What To Do If Your Business Data Has Been Breached

data breach compensation


Your company’s confidential data is one of its most valuable assets. Customer information databases, IP, trademarks etc. all help to give a competitive edge and can be the difference between success and failure.

The good news, is that data protection does not just apply to individuals and consumers. Businesses have rights too, and as such, where a mistake or other breach has occurred, companies can make a business data breach claim for compensation.


Businesses can protect themselves and their assets in a number of different ways. With prevention always better than cure. So, if you are entrusting your valuable data to a third-party, it always pays to make sure that they have adequate processes in place. At the very least this should include:

  • Secure firewalls
  • Anti-virus and anti-malware software
  • Regular and robust backup processes
  • A process for updating operating systems on a regular basis
  • Processes that prevent staff members from sharing passwords
  • Reliable encryption
  • Processes to remove outdated info
  • Processes to identify and record what personal data is held and stored by the business
  • Compliance with the Information Commissioner’s Office (ICO).

Of course, your own business should also adopt best practices when it comes to the above. 


What happens if a bank, financial institution or a trusted professional adviser of the business loses confidential data such as bank statements or financial material relating to the business?

Just like an individual, your business can pursue a claim for damages against the party who has either deliberately or negligently breached your confidential data.  

Due to the consequences of losing such information, the level of damages that may be awarded is likely to be substantial. Not just for the breach itself, but also to include the consequential damages and losses suffered by the business as a result.


“87% of employees take sensitive data with them when they leave a company, whether voluntarily or involuntarily.”

As well as protecting your business against external threats, you should also do everything you can to protect yourself from internal ones. This includes:

  • Making sure you have robust security systems in place to prevent data theft
  • Establishing monitoring processes to detect a data theft
  • Ensuring restrictive covenants are written into staff contracts. These prevent staff from sharing sensitive information once they have left your employ
  • Ensuring adequate policies are in place to deal with issues such as social media use
  • Ensuring these policies are communicated to employees.

However, stealing personal information is a crime, so if a disgruntled or former employee steals and then sells or misuses sensitive commercial information to obtain a financial benefit for themselves, or to provide a commercial advantage to a competitor, you can refer the matter to the police. You also have the right to criminally prosecute the individual in question.

In addition, where a theft has occurred you have the power to obtain injunctions to prevent the material being used or disclosed in the first instance, and thereafter you can apply to seize and obtain any financial benefits or rewards the employee or the competitor has achieved with the use of the information that was stolen.

Helping you to achieve the maximum amount of compensation, in the minimum amount of time, if your business has suffered a data breach due to the negligence or illegality of others, contact Hayes Connor Solicitors today.

Our initial evaluation is always free of charge, and there’s never any obligation to take things further.  Alternatively, you can find out more about making a business data loss compensation claim on our website. 

With strict time limits in place for making most compensation claims, if you want to achieve maximum redress in the minimum amount of time, it’s important to act now.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *