YOUR OBLIGATIONS

Under the Data Protection Act you must:

  • Use personal information fairly and lawfully
  • Collect only the information necessary for a specific purpose(s)
  • Ensure it is relevant, accurate and up to date
  • Only hold as much info as you need, and only for as long as you need it
  • Allow the subject of the information to see it on request
  • Keep all such data safe and secure.

In addition to protecting you from data breach compensation claims – and the financial implications associated with such actions – sound information management practices also make good business sense; boosting your reputation and increasing customer confidence.

WHAT DO YOU NEED TO DO?

As a very minimum, to ensure that your business is fully compliant with its data obligations, you need to consider:

  • Installing adequate firewalls
  • Regularly and routinely checking for viruses and malware
  • Ensuring all operating systems are updated and implemented regularly
  • Preventing staff members from sharing passwords
  • Encrypting personal data
  • Removing personal data from old computers
  • Identifying and recording what personal data is held and stored by the business
  • Making sure you have robust security systems in place to prevent data theft
  • Adding restrictive covenants into staff contracts (find out more about protecting your business from internal threats) {links to blog 22}
  • Establishing adequate policies to deal with issues such as marketing practices, social media use, and confidentiality
  • Making sure staff are trained and informed in matters relating to security and confidentiality
  • Establishing monitoring processes to detect any data breaches (and what you need to tell customers should the worst happen)
  • Liaising with the Information Commissioner’s Office (ICO) to develop and deploy compliant systems

 

To help you meet your obligations, download the ICO’s data protection self-assessment toolkit.

 

WHAT HAPPENS IF A BUSINESS IS RESPONSIBLE FOR A DATA BREACH?

The ICO can issue an enforcement notice compelling a business to remedy a breach of the Data Protection Act. The sanction is made public, advertised on the ICO’s website, and carries significant harm to the reputation of the company concerned.

In addition to the issuing of an enforcement notice, the ICO can also issue financial penalties of up to £500,000. Recent fines against businesses include a telecommunications company being fined £440,000 for sending spam text messages, and an NHS Trust fined £325,000 for allowing the sensitive personal data of patients to be sold on eBay.

Stealing sensitive information is also a crime, so if a disgruntled or former employee of a competitor steals and then offers such info to you, the matter could be referred to the police. The  individual or company accused of stealing personal data could face criminal investigation and prosecution by the ICO, which leads, after conviction, to fines. If you obtained any financial benefits or competitive rewards because of stolen information, you may also be required to hand this back to the originating company.

The introduction of the General Data Protection Regulation (GDPS) from May 2018, will only serve to strengthen the powers of the ICO in combating data breaches. 

As such, we would recommend that all businesses be proactive in their relationships with the ICO, the public and their customer base in advance of this new regulatory regime. If they do not, an increase in fines from the regulator and an increase in civil claims will only cause long term economic difficulties to the business – as well harming its reputation in an ever increasing competitive marketplace.

 

Find out more about the data loss compensation process on our website

Alternatively, if your business has suffered a data breach due to the negligence or illegality of others, contact Hayes Connor Solicitors today.

Our initial evaluation is always free of charge, and there’s never any obligation to take things further.  With strict time limits in place for making most compensation claims, if you want to achieve maximum redress in the minimum amount of time, it’s important to act now.

12 replies
  1. Graham Connolly
    Graham Connolly says:

    Please sign me up to your claim dept. Equifax Hacked back in May notified November disgusting. Start a national campaign

    Reply
  2. Rob
    Rob says:

    You can also sign me up to your claim dept. Equifax hacked back in May and only yesterday was I informed by letter that my name, date of birth and telephone number have been accessed! Disgraceful!!!

    Reply
  3. carol leafe
    carol leafe says:

    I have just had a letter from Equifax saying my data was accessed in May – 6 months is far to long the damage is already done know

    Reply
  4. Susan Hall
    Susan Hall says:

    I have also received the Equifax hacking letter so would like to be kept informed Whereabouts is your ‘secure form’ please?

    Thank you.

    Reply
  5. Brian Lock
    Brian Lock says:

    Having received a letter from Equifax stating my personal details where compromised in there data breach in the US I have wrote to them asking these types of questions, working in IT I know its down to poor management on there part in patching there servers to avoid the breach, even though they where warned about it they still chose to ignore it. Not I receive upwards of 100 plus emails to my accounts per day, as well as calls to my home number. So yes please add me to the list, I would like to know where this is going.

    Reply
  6. Sean
    Sean says:

    Count me in for any Equifax compensation claims – disgraceful way to act and a six-month delay between a breach and the customer being told. Help line doesn’t answer either, make them PAY!

    Reply
  7. Tony Walsh
    Tony Walsh says:

    I have received a letter at my address in the UK (Also my wife separately) I was astonished and angry that data was held in the US. Bl**dy outrageous !!! They should be hit with a massive compensation claim. Then they have the shear arrogance to offer “free” protection . They should be forced to stop trading. They are not fit to operate in the financial sector Tony Walsh

    Reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *