Guides & articles What to do when your manager or employer shares your personal information with other employees UK

Peter Hammond I am a solicitor who has specialised in data breach compensation claims.
employer shares personal data with other employees

Employers hold a substantial amount of private data about their employees, and sadly, this data doesn’t always stay private. If an employer or another employee misuses your information or enables it to end up in the wrong hands, this can result in very serious consequences. 

Data breaches in the workplace can be related to pay and conditions, sickness and absenteeism, disciplinary and grievance disputes, and even personal medical information which has been inappropriately shared and/or disclosed. Anyone whose personal details have been breached within a workplace might have suitable grounds to claim compensation.

We can put you in touch with expert solicitors who have extensive experience in workplace data breaches where an employer has been sharing personal information with other employees and other instances of private information being compromised in this manner. Examples of the types of workplace data breaches our recommended solicitors can help you with include:

  •       Documents left in communal work areas or on top of shared printers
  •       Information being sent to the wrong email recipients, whether that be internally or externally
  •       Employers or employees misusing confidential data that relates to other employees, customers, or any other individuals
  •       Personal details being accessed by an unauthorised third party in a cyber attack caused by the employer or employee’s negligence
  •       Failing to properly dispose of or destroy confidential data which has led to it ending up in someone else’s hands

A data breach in the workplace can be very distressing and have serious consequences for those involved. In a lot of cases, these data breaches are simply caused by human errors, which can make living with the aftermath even more upsetting.

On top of the potential financial implications the event of an identity theft or financial crime can have, there is a great deal of emotional distress involved. Compensation, therefore, can be essential to help people who have suffered an employee data breach pick up the pieces and get their lives back on track. If a workplace has failed to protect your private data, we can help you make a claim for the compensation you deserve.

If you are an employer who has been the victim of a data breach click here for more information.

How do workplace data breach compensation claims work?

Understanding whether you are eligible for compensation

If your employer, HR, or someone else in your workplace has been responsible for an employee data breach, you will likely be entitled to claim compensation. Workplaces are obliged to have strict procedures in place to prevent, detect, report, and investigate any personal data breaches.

Security measures should be set that are suitable for the data being held, including introducing strong passwords and encrypting electronic data. Also, workplaces should tightly control who can access sensitive data, ensuring this is limited to those within the company that have a genuine need to access that specific data.

What can you claim for?

Financial losses

If your personal data is illegally accessed through a breach of employee information, it could potentially lead to financial crime and even identity theft. This is because cyber criminals can use the information they have gathered about you to apply for credit in your name, set up fraudulent bank accounts, and access your existing accounts. You could incur significant financial losses, and you can claim compensation for those losses.


Having your personal data stolen can have a big impact on your mental and physical wellbeing. It is common for individuals who have suffered a data breach to be unable to fall asleep and feel ill, unsettled, or confused. This type of emotional distress can be very serious, and so damages can be sought as a result.

The process of a claim

The first step in a workplace data breach claim is for the organisation responsible to be contacted by our recommended solicitors on your behalf. In this initial stage, any findings from the ICO can be used to help when speaking with the organisation. When it has been established that a breach has occurred and the consequences of that breach for you have been fully assessed, value can start to be placed on your claim.

In a lot of cases, workplace and employee data breach claims can be settled without having to follow court proceedings. However, if a settlement can’t be reached, court proceedings might be needed to secure your compensation.

Can you sue your employer for disclosing your personal information?

The Data Protection Act 2018 details that employers can only collect personal data that is thought to be ‘adequate, relevant, and necessary’, and to highlight any detrimental effects on the privacy of an individual. The DPA also states that any organisation that is using personal data must prove that:

  •       Employees were informed of the purpose and reason for this use of personal data
  •       Employees were provided with a clear explanation of how their data would be handled

Employees also need to freely consent to their data being used, meaning you could be in a position to take action against your employer if your personal data was disclosed without your permission.

Check free if you're owed an average £4,000 refund

Start My FREE Data Breach Claim 100% Safe & secure, no win no fee check