Mr Matthew McConville, the Head of our specialised Data Breach Department at Irvings Law has successfully represented a client against a law firm in a data breach claim. The parties (as settlement has been agreed on a confidential basis) are anonymised for the purposes of this case report; Mr McConville’s client as ‘A’ and the law firm as ‘B’.
A was in a legal dispute representing himself and his opponent had instructed Solicitors to act for them. Unfortunately, A was expecting B to disclose his medical records to him as directed by the Court but did not receive the same and chased. The Solicitor with conduct suggested that the Court direction was complied with by email and so resent the same. To A’s shock and surprise, he then received a Facebook message from a stranger saying that they had received all of his medical records by post rather than email which contained incredibly sensitive information.
Upon discovering this, A lodged a complaint to B where the error was finally admitted to being committed and an apology provided. Following this, B offered A £500.00 to settle his case but this was not enough for the distress caused to A and so he sought expert legal assistance from Irvings Law.
Without hesitation, Mr McConville offered to act for A on a no win, no fee basis and once instructed, Mr McConville lodged a claim to B given that they had breached / invaded A’s privacy under the Human Rights Act, had breached the Data Protection Act 2018/the General Data Protection Regulation (GDPR) as well as confidence following their misuse of private information pertaining to A.
Upon receipt of this, B wished to engage in settlement discussions and after tough negotiation from Mr McConville on behalf of A, settlement of £18,750.00 was reached without Court proceedings needing to be issued or served.