Disability UK Online Health News Journal, Disability Business Directory, All-In-One Disability Business Solutions. Working in Partnership With Cymru Marketing Journal (CMJUK) & UK Website Designers

Category: GDPR

Disability UK Editor Stonewalled By DWP

Image Credit
Disclaimer this article uses trigger words that some readers may find uncomfortable.


01/12/23 Update

After successfully logging my complaint on the 16th of November 2023 over the phone, I was told to wait 15 days to get a response. I have cognitive impairment and sometimes forget, so I phoned Monday 25th November 2023, and was told to wait 4 more days.

Four days came and went, I did not receive anything so phoned them again. This time I was put on hold for 50 minutes before being put through to a case manager, a lovely gentleman with a Liverpool accent (R) who made me feel at ease and was empathetic. This was a refreshing change from some of the gatekeepers I have dealt with in the past. We talked for an hour and ten minutes and I managed to say nearly everything in this article, however, I was told it was out of his hands and that my complaint had been passed to another team and I simply had to wait for them to get in touch.

I asked how long I should wait even though I found a citation that I quoted was 18 months which the agent was not aware of.


I do not open my mouth unless I have substantial evidence to back my claims.

I am not going to wait 18 months to get my complaint heard.

I was also told that the complaint I made, about the assessor should have been logged with the agency (Capita) and not with DWP, even though Capita told me they could not do anything and that I had to contact DWP.

DWP told me today to go back to Capita.

Today is my 8th phone call.

I was told that the emails on the GOV websites should have been updated two years ago as they stopped using (.gsi) in their emails, hence why emails have been bouncing. I have published the emails that work towards the end of this article.

Do they need a website designer as I am willing to take on the job?

This whole scenario is exhausting and I pity people who have not got a voice or a platform to vent. To think I am trying to help people get back to work to avoid sanctions and this is how DWP thank me.

I was told I should send another email with my attachment seeing I now have permission to email. This has purposely been done to make people give up, but I love a challenge. I am now going full-on Rambo, and I am NOT going to be accepting apologies or their £50 gestures of goodwill.




13/11/23 Disability UK Editor Stonewalled By The DWP (Timeline)

I am being stonewalled by the DWP. Regardless if I mentioned that stonewalling can impact someone’s mental health, they do not care and will purposely avoid dealing with the issue in the hope you will give up and go away. Unlike most people, I fight for my rights and do not give up easily. https://disabledentrepreneur.uk/the-impact-on-stonewalling-patients/ I have in total emailed 30 times, and phoned 6 times each call taking about an hour including waiting time getting through, trying to register a complaint.

Complaint: ‘How I Have Been Treated’.

My formal complaint:

  1. Disability Discrimination: (DWP) assumed that because I have mental health conditions, I am deemed to be able to do things of an abled body person, which is a contradiction as I suffer from OCD -germ contamination). My medical records were never accessed as the assessor was asking for dates of when I was diagnosed, she also did not know what one of the medications was and asked me to clarify. I believe I have been subject to discrimination based on my disability. Despite my entitlement to reasonable accommodations, I have faced consistent challenges in accessing services and support that are essential for my well-being. This treatment has left me feeling marginalized and disadvantaged due to my disability, which is not in line with the principles of equality and non-discrimination.
  2. Breach of the DWP’s Code of Conduct: (Trigger Questions – Questions about Suicidal Thoughts. The DWP’s Code of Conduct outlines the expected standards of behavior and service provision for its staff. I have experienced an incident where a PIP assessor on behalf of the DWP has acted in a manner that does not adhere to these standards. This includes a lack of empathy, respect, and professionalism when dealing with my specific needs and concerns. I was subjected to immense distress answering questions that were making me feel uncomfortable. I repeated serval times that the line of questioning was making me distressed, but the assessor persisted stating she was unaware the questions were a trigger and that she had to ask the questions. (A professional psychologist would ask on a scale of 1-10 how you are feeling and if have you ever felt low, NOT: (have you ever thought of self-harming or ever tried to commit suicide).
  3. Data Breach: I recently became aware of a data breach involving my personal information within the DWP. This breach has raised serious concerns about the security and confidentiality of my sensitive data, which has been mishandled, potentially exposing me to identity theft and other risks. (Lost Report sent by 2nd class Royal Mail on 12/10/23 not received– Someone has my personal information, I have also asked for a copy to be sent via email which the DWP has refused to do. This is very concerning. ​Data Protection Laws**The mishandling of my personal data not only constitutes a data breach but also raises concerns about the DWP’s compliance with data protection laws. The failure to protect my sensitive information infringes on my right to privacy and data security, which is protected under the General Data Protection Regulation (GDPR). The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 govern the processing of personal data in the UK and the EU (If the assessor recorded the call without telling me and then went on the share the recording with DWP, she would have breached data protection laws. She would also have to release the call recording if requested by law, which I have done, multiple times, yet DWP claims to not know of a phone recording). I have just received the report that has very sensitive information and mentions this website in the report I requested this report 4 times so that means 3 copies have gone astray and God knows who has read this report and the damage to my reputation. Furthermore, the report is incorrect as the assessor lied in the report. (I have addressed this in my addendum letter).
  4. Emotional Distress: The cumulative impact of the aforementioned issues has resulted in significant emotional distress. The discrimination, lack of support, and the data breach have taken a toll on my mental well-being, causing anxiety, stress, and emotional suffering. (Emotional distress caused by discrimination, humiliation, and data breach has had a significant impact on my mental health and well-being. I am now struggling with my mental health and find it hard to do any work (my business has now been affected because I am struggling to work), my mental health has deteriorated as I now have intrusive thoughts and paranoia, my OCD has shot through the roof). Where I was making progress with my mental health DWP successfully damaged my wellbeing.
  5. Request For Correction – Information rights complaint: I am concerned that my personal information was not handled properly. I understand that before reporting my complaint to the Information Commissioner’s Office (ICO) I should give you the chance to deal with it. If, when I receive a response, I would still like to report my complaint to the ICO, I will give them a copy of it to consider. You can find guidance on your obligations under information rights legislation on the ICO’s website (www.ico.org.uk) as well as information on their regulatory powers and the action they can take.

1. Disability Discrimination

For obvious reasons, I am not going to go into too much detail about this, however, DWP has assumed I can do things of an abled-bodied person even though I have OCD. https://disabledentrepreneur.uk/can-you-get-pip-if-you-have-ocd/

Not once in the conversation with the assessor did she ask how I manage my OCD or the length of time it takes me to do things.

I have written a letter that I have attempted to send to DWP and no one wants to pass it on ( Can you hear alarm bells).

2. Breach Of the DWP Code Of Conduct

The assessor failed to comply with the code of conduct relating to how the assessor did the assessment. I addressed my concerns in the letter that no one wants to pass on. I have the name of someone in DWP and will liaise with this individual by sending the link to this article. He already has the body content of the addendum letter dated 06/11/23 and he claims he could not open the PDF attachments because the system had flagged them. Worst-case scenario I will redact my address off all the letters from my doctor and the solicitor’s letter including sensitive data and post them here. Even the letters I have from my GP and Solicitor are not as sensitive as the content of the report. I do not hide the fact I have OCD and would not be the owner of www.ocd.cymru or www.germawareness.co.uk if I did not have a vested interest.

3. Data Breach (This Is Serious)

To date (cited 13/11/23), I have not had a response to my complaint from the DWP which is being passed from pillar to post (no pun intended), and the blame game of excuses and no concern for the seriousness of my complaint, stating “Royal Mail Have Had Delays“.

Data Breach Seriousness

The point is my sensitive data was sent in 2nd class post against ICO.org.uk guidelines, which I requested 4 times since the 23rd of October 2023 even though my assessment was on the 11th of September 2023, and according to DWP the first report was sent out 12/10/23 but did not arrive. Regardless if the reports were sent out or not it is the content of the report that is alarming to read and some of it is incorrect hence I have requested corrections but I am being stonewalled.

