Lacey Solicitors is now offering legal support to patients affected by the recent data breach at multiple GP surgeries across Northern Ireland. If your personal information was exposed, you may be entitled to claim compensation for both financial losses and emotional distress.
What Happened?
On June 20, 2025, a theft occurred at a GP practice in County Antrim, leading to the loss of storage disks containing sensitive patient information. The Department of Health confirmed that the breach involved “missing disks” and affected a “small number of GP practices” across Northern Ireland. The Police Service of Northern Ireland (PSNI) has launched an investigation into the incident.
Patients were only notified of the potential data breach in late August 2025, nearly three months after the theft. One patient notification letter stated:
“We regret to inform you that our practice has been affected by a potential data breach. Your personal details may have been among the data involved.” The Irish News
The exposed data includes:
-
Names, addresses, and phone numbers
-
Dates of birth
-
National Health Service (NHS) numbers
-
Medical records and treatment histories
-
Prescription information and medication details
-
Health insurance and coverage information
-
Family medical history records
-
Appointment and consultation notes
Your Rights as a Victim of a Data Breach Affecting Your GP Practice
Under UK GDPR and the Data Protection Act 2018, individuals have the right to claim compensation if their personal data is exposed due to an organisation’s failure to protect it.
You may be eligible to claim for anxiety, distress and compensation for any financial losses incurred by you as a result of administration fees in dealing with this breach.
Lacey Solicitors – Data Breach Litigation Specialists
At Lacey Solicitors, we are representing patients affected by this breach. Our team is experienced in GDPR and data protection claims, and we are committed to securing compensation for individuals who have had their data breached.
We can assist with:
-
Submitting Subject Access Requests (SARs) to confirm whether your data was compromised
-
Collecting evidence of emotional distress or financial loss
-
Managing the full legal process with transparent fees
Ruaidhrí Austin, Partner at Lacey Solicitors, said:
“The loss of sensitive medical information is deeply concerning. Patients trust their GP practices to safeguard their personal data. Our team is ready to help victims pursue their rights and secure compensation for the harm caused by this breach.”
Ruaidhri Austin has already secured compensation for clients as a result of a separate data breach from a GP surgery as seen in our recent case study.
Ruaidhri also acts on behalf of clients affected by the Cabot Financial and PSNI Data Breaches.
What Should You Do Now?
If you believe your data may have been exposed:
-
Contact Lacey Solicitors for a confidential case review
-
Submit a Subject Access Request to your GP practice
-
Monitor your accounts and medical records for suspicious activity
-
Report any suspected fraud to the PSNI
-
Follow cybersecurity best practices, such as changing passwords and enabling two-factor authentification.
Contact Lacey Solicitors – Belfast & Dublin
If your personal or medical information was exposed in the Northern Ireland GP data breach, contact Lacey Solicitors today. With offices in Belfast and Dublin, our specialist team provides confidential advice on your rights under GDPR and can assist you in pursuing compensation for the harm caused.
Call us on +44 28 9089 6540 (Belfast) or +353 1 513 4375 (Dublin), or submit a free consultation request via our Online Portal.
