It is important to understand that GDPR fines are separate to compensation claims, particularly in relation to monetary penalty amounts and valuations and pay-outs in privacy cases.
We advise about the separation below. To speak to our team for free, no-obligation legal advice now, please do not hesitate to contact us here.
GDPR fines are separate to compensation claims
GDPR fines are separate to compensation claims, so if you want to pursue damages as a victim of a data breach, leak or a hack, it is important to understand that there is clear separation. Whilst the actual action of the Information Commissioner’s Office (ICO) issuing a fine could help to support a breach of the GDPR, which could help to justify pursuing a case, monetary penalties and fines issued are completely separate to compensation cases. A GDPR fine amount that is issued will often be based on a number of factors that the ICO will consider, whereas any compensation pay-outs and values are issued based on the individual impact on the victim affected.
Because of this, and the fact that GDPR fines are separate to compensation pay-outs, it is not feasible to try to use any fine valuation and relate it to any pay-out. Pay-outs will be based on the significance of any distress that the victims suffer that is caused by the loss of control of their personal information, with applicable losses and expenses also considered. In theory, the ICO may issue no fine at all or issue a low-level fine, which can be common for public sector organisations, but a victim could be eligible to recover significant damages if the impact on them has been substantial.
What you need to do to access compensation
To access GDPR compensation, you need to separately instruct an expert privacy compensation law firm like us to pursue your claim. As GDPR fines are separate to any actual compensation cases we will pursue, we do not need to wait for a final ICO decision in many cases.
If you have been the victim of a data breach and you have a legitimate case, we could pursue your claim on a No Win, No Fee basis without delay. We can write to the organisation responsible for the data breach and pursue them to accept liability. If they do, we can then move forward to resolving a claim for you.
The best place to start is to contact our team for a free claims assessment on a completely no-obligation basis here now.
Levels of NHS data breach fines and compensation
When it comes to the potential levels of NHS data breach fines, and how this could relate to compensation damages pay-outs, it is important to have clear distinction about this. As referenced above, sometimes, the ICO may levy smaller fines to public sector organisations, which is something that they have been considering quite a lot recently. Given the resource issues with the NHS, the ICO may decide to issue very low data breach fines even in a serious case.
Low fines issued does not stop a person from pursuing their own private claim. Not only does it not stop a person pursuing a claim, but it also does not stop a person from recovering the true compensation that they are owed, which is based on how they have been affected by the incident.