DWP Envelope Of Report
Evidence of DWP Envelope -Crumpled After Salvaging It.

I aim to take my complaint further and am sick to the back teeth of writing regurgitated information, hence have decided to write this in this post for everyone to read.

According to ICO.org.uk Risk-assessing data breaches

Recital 87 of the UK GDPR says that when a security incident takes place, you should quickly establish whether a personal data breach has occurred and, if so, promptly take steps to address it, including telling the ICO if required. DWP has a laid-back attitude it is only me so it does not matter. But what about the rest of the population whose reports have gone astray (Ironically, The DWP has a responsibility under the DPA 1998 not to lose your documents, yet they send 2nd class mail knowing the content has sensitive data).

“A personal data breach may, if not addressed in an appropriate and timely manner, result in physical, material or non-material damage to natural persons such as loss of control over their personal data or limitation of their rights, discrimination, identity theft or fraud, financial loss, unauthorised reversal of pseudonymisation, damage to reputation, loss of confidentiality of personal data protected by professional secrecy or any other significant economic or social disadvantage to the natural person concerned.

Personal data breaches: a guide | ICO

This means that a breach can have a range of adverse effects on individuals, which include emotional distress, and physical and material damage. Some personal data breaches will not lead to risks beyond possible inconvenience to those who need the data to do their job. Other breaches can significantly affect individuals whose personal data has been compromised. You need to assess this case by case, looking at all relevant factors. Make a complaint | ICO

This is a breach of confidence, misuse of private information, breach of duty under the Data Protection Act 1998, and breach of the Human Rights Act 1998.

Data Protection Act 2018:

The DPA 2018 complements the GDPR in the UK and provides additional details and specifications for data protection. It includes provisions specific to the UK context and outlines the powers and functions of the Information Commissioner’s Office (ICO), which is the independent regulatory authority responsible for enforcing data protection laws.

  • Year Enacted: 2018
  • Key Provisions:
    • Outlines the framework for data protection in the UK.
    • Implements GDPR standards into UK law.
  • Website: Data Protection Act 2018

Human Rights Act 1998:

  • Year Enacted: 1998
  • Key Provisions:
    • Incorporates the European Convention on Human Rights into UK law.
  • Website: Human Rights Act 1998

Microsoft Word – FINAL Data Protection Report.doc (parliament.uk)

4. Emotional Distress

The amount of emotional distress this has caused me and my mental health to deteriorate is inconceivable. It therefore does not surprise me in the slightest that 82 people have taken their own lives because of the way DWP treated them.

I am worried about my data and who has got it and the lack of concern by the DWP. I could potentially have identity theft as there is enough information in this report to clone me.

The emotional distress this has caused me is inconceivable. (I am NOT feeling suicidal much to the disappointment of DWP). I am way stronger than this, but can you imagine people of the weaker mind and what this does to their mental health?

82 People Have Died Because Of DWP/PIP

5. Request For Correction

The details in the report are incorrect and I have cited all my points in the letter that no one wants to pass on.

Your right to get your data corrected | ICO (Your Rights To Have Data Corrected)

  • security@justice.gov.uk
  • itpolicycontent@digital.justice.gov.uk

Useful Links:

(These are some of the places I plan to contact, including the editors of the publications).

Latest News:

Further Reading:


I first contacted Capita which then told me to contact DWP which is now telling me to contact Capita. (You could not make this up).

I attempted to escalate the complaint to the emails on the government website which all bounced.

These contact details relate to PIP (all have bounced)

  • Direct Claimant: www.gov.uk/pip Email: pip.feedback@dwp.gsi.gov.uk (bounced)
  • Teo Cambeeiro: Complaints Resolution Manager: Email: correspondence@dwp.gsi.gov.uk (bounced)
  • Email: ministers@dwp.gsi.gov.uk Tel: 0800 731 7339 Tel: 0345 606 0265 (not tried)

These Emails Work!

  • correspondence@dwp.gov.uk
  • complaints@capita-pip.co.uk
  • smb-contact.us@capita.com
  • contactus@capita-pip.co.uk

Independent Case Examiner:

I also contacted the Independent Case Examiner:

Although I have gone back to the front I have emailed and phoned the Independent Case Examiner: PO Box 209 Bootle L20 7WA Email: ice@dwp.gov.uk Tel: 0800 414 8529 (email works and so does the telephone number) How to bring a complaint to the Independent Case Examiner – GOV.UK (www.gov.uk) They have responded, but because there is no record of my complaint from the DWP they cannot action my complaint. (Why does that not surprise me)? I am not holding my breath the get a response from the DWP and have given them a deadline of the 17th of November 2023 to respond.

If for one minute they think I will go away over this they have another thing coming. I have rights that have been violated and I will exercise them if I have to.

“I am not just doing this for me, I am doing this for everyone in the UK, who is being mistreated”.

My Argument

I have cited Sir Charles Walker MP who is very vocal about his OCD and he proves that people with OCD can be intellectual and have a mental health disorder:

According to DWP if you have a mental illness you cannot be a carer according to the report I received (this is discrimination) https://disabledentrepreneur.uk/carers-mental-health-discrimination/ Therefore Sir Charles Walker should not be an MP if that’s the case.

I also plan to contact my connections which are advocates of mental health. I have nearly 12k connections on LinkedIn and whilst I am at it why don’t I throw my GP surgery under the bus (metaphorically speaking) for their lack of duty of care after I wrote 3 separate letters to them that were put on the system and never actioned. I complained and the practice manager responded by saying “Doctors are too busy to respond to letters and if I did not like it I should find another GP“, further stating “They are under no obligation to give me care“. Meaning if I continued to complain they would throw me out. (I am dependent on my medication) so you can imagine if I had no doctor at all, hence that is why I have collaborated with online doctors should this ever happen.

What You Should Do

If you find yourself without a response from a complaint made to the Department for Work and Pensions (DWP), it is crucial to take proactive steps to address the issue. Begin by checking the communication channels you used to submit your complaint, such as emails, letters, or online forms, to ensure that your submission was properly received. If possible, follow up through the same channels, politely reiterating the details of your complaint and expressing your concern about the lack of response. Additionally, explore alternative contact methods, such as calling the DWP’s helpline or visiting a local office if applicable. If all else fails, consider escalating the matter by contacting relevant ombudsman services or seeking advice from advocacy organizations that specialize in social welfare issues. Persistence and clear communication are key when navigating bureaucratic processes to ensure your concerns are addressed.

UPDATE 15/11/23

I had a response to an email that I sent this week and the person I liaised with said there is no complaint registered (It makes you laugh when he is a decision-maker).

Considering I have phoned multiple times and complained, no one is logging my complaint furthermore the person I have been dealing with did no understand the context of my complaint even though he received the link to this page as well as several regurgitated emails complaining over and over again that I wish to make a complaint.

I have a screenshot shot his email I received today and also all the emails I have sent since September 2023 trying to make a complaint.

Are they purposely trying to push people over the edge to save public spending?

Email Correspondence Timeline & Evidence

** All the above emails are my email attempts to DWP, autoresponders, and bounced messages. I did have some emails from Capita saying they had logged my complaint (contrary to what the entity today has said) and passed on my evidence.

The rest of the emails from DWP state they would not communicate with me and that I should phone them instead. But each time I phone them they tell me they are not aware of any complaint or that that anything has been passed on to them via email. I feel deflated but I am not giving up.

“How many times do I need to phone them to register a complaint? They are purposely trying to drag this out in the hope I will give up”.

“I cannot wait for this to go to court”!

The Email Today! (15/11/23)

So this entity as I do not know what I am dealing with does not know the context of my complaint even though I sent him the body of my addendum letter and have copied and pasted my complaint at the beginning of this article which I forwarded the link to him is telling me no complaint was ever logged.

