We were previously able to resolve a claim for a client of ours for the sum of £15,000 in damages after a spreadsheet attached to an email exposed personal information.
We can tell you as leading privacy compensation experts that, unfortunately, this kind of event can be quite common in occurrence. There is no excuse for such a data leak to happen, and we are pleased that we were able to resolve this particular case in our client’s favour and with such a positive settlement result achieved.
£15,000 in damages for data leak of spreadsheet attached to an email
In a previous case, we were successful in recovering £15,000 in data breach damages for a client of ours whose information had been leaked as a result of a spreadsheet attached to an email. Unfortunately, this particular spreadsheet attached to the email contained very sensitive information about a number of individuals, and it included data about disabilities.
In accordance with the GDPR, disability information can be classed as “special category” information. This means that additional protections are afforded in respect of such information and how it is used and processed. If special category information is ever exposed, the GDPR recognises that the distress that can be caused to the victim can be substantial. This is why a damages award can be significant in such a case, which is why we were able to recover £15,000 for our client in this particular claim.
This was an incredibly distressing event for our client, and we are pleased that we were able to resolve the case in the manner in which we did. Whilst it is not possible to turn back the clock and undo any damage that has been done as a result of a data leak, pursuing a privacy claim for compensation can be the way forward to achieve some form of justice for what has happened.
A frequent type of incident
Unfortunately, there have been many incidents where a spreadsheet attached to an email should not have been there or should not have been accessible, exposing swathes of personal information. One of the group actions that we are running for people is for those affected by the Watford Community Housing data breach in 2020, in which this exact thing happened. That spreadsheet also contained particularly personal and sensitive information and caused significant distress to a number of people, many of whom we represent for legal cases.
It can be easy to see such an event as a simple error and acknowledge how easy it could be for such a thing to happen but, unfortunately, such data leaks should never happen at all. Practices, policies and procedures should always be in place to prevent this kind of information leak from happening, and there is plenty that systems can do to prevent them from happening in the event of human error slips as well.
Greater care is required
In an increasingly digitised age, it is absolutely essential that organisations do all they can to prevent data leaks, breaches and hacks. On the part of employees, clearly, greater care is required to make sure that simple errors do not cause substantial damage to a number of people.
Privacy is a conversation that needs to be happening throughout the entirety of an organisation. This is the only way to make sure that the GDPR can be complied with and events can be prevented where many people can suffer.