header-logo header-logo

Home Login E-newsletter About us

Data breaches: a personalised response

© Copyright LexisNexis 2025. All Rights Reserved.
16 October 2019 / Elizabeth Bardsley
Issue: 7864 / Categories: Features , Insurance / reinsurance , Data protection , Technology
printer mail-detail
Elizabeth Bardsley explains why tailoring response to identity can help data controllers avoid breach claims
  • When a data breach occurs, controllers need to act fast but also consider the identity of the individuals concerned.
  • Appropriate responses may vary. Consider factors such as potential resentment against the controller, employment status and age.

Following a personal data breach, what can data controllers do to limit their exposure to data breach claims? And to what extent should breach response be shaped by the identities of the data subjects themselves?

The rise in data breach claims has been well reported. This is largely a direct result of the GDPR (General Data Protection Regulation) giving data subjects a statutory right to claim compensation for non-material damage in addition to material (financial). Claimants can therefore seek awards for inconvenience or distress caused by the loss or unauthorised disclosure of their data; a much lower threshold than earlier data protection law.

This, along with the onerous notification obligations the GDPR places upon data controllers,

If you are not a subscriber, subscribe now to read this content
If you are already a subscriber sign in
...or Register for two weeks' free access to subscriber content

MOVERS & SHAKERS

Read All
Sponsored by
Birketts—trainee cohort

Birketts—trainee cohort

Firm welcomes new cohort of 29 trainee solicitors for 2025

Keoghs—four appointments

Keoghs—four appointments

Four partner hires expand legal expertise in Scotland and Northern Ireland

Brabners—Ben Lamb

Brabners—Ben Lamb

Real estate team in Yorkshire welcomes new partner

NEWS
Read All
NLJ this week: Big tech for small firms
Robert Taylor of 360 Law Services warns in this week's NLJ that adoption of artificial intelligence (AI) risks entrenching disadvantage for SME law firms, unless tools are tailored to their needs
NLJ this week: Presumption of capacity reaffirmed
The Court of Protection has ruled in Macpherson v Sunderland City Council that capacity must be presumed unless clearly rebutted. In this week's NLJ, Sam Karim KC and Sophie Hurst of Kings Chambers dissect the judgment and set out practical guidance for advisers faced with issues relating to retrospective capacity and/or assessments without an examination
NLJ this week: Justice delayed, justice denied
Delays and dysfunction continue to mount in the county court, as revealed in a scathing Justice Committee report and under discussion this week by NLJ columnist Professor Dominic Regan of City Law School. Bulk claims—especially from private parking firms—are overwhelming the system, with 8,000 cases filed weekly
NLJ this week: The road ahead for employment rights
Charles Pigott of Mills & Reeve charts the turbulent progress of the Employment Rights Bill through the House of Lords, in this week's NLJ
NLJ this week: SLAPPed shut?
From oligarchs to cosmetic clinics, strategic lawsuits against public participation (SLAPPs) target journalists, activists and ordinary citizens with intimidating legal tactics. Writing in NLJ this week, Sadie Whittam of Lancaster University explores the weaponisation of litigation to silence critics
Copyright © 2025 LexisNexis
back-to-top-scroll