For all intent and purpose, I have copied and pasted the email I received today as the images do not reflect the writing very well.

My Complaint Is How I Have Been Treated.

It is not about the money anymore it is the way I have been treated. God help everyone else who has had to deal with these people, who seem to think they can play God with people’s lives.

Here is the email body:

  • Disability Discrimination – This is an assessment issue. Go directly to the assessment provider.
  • Breach of the DWP Code of Conduct – I am unsure what this is linked to. Please explain on your call.
  • Data Breach – We send everything second class post, this is a normal process. We are not responsible for lost mail. Please contact Royal Mail.
  • Emotional Distress – You have not formally made a complaint.
  • Request For Correction of Report – This can be dealt with by request on the telephone. You do not have access to email. We are not obliged to respond to any email requests.

My Defence

Considering the Independent Case Examiner gave me the email to the entity I have been dealing with who said I should not correspond by email and he will no longer be returning my messages it just shows what I am up against.

I have phoned five times and tomorrow will be the sixth and have also contacted Capita by email requesting a copy of my report so in total I requested my report 4 times once by email to Capita and three times over the phone to DWP, I have only received one report. In the five phone calls, I said I wished to raise complaints and tomorrow will be the sixth time.

(Talking over the phone is going to go through one ear and out with the other). Even if I phoned 100 times they would not respond to my complaint(s). This is stonewalling at its finest.

This is against my human rights and I exercise my rights not only for me but for the good of the nation.

I will update you in due course when I get to phone them again. I will also start contacting some journalists and Charity CEO’s.

UPDATE 16/11/23

One needs permission to communicate by email apparently as cited by my call that transpired today trying to register my complaint.

The first person I spoke to told me to tell him everything and said he could see notes but they were too long to read.

The second person claimed to have registered the complaint but did not ask in detail what the complaint was over, which tells me they have all my evidence and documentation. I asked for him to read the notes of the decision maker, but he avoided my request, hence I have just sent an online for my information. I will laugh my socks off (NOT) if they send it via Royal Mail.

When I asked how long before my complaint would be dealt with he was evasive and would not give me a timeframe so I gave him a deadline of 14 days as I always do. The 14 days keep repeating every 14 days.

Frustrated at the fact that I was being swept under the carpet I demanded to know who I was liaising with (title) and it transpires he is the ‘Decision Maker’ no wonder the country is in the state it is in when they employ people that cannot read emails properly or read complaints and understand them.

I have since requested my information again but this time on the Gov website: Request your personal information from the Department for Work and Pensions – GOV.UK (www.gov.uk)

Just to be clear I did ask for the call recording and assessor notes from Capita and they replied that I would get the information in 40 days, which was on the 20th of October 2023.

Making A Complaint

I have found also this source to register a complaint:

https://makeacomplaint.dwp.gov.uk/personal-details (this link is not for DWP/PIP).

This button is for Job Seekers Allowance and Universal Credit I could not find a direct online complaint for DWP/PIP

I did however find this link Complaints procedure – Department for Work and Pensions – GOV.UK (www.gov.uk) but it does not have a way to complain online, I guess it is because of the sheer volume of complaints it gets their website would most probably crash.

Contact the Department for Work and Pensions about its policies – GOV.UK (www.gov.uk)

Ministerial Correspondence Team
Caxton House
Tothill Street

Address legal documents to the DWP Litigation Division.

Email the ministerial correspondence team

Send your question using the online contact form (I may contact them using this form).

Write to the ministerial correspondence team

Do not send benefit applications to this address. They will not be dealt with. Find out how to apply for benefits.

Contact the DWP ministerial correspondence team


If I do not get a response from DWP I will start contacting the relevant organizations as cited in this article, plus contact all the Charity CEOs and Media to cover this. I will update you on here if I hear anything.

#dwp #pip #personalindependencepayments #stonewalling #databreach #disabilitydiscrimination #privacyviolation #gdpr #ico #ice #dataprotection #gdpr


UK Banner

UK Banner

Blue Butterfly Logo

Data Breach Sensitive Data

Data Breach Sensitive Data

Safeguarding Sensitive Data: A Call to Action

Where the world is dominated by technological advancements, the protection of sensitive data has become a paramount concern. As businesses and individuals alike entrust their most confidential information to online platforms, the specter of data breaches looms large, posing a significant threat to privacy and security.

The Rise of Data Breaches

Data breaches have become increasingly prevalent, making headlines across the globe as cybercriminals exploit vulnerabilities in digital systems to gain unauthorized access to sensitive information. These breaches can have far-reaching consequences, impacting individuals, businesses, and even entire economies.

The Stakes: Sensitive Data at Risk

Sensitive data encompasses a broad spectrum of information, ranging from personal identifiers such as names and addresses to more critical details like financial records and healthcare information. The exposure of such data can lead to identity theft, financial fraud, and even compromise the safety of individuals.

The Targets: Industries in the Crosshairs

No sector is immune to the threat of data breaches. From healthcare and finance to e-commerce and government agencies, cybercriminals are relentless in their pursuit of valuable information. The consequences can be devastating, eroding trust and causing irreparable damage to an organization’s reputation.

The Fallout: Repercussions of a Breach

The fallout from a data breach is not limited to financial losses. Organizations often face legal consequences, regulatory fines, and the erosion of customer trust. Individuals, on the other hand, may find themselves grappling with the arduous process of identity theft recovery, enduring financial hardships and emotional distress.

The Need for Vigilance: A Collective Responsibility

In the face of this growing threat, individuals and organizations must adopt a proactive stance toward data protection. Robust cybersecurity measures, including encryption, multi-factor authentication, and regular security audits, can fortify digital defenses against potential breaches.

Empowering Individuals: Digital Literacy and Best Practices

Educating individuals about digital literacy and best practices in cybersecurity is equally crucial. Simple actions, such as using strong, unique passwords and being cautious of phishing attempts, can go a long way in safeguarding personal information.

Collaboration for a Secure Future

The fight against data breaches requires a collaborative effort. Governments, businesses, and individuals must work hand in hand to develop and implement comprehensive cybersecurity frameworks. This includes staying abreast of the latest threats, investing in cutting-edge technology, and fostering a culture of security awareness.

Sending Data Securely

Sending sensitive data securely is crucial in an age where digital communication is pervasive, and the risk of interception or unauthorized access is ever-present. Whether you’re sharing confidential business information or personal details, adopting secure practices ensures that your data remains protected.

Here’s a guide on how to send sensitive data securely:

1. Encryption is Key:

Before sending any sensitive information, encrypt the data. Encryption converts the information into a code that can only be deciphered by someone with the appropriate decryption key. Use reputable encryption tools or services to safeguard your data during transit.

2. Use Secure Communication Channels:

Opt for secure communication channels such as encrypted email services or messaging platforms. Look for protocols like TLS (Transport Layer Security) or end-to-end encryption, which provide an additional layer of protection.

3. Password Protection:

If you are sending sensitive files, consider password-protecting them. Share the password separately through a secure channel to ensure that even if the data is intercepted, it remains inaccessible without the correct credentials.

4. Secure File Transfer Protocols:

When transferring files, use secure file transfer protocols such as SFTP (Secure File Transfer Protocol) or HTTPS (Hypertext Transfer Protocol Secure). These protocols encrypt the data during the transfer process, minimizing the risk of interception.

5. Two-Factor Authentication (2FA):

Implement two-factor authentication whenever possible. This adds an extra layer of security by requiring a secondary verification step, such as a code sent to your mobile device, in addition to the usual login credentials.

6. Avoid Public Wi-Fi:

Be cautious when sending sensitive data over public Wi-Fi networks. These networks can be vulnerable to hacking. If possible, use a virtual private network (VPN) to establish a secure connection before transmitting sensitive information.

