If An Employee Shares My Personal Data Via WhatsApp – Can I Claim Compensation From My Employer?

You may be wondering what steps you could take if an employee shares your personal data via WhatsApp. Organisations can send out group messages through WhatsApp as a way of communicating with employees, customers and large groups of recipients. However, if an employee shares your personal data over WhatsApp without establishing a lawful basis, this could lead to a personal data breach.

employee shares personal data over whatsapp

If An Employee Shares My Personal Data Via WhatsApp – Can I Claim Compensation From My Employer?

A personal data breach can cause financial and emotional damage. If you can prove that the data controller, usually an organisation that has control over the means and purpose for which your personal data will be processed or the processor, generally hired to process data on behalf of the controller, failed in their legal obligation to comply with data protection laws causing a personal data breach, you may be eligible to claim.

This guide looks at when an employee can make a claim against their employer for breaching their personal data. It will also explore how much compensation you could potentially claim, highlighting examples of compensation brackets. We will also discuss what legislation is in place to keep your personal data safe.

We will also explain how working with a No Win No Fee solicitor from our panel could help you through the claiming process. To learn more, contact our team of advisors today:

Select A Section

  1. What Happens If An Employee Shares Your Personal Data Via WhatsApp?
  2. How An Employee Could Breach Your Data Protection Via WhatsApp
  3. How Could Employee Data Breaches Be Prevented?
  4. What Data Could Have Been Shared?
  5. Compensation Payouts For A Data Breach Claim Against An Employer
  6. Call For Advice If An Employee Shares Your Personal Data Via WhatsApp?

What Happens If An Employee Shares Your Personal Data Via WhatsApp?

A personal data breach is described as a security incident that compromises your personal data’s confidentiality, availability, or integrity. The Information Commissioner’s Office (ICO) are an independent UK body that upholds the data protection rights of you, the data subject. They also can penalise data controllers and processors when they fail to comply with data protection legislation.

As the data subject, you may be able to claim against the data controller, in this instance your employer, if through positive wrongful conduct your personal data has been breached, and this has resulted in you suffering harm.

Any organisation that handles the personal data of UK residents is required to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). These are the two leading pieces of data protection legislation in the UK.

Article 82 of the UK GDPR allows data subjects the right to claim compensation if their case meets the criteria, for example:

  1. The organisation failed to comply with data protection legislation, which led to your,
  2. Personal data being breached, and,
  3. You suffered financial and/or mental harm as a result.

Get in touch with our advisors if you have any questions about steps you could take if an employee shares your personal data via WhatsApp.

How An Employee Could Breach Your Data Protection Via WhatsApp

Many cases of personal data breaches are caused by human error. It is vital that workplaces that handle personal data train their employees to be data-aware as well as data-compliant. If the appropriate training is not provided, errors and mistakes can occur.  For example:

  • Sending a text message that contains personal data to the wrong recipient
  • Attaching files that contain personal data to a message addressed to an unauthorised recipient by mistake
  • Verbally disclosing the personal information of a client to an unauthorised person during a WhatsApp voice or video call.

Data Breach Statistics

The ICO collect and publish reports of data security incident trends. According to these statistics, the general business sector has suffered 121 reportable data security incidents so far in 2022. Of these, 74 were related to non-cyber causes, and 47 were the result of cyber attacks.

If you’re wondering what to do if an employer shares your personal data in a WhatsApp message, our advisors can help. Get in touch today to learn more.

How Could Employee Data Breaches Be Prevented?

While there is no way to completely prevent the risk of an employee data breach, there are some steps that employees and employers can take to increase their data security awareness. To help prevent human error and other data security incidents, employees and employers can:

  • Provide staff with adequate data protection training.
  • Use strong passwords and two-factor authentication where possible on devices that store personal data.
  • Ensure devices and networks have adequate cybersecurity systems in place. This can help prevent criminals from stealing personal data.
  • Ensure there are adequate physical security systems in place. For example, lockable filing cabinets for files that contain personal data. This can help prevent stolen documents.

If an employee shares your personal data through WhatsApp and you can prove wrongful conduct led to the breach, you may be eligible to make a data breach claim against your employer for the harm caused. Our advisors can assist you if you’re unsure about any elements of making a personal data breach claim.

What Data Could Have Been Shared?

Personal data is any information that can identify you. Some examples of personal data that an employer could process about you include:

For an employer to be able to process your personal data, they will need a  lawful basis.

To find out if you could be eligible to claim, get in touch with our team. Or, read on to learn more about whether any action is needed if an employee shares your personal data via WhatsApp.

Compensation Payouts For A Data Breach Claim Against An Employer

If your personal data breach claim is successful, you may be eligible for two kinds of damage:

  • Material damage is the financial losses following the data breach, including any loss of money and effects on your credit score. For example, if a breach affects your credit card details and leads to fraudulent charges.
  • Non-material damage is the psychological damage you suffer due to the data breach. This can include stress, depression or post-traumatic stress disorder (PTSD).

The Judicial College Guidelines (JCG) show compensation brackets for different injuries and illnesses of varying seriousness. We’ve included some examples below to help you get a broad idea of what you could receive

Edit
Injury Compensation Description of Injury
Severe Psychological Damage (a) £54,830 to £115,730 Problems occur with the injured person’s ability to cope with daily life. The prognosis is poor, and they will suffer future vulnerability.
Moderately Severe Psychological Damage (b) £19,070 to £54,830 The prognosis is more optimistic, though the person will suffer similar to the above.
Moderate Psychological Damage (c) £5,860 to £19,070 The prognosis is positive thanks to a significant improvement in symptoms by the time of trial.
Less Severe (d) £1,540 to £5,860 Consideration for this bracket relies on the length of time affected by symptoms and the effect symptoms have on daily life.
Severe PTSD (a) £59,860 to £100,670 Permanent and severe symptoms effect all aspects of the person’s life, preventing working or functioning at the pre-trauma level.
Moderately Severe PTSD (b) £23,150 to £59,860 Professional help will improve the prognosis, but injuries still persist for the foreseeable future.
Moderate PTSD (c) £8,180 to £23,150 The injured person will mostly recover but there may be continuing non-disabling effects.
Less Severe PTSD (d) £3,950 to £8,180 A virtual recovery can be made within two years with some minor symptoms continuing into the future.

Please note that these figures are a guideline, not a guarantee.

Call For Advice If An Employee Shares Your Personal Data Via WhatsApp?

You may be interested in working with a solicitor on a No Win No Fee basis to help you through your personal data breach claim. Our panel of solicitors could use a Conditional Fee Agreement (CFA), a type of No Win No Fee funding arrangement. Under a CFA, you typically will not pay upfront fees or ongoing costs. A success fee is due in the event of a successful claim. But, if your claim does not succeed, they do not take this fee.

To learn more about connecting with a No Win No Fee solicitor and to start the claims process, contact our team of advisors. They can offer free legal advice and a free consultation on your claim.

Workplace Data Breach Claims

You can see more information on data breaches here:

Here are some useful external resources:

To learn more about the steps you could potentially take if an employee shares your personal data via WhatsApp, contact our advisors.

Writer SE

Checked by HP