freephone: 0800 954 0243

Bank employee has work laptop stolen containing accessible financial information of customer

Bank employee has work laptop stolen containing accessible financial information of customer

Discovery

The Head of our Data Breach department, Mr Matthew McConville has successfully represented a client in an action against a bank for their breach of the Data Protection Act 2018 / General Data Protection Regulations 2018, a breach of Article 8 of the Human Rights Act 1998, a breach of confidence and a misuse of private information. The said client and bank are unable to be named given that a confidentiality clause has been signed between the parties as insisted by the said bank.

This claim involved an employee of the involved bank taking an unsecured work laptop home with them which contained personal and financial information relating to Mr McConville’s client on an unprotected spreadsheet. After this incident occurred, Mr McConville’s client was informed by a letter from the bank in question that his personal and financial data had been stolen.

Representation

Following Mr McConville’s client receiving this letter and trying to settle on a suitable amount of compensation without legal representation, it was clear that the bank were not taking Mr McConville’s client seriously regarding this data breach. The final offer made by the bank before Mr McConville’s client instructed him was full and final settlement for a couple hundreds of pounds. As a result, Mr McConville’s client sought expert advice and Mr McConville offered no win, no fee terms without hesitation and then presented a formal Letter of Claim alleging that the bank in question had breached the Data Protection Act 2018 / General Data Protection Regulations 2018, breached Mr McConville’s client’s Article 8 Human Rights Act, breached confidence and also misused private information.

The reasons for the above allegations were on the basis that the bank in question should have kept the personal and financial information on a securely protected laptop before it was taken out of the workplace. In response, the bank in question accepted that their procedures were not followed which resulted in an inadvertent breach of their data protection obligations.

Resolution

After a series of negotiations following this admission, an agreement was eventually reached between the bank in question and Mr McConville’s client which was in excess of twenty times more than what the bank offered in settlement before Mr McConville became involved.

Within this resolution, the bank insisted upon a stringent settlement agreement which included a confidentiality clause so that Mr McConville’s client could not disclose the settlement details that he has achieved. Mr McConville’s client decided to agree to this simply because he has on paper a formal admission and a handsome level of compensation following what had happened.

Posted in GDPR Case Reports

Do you have a question for us?

One of our staff members would be happy to speak to you directly. Why not give us a call?

T: 0800 954 0243
E: info@irvingslaw.co.uk
freephone: 0800 954 0243
info@irvingslaw.com
| Website designed & hosted by Cyberfrog Design