7. Limit Access and Permissions:

Only share sensitive data with individuals who absolutely need access to it. Limit permissions and ensure that recipients are trustworthy. This minimizes the potential points of vulnerability.

8. Regularly Update Software:

Keep your software, including encryption tools and communication platforms, up to date. Regular updates often include security patches that address vulnerabilities, enhancing the overall security of your digital communication.

9. Secure Cloud Storage:

If you’re sharing data through cloud storage, choose reputable services that offer robust security features. Enable encryption for stored data and be mindful of access controls to prevent unauthorized users from gaining entry.

10. Delete Unnecessary Data:

Once the data has been securely transmitted, delete any unnecessary copies. This reduces the risk of accidental exposure and ensures that sensitive information is not linger in insecure locations.

Sending sensitive data securely requires a combination of encryption, secure channels, and cautious practices. By adopting these measures, you can significantly mitigate the risks associated with digital communication and protect the confidentiality of the information you share. Always stay informed about the latest security protocols and technologies to adapt to the evolving landscape of digital security.

The Dilemma of Sending Sensitive Data via Postal Mail: A Risk-Benefit Analysis

In an era dominated by digital communication, the question of whether sensitive data should be sent via postal mail may seem antiquated. However, the age-old practice of sending information through physical mail still raises pertinent concerns about security, privacy, and the potential risks involved.

The Advantages of Postal Mail:

  1. Physical Security: Unlike digital communication, postal mail operates in the tangible realm. Once a letter or document is sealed and sent, it exists as a physical entity. This can provide a level of security against digital threats such as hacking or unauthorized access.
  2. Limited Digital Footprint: Sending sensitive data via postal mail leaves a minimal digital footprint compared to electronic communication. This can be an advantage for individuals or organizations aiming to reduce their exposure to cyber threats.
  3. No Electronic Trail: Postal mail does not leave behind an electronic trail that can be traced or intercepted. This can be appealing to those who prioritize privacy and want to avoid the potential vulnerabilities associated with digital communication.

The Risks and Considerations:

  1. Loss or Damage: Physical mail is susceptible to loss, theft, or damage during transit. While postal services take precautions, the inherent risks of the physical world can result in the loss of sensitive information.
  2. Limited Tracking: Unlike digital communication, which often allows for real-time tracking, postal mail provides limited visibility into its journey. This lack of tracking capability can be a drawback when it comes to ensuring the timely and secure delivery of sensitive data.
  3. Time Sensitivity: Postal mail is not instantaneous, and time-sensitive information may be better suited for digital transmission. Delays in delivery can be a critical factor, particularly in situations where a swift response is required.
  4. Increased Regulatory Scrutiny: In an age where data protection regulations are becoming more stringent, sending sensitive information via postal mail may attract increased regulatory scrutiny. Digital channels offer more robust options for demonstrating compliance with privacy and security standards.

Best Practices for Sending Sensitive Data via Postal Mail:

  1. Use Secure Packaging: Ensure that sensitive documents are well-protected in tamper-evident, secure packaging to minimize the risk of damage or unauthorized access.
  2. Choose Registered Mail: Opt for registered or certified mail services that provide tracking, proof of delivery, and additional security measures.
  3. Consider Encryption: While not applicable to physical mail, consider encrypting digital files before printing and sending them to add an extra layer of security.

The decision to send sensitive data via postal mail hinges on a careful consideration of the specific circumstances, risks, and benefits involved. While digital communication offers efficiency and speed, postal mail can provide a tangible sense of security. Individuals and organizations need to weigh these factors and adopt best practices to mitigate potential risks when opting for traditional postal methods. As technology continues to evolve, finding the right balance between digital and physical communication is key to safeguarding sensitive information in an increasingly interconnected world.

What if sensitive data is lost in the post

Losing sensitive data in the post can be a serious and concerning situation, posing potential risks to privacy, security, and the individuals or organizations involved. When sensitive information is misplaced during transit, taking immediate action to mitigate the impact and address the potential consequences is crucial. Here are steps to consider if sensitive data is lost in the post:

1. Assess the Nature of the Data:

Determine the sensitivity and potential impact of the lost data. Different types of information may require varying levels of response, depending on factors such as personal identifiers, financial details, or proprietary business information.

2. Notify Relevant Parties:

If the lost data involves personal information of individuals, consider notifying the affected parties promptly. Transparency is key in building and maintaining trust. Provide clear and concise information about the situation and the steps being taken to address it.

3. Report to Authorities:

Depending on the nature of the lost data, report the incident to relevant authorities or regulatory bodies. In many jurisdictions, there are specific regulations and requirements for disclosing data breaches, and failing to comply may result in legal consequences.

4. Cooperate with Postal Services:

Contact the postal service responsible for the lost delivery. Provide them with detailed information about the contents of the package, the sender, and the intended recipient. Work closely with them to track the package and determine if it can be located.

5. Implement Security Measures:

In the event of sensitive data loss, it’s essential to implement additional security measures to prevent further unauthorized access or misuse. This may include changing passwords, monitoring accounts for suspicious activity, or implementing credit monitoring services for affected individuals.

6. Review and Improve Protocols:

Conduct a thorough review of the circumstances surrounding the loss and assess whether existing protocols for sending sensitive data were followed. Identify any weaknesses in the process and implement improvements to prevent similar incidents in the future.

7. Communicate Internally:

If the lost data is related to an organization’s internal information, communicate the incident internally. Ensure that employees are aware of the situation and any additional security measures that need to be implemented.

8. Offer Assistance to Affected Parties:

Provide assistance, resources, or support to individuals or organizations affected by the loss. This may include guidance on identity theft protection, credit monitoring services, or any other relevant support.

9. Legal and Regulatory Compliance:

Ensure that all actions taken align with legal and regulatory requirements. Compliance with data protection laws is crucial in managing the aftermath of a data loss incident.

10. Learn from the Incident:

Treat the incident as an opportunity to learn and improve. Conduct a post-incident analysis to understand the root causes, and use this knowledge to enhance security protocols and training for future data handling.

In summary, responding to the loss of sensitive data in the post requires a comprehensive and proactive approach. Timely communication, cooperation with relevant authorities, and the implementation of additional security measures are crucial to mitigating the impact and preventing further complications.

What laws are there in the UK to protect you from Data Breach

In the United Kingdom, data protection is primarily governed by the Data Protection Act 2018 (DPA 2018) and the General Data Protection Regulation (GDPR). These regulations work in tandem to provide a comprehensive framework for the protection of individuals’ personal data and to regulate the processing of such data by organizations. Here are the key components of the legal framework for data protection in the UK:

1. General Data Protection Regulation (GDPR):

The GDPR is a European Union regulation that came into effect on May 25, 2018. Despite Brexit, the UK has incorporated the GDPR principles into its domestic law. The GDPR establishes the rights of individuals regarding their personal data and imposes obligations on organizations that process this data. Key provisions include:

  • Data Subject Rights: The GDPR grants individuals various rights, including the right to access their personal data, the right to have inaccurate data corrected, and the right to have their data erased under certain circumstances.
  • Data Breach Notification: Organizations are required to report certain types of data breaches to the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of the breach unless the breach is unlikely to result in a risk to individuals’ rights and freedoms.
  • Data Protection Officers (DPOs): Some organizations are required to appoint a Data Protection Officer to oversee GDPR compliance.

2. Data Protection Act 2018:

The DPA 2018 complements the GDPR in the UK and provides additional details and specifications for data protection. It includes provisions specific to the UK context and outlines the powers and functions of the Information Commissioner’s Office (ICO), which is the independent regulatory authority responsible for enforcing data protection laws.

  • Exemptions and Derogations: The DPA 2018 includes specific exemptions and derogations from certain GDPR provisions in areas such as national security, law enforcement, and intelligence services.
  • Criminal Offenses: The DPA 2018 introduces criminal offenses related to data protection, including unlawfully obtaining or selling personal data.

