1,230 victims of the Norfolk and Suffolk Police Data Breach
Wed 16 August 2023
On 15th August 2023, Norfolk and Suffolk police force issued a statement admitting the mishandling of sensitive data. Approximately 1,230 people have had their data mishandled, including victims, witnesses and suspects in cases including domestic abuse, sexual offences, assaults, thefts and hate crime.
The police forces reported that due to a technical issue, this led to data being included within files produced in response to Freedom of Information (FOI) requests between April 2021 and March 2022. The data includes personal identifiable information on victims, witnesses, and suspects in addition to description of offences.
In their joint statement, the police forces stated that whilst a “very small percentage” of FOI responses included identifiable data on victims, witnesses, and suspects, it nevertheless “should not have been included”.
They also stated that “a full and thorough analysis has been conducted into the extent of the impact the data breach has had and individuals and those who have been affected will be notified via letter, phone or even face to face, depending on the impact of the breach.” A total of 1,230 are expected to be notified by the end of September.
Stephen Bonner, the Deputy Commissioner at the Information Commissioner’s Office (ICO), is currently investigating this data breach. The ICO released a statement emphasising that a “potential impact of a breach like this reminds us that data protection is about people” highlighting the importance of having “robust measures in place to protect personal information, especially when that data is so sensitive”.
What does this mean?
Every public body, including the police, must comply with their statutory responsibility to comply with the Data Protection Act 2018 and UK General Data Protection Regulation. Your personal data is valuable and should be protected by organisations who collect and use your data. A data breach can include:
- Your personal data being accidentally or unlawfully destroyed
- Your personal data being lost
- Your personal data being altered without permission
- Your personal data being disclosed to someone who is not permitted to receive it
- Your data being accessed by an unauthorised person.
Organisations, including a police force, are legally required to inform you as soon as possible of any potential breach and should subsequently inform the Information Commissioner. Following an investigation, you may be entitled to compensation.
How to make a claim
Our Actions Against the Police department include expert solicitors who can assist you in claiming compensation against the police for mishandling your personal data. We are able to help you claim for any emotional distress, loss of privacy and any financial losses as a result of a police data protection breach.
Our team will establish the nature and extent of the breach and contact the relevant police force to begin the claims process to obtain the compensation you deserve. During any consultation, our team will discuss the different forms of funding which may be available.
Please contact us to speak to one of our expert solicitors on 020 3540 4444 or send us an email by clicking the ‘contact us now’ button at the top of the page.
To read Norfolk and Suffolk Police force’s full statement, please click here.