Kingsley Hayes discusses a typical day at Hayes Connor, the data breach and cybersecurity specialist
The team is exceptionally busy, so a typical day starts at 7.30 a.m. for me in preparation for the office opening a few hours later and certainly before the phone starts to ring! This is the best time to review progress of all our outstanding actions for the week and to plan the next phase of growth.
We’re currently running a number of group actions including data breach claims against Ticketmaster, British Airways, Marriott International, Equifax and Dixons Carphone Warehouse. Each action is currently at a different stage and most mornings are spent monitoring the ICO website for recent developments in their investigations.
We also handle individual claims and consider each on a case-by-case basis reviewing not only the actual and potential financial loss incurred by clients, but also the psychological damage suffered following a violation of their personal information.
Each matter has its unique challenges with a data breach taking place in a variety of ways and exposing varying levels of personal information. The impact of the data breach on each person is different and taking the time to listen and understand the background to that individual is key to the evaluation of any claim. The impact of data breaches on individuals and their families is often considerably underestimated by those committing the breach until we become involved.
I usually start the day with making several calls to counsel, medical experts and clients as first thing is often the best time for all concerned. Data breach developments are fast moving so I then prioritise reviewing the latest updates on enforcement decisions and audits carried out by the Information Commissioner’s Office (ICO).
New enquiries coming into the firm are then checked and responded to – we are passionate about not only meeting, but exceeding client care expectations so timely responses are important. This may include advising new clients on what they should do immediately following the discovery that their private data may have been compromised either as a result of cybercrime or human error.
A timely response from us alongside practical advice is essential at this stage to help minimise the damage for clients.
I meet with the team on a daily basis to discuss case progression providing a regular opportunity to provide supervision where required and advice on moving the claim(s) to a successful conclusion.
Camaraderie and team development are important to the success of the firm so a daily catch up helps us to be more cohesive as a team and for any concerns or issues to be raised and resolved together.
I still very much enjoy dealing with individual claims alongside managing the business and the team so much of my day will be taken up preparing for court hearings and High Court Litigation.
Dealing with the mental health impact of a data protection violation is a key focus of each day. The psychological damage caused by a data breach is often undermined or overlooked by the organisations we act against.
We have clients who have suffered heightened anxiety and depression following an incident, some have needed medication in order to cope, while others have suffered related consequences including demotions at work.
When private information is exposed and placed in the wrong hands, either due to inadequate cybersecurity or poor practices leading to human error, the worry of the risks involved can have a detrimental impact on the mental health of those affected.
I attend meetings with counsel and QCs on high value cases where significant breaches have caused psychological distress. In some cases, the harm is so severe that liaising with clients and the appropriate authorities is appropriate to ensure safeguarding is in place to protect the individuals from further harm.
I have regular discussions with tech firms on the specialist reports needed for our current group actions and cybercrime cases to ensure that we have the latest information and evidence.
Marketing our services and providing regular updates and practical advice for clients and prospective clients is a priority. I have weekly meetings with our head of business development and marketing to discuss content planning for the website, PR, case development and strategy.
I usually end a typical day by reviewing and updating the firm’s case management system. This allows me to review any actions taken during the day, see the cases I’ve been asked to review, and decide what needs to be prioritised for the following day.