3. Privacy and Electronic Communications Regulations (PECR):

PECR, alongside the GDPR and DPA 2018, focuses on privacy rights in electronic communications. It covers areas such as marketing communications, the use of cookies, and the security of public electronic communications services.

  • Direct Marketing: PECR sets rules for electronic marketing communications, including requirements for consent and opt-out mechanisms.
  • Cookies and Similar Technologies: Websites must obtain user consent before placing cookies on their devices, except for essential cookies necessary for the functioning of the website.

Enforcement and Penalties:

The ICO is the UK’s independent regulator for data protection, and it has the authority to investigate and impose penalties for non-compliance with data protection laws. Fines for serious breaches of the GDPR can be substantial, reaching up to 4% of a company’s global annual turnover or €20 million, whichever is higher.

Individuals also have the right to seek compensation for damages resulting from a data protection breach.

In summary, the legal framework in the UK provides robust protection for individuals’ data rights, and organizations must adhere to these regulations to ensure the secure and lawful processing of personal information.

Safeguarding Data: Addressing Concerns and Complaints Surrounding DWP Data Sent via Post

Concerns have been raised regarding the Department for Work and Pensions (DWP) and its practices concerning the mailing of sensitive information. Complaints have surfaced regarding the transmission of personal and confidential data through postal services, sparking a conversation about the security of such communications and the potential risks involved.

The Gravity of the Matter:

The DWP handles a vast amount of personal data, including information about individuals’ financial situations, health conditions, and other sensitive details. As part of its communication strategy, the DWP often relies on traditional postal services to disseminate important documents and information to recipients across the country.

However, complaints regarding the security of this method have emerged, with individuals expressing concerns about the potential risks associated with sending confidential data via post. Instances of lost or misdelivered mail, delays, and fears of unauthorized access have given rise to calls for a reassessment of the DWP’s data transmission practices.

Understanding the Concerns:

  1. Risk of Loss or Misdelivery: Postal services, while generally reliable, are not infallible. Instances of mail being lost or delivered to the wrong address can pose significant risks, especially when dealing with sensitive information that is meant for a specific individual.
  2. Data Security in Transit: The security of data during transit is a paramount concern. Ensuring that personal and financial details remain confidential and untouched during their journey from sender to recipient is crucial in maintaining public trust.
  3. Impact on Vulnerable Individuals: Many individuals receiving communications from the DWP may be vulnerable due to health conditions or financial instability. Any mishandling of their sensitive information could exacerbate their challenges and lead to further distress.

DWP’s Response and Action Plan:

The DWP, acknowledging the concerns raised, has expressed a commitment to addressing these issues head-on. Steps are being taken to enhance the security measures surrounding the transmission of sensitive information through postal services. These measures include:

  1. Review of Data Handling Protocols: The DWP is conducting a comprehensive review of its data handling protocols to identify areas for improvement. This includes an assessment of the methods used to transmit information via post and potential alternatives that might enhance security.
  2. Increased Use of Secure Channels: Exploring the possibility of increased use of secure digital channels for communication to reduce reliance on traditional postal services. This could involve the implementation of encrypted email or secure online portals for sensitive information.
  3. Enhanced Staff Training: Improving training for DWP staff to ensure they are well-versed in data protection practices and the importance of secure data transmission. This may include updated protocols for packaging and labeling sensitive documents.

Moving Forward: Balancing Tradition with Innovation:

As the DWP works towards resolving these concerns, finding a balance between traditional communication methods and embracing innovative, secure technologies will be key. Striking this balance will not only enhance the security of sensitive data but also demonstrate a commitment to adapting to the evolving landscape of data protection.

The DWP’s commitment to addressing complaints about data sent via post is a positive step towards ensuring the security and confidentiality of individuals’ information. The ongoing efforts to enhance data handling protocols and explore secure digital alternatives reflect a dedication to maintaining the trust of the public while fulfilling the vital role of the DWP in providing support and services to those in need.

Taking Control: What to Do If Your Data is Mishandled by the DWP

Discovering that your personal data has been mishandled can be a distressing experience, especially when it involves an organization as pivotal as the Department for Work and Pensions (DWP). Whether through a misplaced document, an administrative error, or a more serious breach, knowing how to respond is crucial. Here’s a guide on what to do if you find your data has been mishandled by the DWP.

1. Stay Calm and Gather Information:

The initial discovery of data mishandling can be unsettling, but it’s essential to stay calm. Begin by gathering all relevant information about the incident. This may include details about the nature of the data when you became aware of the mishandling, and any correspondence from the DWP.

2. Document Everything:

Keep a detailed record of all interactions, including emails, letters, and phone calls related to the incident. Documenting the timeline and the steps you take will be valuable if you need to escalate the matter.

3. Contact the DWP:

Reach out to the DWP as soon as possible to report the incident. Provide them with a clear and concise account of what has occurred, including any evidence you may have. The DWP should have a dedicated point of contact for data protection issues.

4. Request an Explanation:

Seek a detailed explanation from the DWP about how and why the mishandling occurred. Understanding the root cause will help you assess the potential impact on your personal information and can inform your next steps.

5. Exercise Your Rights:

As an individual, you have rights under data protection laws. Request access to your personal data held by the DWP, and inquire about the legal basis for processing that data. You also have the right to rectify inaccuracies and, in certain circumstances, the right to erasure.

6. Monitor Your Accounts:

If the mishandled data involves financial or sensitive information, closely monitor your accounts for any suspicious activity. Report any unauthorized transactions to your bank or relevant financial institutions promptly.

7. Report to the Information Commissioner’s Office (ICO):

If you are dissatisfied with the DWP’s response or if you believe the mishandling poses a significant risk to your rights and freedoms, you can report the incident to the ICO. The ICO is the independent regulatory body overseeing data protection in the UK.

8. Seek Legal Advice:

If the mishandling has resulted in tangible harm or distress, consider seeking legal advice. A solicitor specializing in data protection law can provide guidance on potential avenues for compensation or resolution.

9. Stay Informed:

Stay informed about developments related to the incident. The DWP may provide updates on their investigation and any measures taken to prevent future mishandling. Being informed will empower you to make decisions based on the latest information available.

10. Advocate for Change:

If you’ve experienced data mishandling, consider using your experience to advocate for improved data protection measures. Engage with organizations, lawmakers, and advocacy groups to promote accountability and transparency in data handling practices.

11. Taking Control of Your Data Protection:

Discovering that your data has been mishandled can be disconcerting, but taking proactive steps empowers you to regain control. By reporting the incident, exercising your rights, and staying vigilant, you contribute to the broader efforts to ensure robust data protection practices by organizations like the DWP. Remember, your data is valuable, and safeguarding it is a shared responsibility.

List of Governing Bodies in the UK that can help with Data Breaches

In the United Kingdom, several governing bodies and regulatory authorities are dedicated to addressing and providing assistance with data breaches.

Here is a list of key entities along with their websites where you can find more information and report data breaches:

1. Information Commissioner’s Office (ICO):

  • Website: Information Commissioner’s Office
  • Role: The ICO is the UK’s independent regulator for data protection. It oversees compliance with data protection laws, investigates data breaches, and has the authority to impose fines for non-compliance.

2. Financial Conduct Authority (FCA):

  • Website: Financial Conduct Authority
  • Role: The FCA regulates financial firms and markets in the UK. It has specific guidelines for financial organizations regarding data breaches and cybersecurity.

3. National Cyber Security Centre (NCSC):

  • Website: National Cyber Security Centre
  • Role: The NCSC is a part of GCHQ and provides guidance on cybersecurity. While it does not regulate, it offers valuable resources for organizations and individuals to enhance their cybersecurity measures.

4. The Financial Ombudsman Service:

  • Website: Financial Ombudsman Service
  • Role: The Financial Ombudsman Service resolves disputes between financial businesses and their customers, including those related to data breaches.

