Mr Matthew McConville, the Head of our specialised and Data Breach Department at Irvings Law has successfully represented Mrs C (whom wishes to remain anonymous for the purposes of this blog) in her data breach compensation claim against The Together Trust after they disclosed sensitive information pertaining to Mrs C without her consent.
The Together Trust was a previous employer of Mrs C. Subsequently, Mrs C applied for a new role with a third party where she had a successful first interview and was invited back for a second. Following the said second interview, Mrs C was told that she had been unsuccessful in her application for the role with the said third party and at the time, Mrs C thought nothing further of this.
Mrs C was contacted via telephone by The Together Trust’s Governance Director where she was told a data breach in relation to her sensitive personal and medical information had been discovered and this was later confirmed to Mrs C by letter. The data breach concerned a Together Trust’s employee acted in an unofficial capacity by disclosing sensitive personal and medical information relating to Mrs C to the above-mentioned third party without consent.
The data shared with the said third party without Mrs C’s consent included comments that Mrs C was placed “on sick leave for quite severe mental health problems”, “Sometimes [Mrs C] didn’t help herself. She did challenge, but sometimes in a negative way by refusing to back down or negotiate, [Mrs C’s], I’m right attitude’ caused a few problems”. Further, The Together Trust stated that Mrs C was “really critical” of agile working and “she was incredibly competitive” and “gave [another employee] the silent treatment”. Mrs C then, quite rightly, believed that the reason why she did not secure her new role was because of what The Together Trust did of which they later apologised for and reminded their staff of the correct process to follow when providing references.
When Mrs C found out about this, he approached specialist Data Protection Solicitor, Mr McConville and without hesitation no win, no fee terms were offered. Once instructed, Mr McConville lodged a formal Letter of Claim to The Together Trust and alleged that they had breached / invaded Mrs C’s privacy under the Human Rights Act, had breached the Data Protection Act 2018 / the General Data Protection Regulation (GDPR) as well as confidence following their misuse of private information pertaining to Mrs C.
Upon receipt of this, The Together Trust accepted liability and made an offer to settle. Due to the significant impact of what happened, Mrs C obtained supportive medical evidence which later resulted in her claim being settled for £10,000.00 plus her legal costs.