Connecting linkedin

Class actions for data breach given green light by High Court

8 months ago by Neil Pickstone

W1siziisijiwmtcvmtivmdqvmtuvmzavntqvnjuxl0nvdxj0igjvb2sgaw1hz2uuanbnil0swyjwiiwidgh1bwiilciymjawedywmfx1mdazyyjdlfsiccisim9wdgltaxplil1d

A landmark High Court ruling on Friday 1 December 2017 allows for those affected by data breaches to claim compensation for the "upset and distress" caused 

 

In this instance the data breach involved a disgruntled employee of Morrisons supermarkets stealing the personal data of all its employees, including their salaries and bank details, and posting everything online. The individual concerned, a senior auditor with the company, was later convicted and jailed for the offence.

 

This is the first class action of its type involving a data leak in the UK. As we’ve already stated in our previous blog, the consumer action group Which? is currently lobbying the government to include class actions within the new Data Protection Law (GDPR) which is currently going through parliament.

 

The breach in this case would be a breach under the new rule of privacy by design which is within the new GDPR rules. Organisations, even when the victim of criminal activity, are expected to protect data (including internal staff data), so in this case the regulation would expect that there should never be a need for an individual to be able to download such data nor be able to view all of the data without supervision.

 

The key questions for organisations are: are we taking appropriate steps to protect the data and are we appropriately prepared to respond to incidents that put the data at risk?

 

Companies of all sizes need to consider who has access to individuals’ sensitive data, ensure it remains protected at all times and that it is only accessed as needed. This will require changes to processes as well as systems.

 

The more worrying aspect of the ruling is that the company is being held responsible for the illegal act of one of its employees. This type of ruling is starting to raise widespread awareness of data protection issues, paving the way for legal firms and individuals alike in the pursuit of future class actions.

 

Volcanic is supporting the recruitment industry towards GDPR compliance ahead of the May 2018 deadine. Download your free guide to GDPR for recruitment agencies.

​​

ABOUT 2 MONTHS AGO BY NEIL PICKSTONE

W1siziisijiwmtgvmdyvmdyvmtavmzivmtevmje4l2fzcglyyw50lmpwzyjdlfsiccisinrodw1iiiwindawedmwmfx1mdazyyjdlfsiccisim9wdgltaxplil1d

Volcanic is delighted to announce the launch of the new Aspirant Careers website. Aspirant was founded by in late 2015 to service the architectural and supporting industries. Their name is reflective of their own ambition and the ambitions of the ...

READ MORE

ABOUT 2 MONTHS AGO BY NEIL PICKSTONE

W1siziisijiwmtgvmdyvmdyvmtmvmdgvntcvnzixl3nld2vsbc5qcgcixsxbinailcj0ahvtyiisijqwmhgzmdbcdtawm2mixsxbinailcjvchrpbwl6zsjdxq

Volcanic is delighted to announce the launch of the new Sewell Wallis website. Sewell Wallis is a group of experienced recruitment specialists who offer an honest and bespoke service to both their candidates and clients. With offices based in Shef...

READ MORE

ABOUT 2 MONTHS AGO BY NEIL PICKSTONE

W1siziisijiwmtgvmdyvmduvmtqvmzcvmdavotg0l25lehvzlmpwzyjdlfsiccisinrodw1iiiwindawedmwmfx1mdazyyjdlfsiccisim9wdgltaxplil1d

Volcanic is delighted to announce the launch of the new Nexus Legal Recruitment website. Nexus Legal Recruitment is a trusted search and recruitment specialist focused on placing top legal talent in law firms and multinational organisations across...

READ MORE

ABOUT 2 MONTHS AGO BY NEIL PICKSTONE

W1siziisijiwmtgvmdyvmduvmtivmdcvndcvndi5l2pwz2cuanbnil0swyjwiiwidgh1bwiilci0mdb4mzawxhuwmdnjil0swyjwiiwib3b0aw1pemuixv0

Following Volcanic’s record-breaking number of website launches in March, the momentum is showing no sign of abating, with May 2018 smashing this record. The team has brought to life a whole host of new websites, including clients such as Morson, ...

READ MORE