5. The Prudential Regulation Authority (PRA):

  • Website: Prudential Regulation Authority
  • Role: The PRA is part of the Bank of England and oversees the stability and resilience of financial institutions. It may be involved in data breach investigations within the financial sector.

6. The Competition and Markets Authority (CMA):

  • Website: Competition and Markets Authority
  • Role: The CMA promotes competition and enforces consumer protection laws. It may investigate data breaches that impact competition or consumer interests.

7. The Charity Commission for England and Wales:

  • Website: Charity Commission
  • Role: The Charity Commission regulates and provides guidance to charities. Charities handling personal data must comply with data protection laws, and the commission may be involved in related investigations.

Reporting a Data Breach:

If you experience or become aware of a data breach, the ICO is the primary authority to contact. You can report a data breach on their website or seek guidance on how to handle the situation.

Seeking Assistance in the UK:

These governing bodies in the UK play essential roles in regulating and addressing data breaches within their respective domains. Reporting a data breach to the relevant authority ensures that appropriate action is taken to investigate, mitigate, and prevent future incidents. In the face of data breaches, individuals and organizations can turn to these governing bodies and regulatory authorities for assistance, guidance, and enforcement of data protection laws. Collaboration with these entities is essential for maintaining the integrity and security of personal and sensitive information in the digital age.

Various laws and acts govern data protection and privacy in the United Kingdom.

Here are key legislations along with the acts and years they were enacted:

1. Data Protection Act 2018:

  • Year Enacted: 2018
  • Key Provisions:
    • Outlines the framework for data protection in the UK.
    • Implements GDPR standards into UK law.
  • Website: Data Protection Act 2018

2. General Data Protection Regulation (GDPR):

  • Year Enacted: 2018 (Enforced from 2018, established by the EU in 2016)
  • Key Provisions:
    • Applies across the European Union and the European Economic Area.
    • Establishes principles for the lawful and fair processing of personal data.
  • Website: GDPR

3. Privacy and Electronic Communications Regulations (PECR):

  • Year Enacted: 2003 (amended in 2011)
  • Key Provisions:
    • Regulates electronic communications, including marketing emails and cookies.
  • Website: PECR

4. Computer Misuse Act 1990:

  • Year Enacted: 1990
  • Key Provisions:
    • Criminalizes unauthorized access to computer systems.
  • Website: Computer Misuse Act 1990

5. Human Rights Act 1998:

  • Year Enacted: 1998
  • Key Provisions:
    • Incorporates the European Convention on Human Rights into UK law.
  • Website: Human Rights Act 1998

6. Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000:

7. Regulation of Investigatory Powers Act 2000 (RIPA):

  • Year Enacted: 2000
  • Key Provisions:
    • Regulates interception of communications by public bodies.
  • Website: RIPA

8. Consumer Rights Act 2015:

  • Year Enacted: 2015
  • Key Provisions:
    • Establishes consumer rights, including the right to privacy in personal data processing.
  • Website: Consumer Rights Act 2015

9. Investigatory Powers Act 2016:

  • Year Enacted: 2016
  • Key Provisions:
    • Provides the legal framework for surveillance powers used by law enforcement and intelligence agencies.
  • Website: Investigatory Powers Act 2016

It’s essential to refer to the official legislation websites for the most accurate and up-to-date information on these laws. Understanding and compliance with these laws are crucial to ensuring data protection and privacy in various contexts. Breaking these laws can result in legal consequences, including fines, imprisonment, and other penalties. The severity of the consequences depends on the specific provisions violated and the circumstances of the breach. It is crucial for individuals and organizations to be aware of and comply with these laws to ensure the lawful processing and protection of personal data.

A Call to Action

The repercussions of data breaches are too severe to be ignored. By embracing a proactive approach, implementing robust cybersecurity measures, and fostering a culture of vigilance, we can build a more secure digital future for all. It’s time to act, for the sake of our privacy, security, and the trust we place in the digital realm.

Further Reading

How to handle a data breach of confidential patient information (NHS)




If there is an urgent security-related incident you can contact the Data Security Centre helpdesk on 0300 303 5333 or enquiries@nhsdigital.nhs.uk. Local incident management must still be carried out in the normal way.



What Can Happen When Confidential Information Gets Sent to the Wrong Address?

Sample of Letter To Make A Complaint

Useful Links

DWP Data Breaches


When you make an official complaint to DWP which tries to put you off or make excuses do not give in, you have rights.

When your complaint is brushed under that carpet or passed on from one person to another and no one seems to take you seriously, keep a record of the phone calls and time/date and a copy of the emails/letters you send.

Remember any sensitive information that is sent to you should be sent securely, and any information you send them should be sent via a secure portal, not via P.O. Boxes for anyone to read. All emails should have a dedicated email address and a secure way that they are encrypted so that the information you write will be private and confidential.

Sending sensitive personal information by post.

If you need to send sensitive personal information by post, it is important to take steps to ensure that the information is protected. The Ministry of Justice (MoJ) has published guidance on how to send information securely.

Here are some of the key steps:

  • Confirm the name, department, and address of the recipient.
  • Seal the information in a double envelope, ensuring the packaging is sufficient to protect the contents during transit.
  • Mark the inner envelope ‘Private and Confidential – To be opened by Addressee Only’.
  • It is important to note that sending personal information by post carries some risks. If the information is lost or stolen, it could be used for fraudulent purposes. Therefore, it is advisable to consider alternative methods of sharing information, such as secure email or file transfer services, where possible.

If you have any concerns about the handling of your personal information, you may wish to contact the relevant organization directly.

Here is the link to the Ministry of Justice’s guidance on sending information securely:

  • https://security-guidance.service.justice.gov.uk/sending-information-securely/. https://www.gov.uk/guidance/how-to-share-information-securely.

Here is the link to the Ministry of Justice’s guidance on secure data transfer:


#databreach #sensitivedata #privateandconfidendial #encryption #redactions #ico #ice #gdpr #dwp #dwpcomplaints #dwpdatabreaches #humanrights #knowyourrights #dataprotection #security


DWP Complaints

Disabilities are Physical, Mental & Invisible
This Article Contains Sensitive Trigger Wording.

Navigating DWP Complaints Procedure: A Guide to Addressing Concerns

The Department for Work and Pensions (DWP) in the United Kingdom plays a crucial role in supporting individuals through various welfare and benefits programs, including Personal Independence Payment (PIP). While the DWP aims to provide efficient and fair services, sometimes things may not go as smoothly as one might hope. If you encounter issues with the DWP’s services, it’s essential to understand the complaints procedure to ensure your concerns are heard and addressed effectively.

The PIP assessment process can significantly impact an individual’s mental health. The experience of being assessed can be highly stressful, leading to increased anxiety, depression, and emotional distress, particularly for those with mental health conditions. The assessment itself may trigger past trauma or exacerbate existing symptoms. The fear of losing vital financial support and the sense of scrutiny can further contribute to a decline in mental well-being. The outcome of the assessment, whether positive or negative, can also have a profound impact, potentially alleviating stress if successful or worsening symptoms if benefits are denied or reduced. Overall, the PIP assessment process can be a challenging and emotionally taxing experience for those with mental health conditions, underscoring the need for compassionate evaluation procedures.

Complaining to DWP Over Disability Discrimination, Humiliation, Data Handling, Emotional Distress, and Damages

The UK’s Department for Work and Pensions (DWP) is responsible for providing essential support to individuals with disabilities, including those with mental health conditions. However, there are times when individuals with mental health challenges may face discrimination, humiliation, improper data handling, emotional distress, and other negative experiences while interacting with the DWP. In such cases, it’s essential to know how to complain effectively to ensure your rights are upheld and justice is served.

Understanding Disability Discrimination

Discrimination against individuals with mental health conditions is unlawful in the UK. Under the Equality Act 2010, it is illegal to treat someone unfairly or discriminate against them because of their disability, which includes mental health conditions. Discrimination can take various forms, such as direct discrimination, indirect discrimination, harassment, and victimization.

In the United Kingdom, discrimination against a person with a mental health disability who can work with limitations and is capable of performing the essential functions of a job may be considered unlawful under the Equality Act 2010. The Equality Act protects individuals from discrimination on various grounds, including disability.

Under the Equality Act 2010, it is illegal to discriminate against someone with a disability in various aspects of life, including employment. Employers are required to make reasonable adjustments to ensure that disabled employees are not disadvantaged in the workplace. This may include providing accommodations to allow the disabled person to perform their job effectively.

If a person with a mental health disability is being discriminated against in the workplace in the UK, they may have legal recourse. They can consider filing a complaint with an employment tribunal or seeking legal advice to address the discrimination and protect their rights under the Equality Act.

It’s important to consult with a legal expert or an organization specializing in disability rights in the UK for specific guidance on how to address discrimination and to understand the protections and legal remedies available in your situation.

Steps to Follow When Complaining to the DWP

  1. Gather Evidence: Start by collecting evidence of the discrimination, humiliation, data mishandling, emotional distress, or damages you’ve experienced. This might include letters, emails, phone call recordings, or witness statements.
  2. Contact DWP: Initially, reach out to the DWP to discuss your concerns. It’s possible that the issue can be resolved at this stage. Ensure you keep a record of all communications with DWP, including dates and names of the people you speak to.
  3. Use DWP Complaints Procedure: If your concerns are not resolved through initial contact, follow the official DWP complaints procedure. This typically involves writing a formal letter or completing an online complaint form, explaining the issues you have faced and what resolution you are seeking.
  4. Seek Assistance: If you’re unsure how to proceed or feel overwhelmed, consider seeking help from organizations or individuals experienced in dealing with disability discrimination and the DWP. Support may be available through local advocacy services or disability rights groups.



Data Handling and Privacy Concerns

Improper data handling is a serious issue that can exacerbate emotional distress and lead to more profound problems. If you suspect that your personal information was mishandled or improperly disclosed by the DWP, you should raise this concern in your complaint. Under the Data Protection Act 2018, you have the right to know how your data is being used, and organizations must comply with data protection laws.

What if your sensitive data was lost in the post is that a breach

If your sensitive data was lost in the post, it could be considered a data breach. A data breach is typically defined as the unauthorized access, disclosure, or loss of sensitive or personal data. When personal or sensitive information is entrusted to a postal service or courier and is lost in transit, it constitutes a breach because the data has left the control of the data controller or sender without reaching its intended recipient. This situation can have serious implications, especially if the lost data contains personally identifiable information, financial details, or any other sensitive data.

If you discover that your sensitive data was lost in the post, it’s important to take the following steps:

  1. Notify the Data Controller: Contact the organization or individual responsible for sending the data (the data controller) and inform them of the situation.
  2. Assess the Impact: Consider what kind of information was lost and the potential risks associated with its exposure. This assessment will help determine the appropriate response.
  3. Report the Breach: Depending on your location and applicable data protection regulations, there may be legal obligations to report the breach to relevant authorities. In the UK, for example, the Information Commissioner’s Office (ICO) may need to be informed.
  4. Notify Affected Parties: If the lost data includes the personal information of individuals, the affected parties should be informed of the breach and the potential risks associated with it.
  5. Review and Improve Security: The data controller should conduct a thorough review of their data handling and security procedures to prevent similar incidents in the future.

Data breaches can have serious consequences, including financial penalties, damage to an organization’s reputation, and the potential for identity theft or fraud for the individuals whose data was lost. Therefore, it’s crucial to take data breaches seriously and address them promptly and responsibly.

Emotional Distress and Damages

Emotional distress caused by discrimination and humiliation can have a significant impact on your mental health and well-being. In some cases, it might even lead to long-term psychological issues. If you believe that you’ve suffered emotional distress as a result of DWP’s actions, it’s essential to document and explain these experiences in your complaint. You can also consider seeking legal advice to understand if you may be entitled to claim damages for the emotional distress you’ve endured.

What if the PIP assessor asked questions about suicide is there any law that is infringed?

The Personal Independence Payment (PIP) assessment process is designed to evaluate an individual’s eligibility for disability benefits based on their functional abilities and needs. While assessors may ask questions about an individual’s mental health, including issues like depression, anxiety, or suicidal thoughts, these questions are typically asked to better understand the claimant’s condition and how it affects their daily life. As such, asking about suicidal thoughts is not in itself a breach of the law, and it is not necessarily inappropriate if done with sensitivity and to determine the level of support needed.

However, assessors must conduct assessments professionally and compassionately. They should approach sensitive topics like suicidal thoughts with care and respect. If the questions are asked in an insensitive or distressing manner, it could potentially be considered unprofessional behavior and may be a breach of the DWP’s Code of Conduct, which outlines the standards of behavior expected from assessors.

If you feel that the assessor’s questions about suicide were asked in an inappropriate, insensitive, or unprofessional manner, you have the right to raise your concerns with the DWP. You can make a formal complaint about the conduct of the assessor or any other aspect of your assessment that you found problematic.

It’s essential to remember that the goal of PIP assessments is to provide individuals with the support they need based on their health conditions and disabilities.

If you feel uncomfortable during the assessment, don’t hesitate to speak up or seek support from an advocate or representative to ensure your rights are respected and the assessment process is carried out fairly.

Why File a Complaint?

Complaints to the DWP can be related to a wide range of issues, such as delays in processing benefit claims, incorrect payment amounts, poor customer service, or any other concerns you may have regarding the services you’ve received. Filing a complaint is essential for several reasons:

  1. Resolution: Complaining to the DWP can lead to a swift resolution of the issue. Your complaint is a formal request for them to investigate the matter and, if necessary, take corrective action.
  2. Improvement: Constructive feedback can help the DWP identify areas where their services need improvement, benefiting not only you but also others who may face similar issues in the future.
  3. Transparency: A complaints procedure allows for transparency in the government’s operations. It reinforces accountability and can lead to improvements in the system.

How to File a Complaint

The DWP complaints procedure is designed to be accessible and straightforward. Here’s how you can initiate the process:

  1. Contact DWP Directly: The first step is to get in touch with the DWP to express your concerns. You can do this by phone, in person at your local Jobcentre, or in writing. If you choose to communicate in writing, make sure to clearly outline the issue, provide any relevant information (such as reference numbers, dates, and names of DWP staff you’ve interacted with), and explain what resolution you are seeking.
  2. Request a Mandatory Reconsideration: If your complaint is specifically related to a PIP decision, you can request a Mandatory Reconsideration. This is the first step in challenging a PIP decision you disagree with. You must submit this request within one month of receiving the decision letter.
  3. Contact the Independent Case Examiner: If you remain dissatisfied after the initial response from the DWP, you can escalate your complaint by contacting the Independent Case Examiner. They are an independent organization responsible for reviewing complaints about the DWP.
  4. Seek Help from an Advocate or Support Organization: Sometimes, navigating the complaints procedure can be challenging, particularly for individuals with disabilities or those who find the process overwhelming. There are advocacy and support organizations that can assist you in filing and following up on your complaint.

Helpful Tips

Here are some additional tips to ensure your complaint is effective:

  • Be clear and concise when describing the issue.
  • Keep records of all your interactions with the DWP, including correspondence and phone calls.
  • Be patient; the process may take some time, but the DWP is committed to addressing complaints promptly.
  • If you’re struggling with the complaints process, seek advice from advocacy groups or legal experts who specialize in welfare benefits.

Contact Information

If you need to file a complaint with the DWP, you can contact them through the following means:

  • Phone: Contact the DWP by phone to initiate your complaint. The phone number to use may vary depending on your specific issue.
  • Online Complaint Form: The DWP offers an online complaint form on its website where you can submit your concerns electronically. Visit the official DWP website for access to this form.
  • In Person: If you prefer to handle matters face-to-face, you can visit your local job centre and express your concerns to a staff member.

Remember, the specific contact information may change, so it’s advisable to check the official DWP website for the most up-to-date information regarding their complaints procedure.

Personal Independence Payment (PIP) Complaints

Complaints related to PIP in the United Kingdom are typically addressed through the Department for Work and Pensions (DWP). Here’s what you can do if you have a complaint about your PIP:

  1. Contact DWP: The first step in addressing a complaint about PIP is to contact the DWP directly. You can do this by phone or in writing. When contacting the DWP, it’s important to provide specific details about your complaint, including any reference numbers, dates, and the names of DWP staff you’ve interacted with.
  2. Request a Mandatory Reconsideration: If your complaint is specifically related to a PIP decision you disagree with, you can request a Mandatory Reconsideration. This is the first step in challenging the decision. You must submit this request within one month of receiving the decision letter. During this process, your case will be reviewed, and you’ll have the opportunity to provide additional evidence to support your claim.
  3. Contact the Independent Case Examiner: If you are still dissatisfied with the response from the DWP after a Mandatory Reconsideration, you can escalate your complaint by contacting the Independent Case Examiner (ICE). The ICE is an independent organization responsible for reviewing complaints about the DWP.
  4. Seek Assistance from Advocacy or Support Organizations: If you find the complaints process challenging, you can seek assistance from advocacy or support organizations that specialize in welfare benefits and disability issues. They can provide guidance and support in navigating the process.

If DWP refuses to communicate by email or online?

If the Department for Work and Pensions (DWP) refuses to communicate with you by email or online and insists on other methods of communication, this could be due to their established procedures or security policies. It’s important to respect their preferred communication channels, but it’s also important to ensure that you have an accessible and reasonable way to communicate your concerns and access the benefits or services you are entitled to.

If you believe that their refusal to communicate through email or online is causing you difficulties or that it violates their policies or regulations, you may consider the following steps:

  1. Contact Them by Phone or Mail: If email is not an option, try to communicate with the DWP through the methods they suggest, such as phone or traditional mail.
  2. Request Reason for Refusal: Politely request an explanation for their refusal to communicate via email or online channels. They may have specific reasons for their policy.
  3. Seek Assistance: If you encounter barriers in communication or have specific needs that are not being met, consider seeking assistance from advocacy or support organizations that specialize in welfare benefits and disability issues. They can help advocate on your behalf.
  4. Check Their Policies: Review the DWP’s official policies and guidelines to see if they have specified their preferred methods of communication. This information can often be found on their website or in their official documents.
  5. Complain: If you believe that their refusal to communicate by email or online is unreasonable and causes you hardship, you can file a complaint through the DWP’s complaints procedure, as outlined in the previous responses. Clearly explain the issue in your complaint. (Where data is sent by 2nd Royal Mail and is lost in transit the claimant should ask for all future information to be sent digitally, if DWP refuses they are in Breach of Data Privacy).

Remember that government agencies typically have policies and procedures in place to ensure the security and integrity of their communication, and these policies can change over time. It’s important to work within their established framework while advocating for your needs and rights as a beneficiary of their services.

Call Recording

In the United Kingdom, it is generally legal to record phone calls without informing the other party, provided you are recording the call for your use and not sharing it with others or using it for any illegal purposes. So if the PIP assessor recorded the call for her use she should still have to hand the call recording over if requested. If on the other hand, she shared the phone recording with DWP without informing the claimant the call was being recorded, she has broken the law.

However, there are some important caveats to be aware of:

  1. Consent: If you plan to use the recorded call in a way that affects the other party’s rights or interests, such as sharing it with a third party or using it as evidence in a legal matter, you typically need to obtain the consent of all parties involved in the call. This means you should inform them that the call is being recorded and obtain their explicit consent to do so.
  2. Different rules for businesses: Businesses may have additional obligations, and certain industries or sectors may have specific rules regarding call recording. It’s essential to be aware of sector-specific regulations, such as those governing financial services or healthcare, which may have stricter requirements for recording calls.
  3. Data protection laws: The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 govern the processing of personal data in the UK and the EU. Recording phone calls that contain personal data is subject to data protection laws. You should have a lawful basis for processing personal data, and you may need to provide individuals with privacy notices explaining the purpose of the recording.

It’s crucial to be aware of these legal requirements and consider seeking legal advice if you have specific concerns or if you are unsure about your obligations when recording phone calls. Non-compliance with relevant laws and regulations can result in legal consequences.

Useful Links, Websites, Tel Numbers & Email Addresses:


These contact details relate to PIP & Universal Credits

(all have bounced)

  • Direct Claimant: www.gov.uk/pip Email: pip.feedback@dwp.gsi.gov.uk (bounced)
  • Teo Cambeeiro: Complaints Resolution Manager: Email: correspondence@dwp.gsi.gov.uk (bounced)
  • Email: ministers@dwp.gsi.gov.uk Tel: 0800 731 7339 Tel: 0345 606 0265 (not tried)

These Emails Work!

  • correspondence@dwp.gov.uk
  • complaints@capita-pip.co.uk
  • smb-contact.us@capita.com
  • contactus@capita-pip.co.uk

Please note you may first need to write to correspondence@dwp.gov.uk after I found the hard way that Capita PIP refuse to send emails with attachments to DWP.

Phoning them is no better because you are confronted with a gatekeeper who tells you to contact DWP. I have phoned DWP on 0800 121 4433, which is a different number to CAPITA PIP: 0808 1788114 even though the woman I spoke to said the telephone number is not Capita PIP, even though on both sites it says it is.

You can call between 8 am and 8 pm, Monday to Friday. Someone else may call for you, but they will need to have your National Insurance number.

0808 178 8114 (England and Wales)
0808 178 8115 (Welsh line)



DWP Complaints:

For DWP Complaints here is their website: https://www.gov.uk/government/organisations/department-for-work-pensions/about/complaints-procedure Tel: 0800 121 4433

Independent Case Examiner:

Although I have gone back to the front I have emailed and phoned the Independent Case Examiner: PO Box 209 Bootle L20 7WA Email: ice@dwp.gov.uk Tel: 0800 414 8529 (email works and so does the telephone number) How to bring a complaint to the Independent Case Examiner – GOV.UK (www.gov.uk)

Tax Credit Migration Complaint

Migration notices for housing benefits and tax credits are official notifications sent by government authorities to inform recipients of changes in their benefit or tax credit arrangements. These notices typically include important details such as the effective date of the changes, any adjustments in benefit or credit amounts, and instructions on how to respond or provide additional information. It’s crucial for recipients to carefully review and follow the guidance in these notices to ensure that their financial support remains accurate and up-to-date. Failure to respond to migration notices promptly may result in disruptions to housing benefits or tax credit payments.

Claimants can claim Universal Credit directly online or via the dedicated Universal Credit Migration Notice helpline for free at 0800 169 0328 or by visiting your local job centre. Claimants who require more time to claim can also call DWP for free on 0800 169 0328.

Charity CEOs

If You Wish Your Story To Be Heard Contact These Charities.

Ministers Of Parliament (MPs)

(MPs who have mental health conditions and are working) https://disabledentrepreneur.uk/mps-with-mental-health-disorders/

Contact These MPs If You Are An Advocate Of Mental And Physical Disabilities.

Disability Journalists and Activists

Contact These Journalists If You Have a Story or Wish to Collaborate.

Ann Galpinis, is a freelance journalist, chair of the NUJ Disabled Members’ Council, and co-chair of the TUC Disabled Workers’ Committee. LinkedIn: https://www.linkedin.com/in/ann-galpin-b6615211/

Lucy Webster Email: lucywebsterjournalist@gmail.com Website: Lucy Webster | Writer, political journalist and disability advocate (lucy-webster.com)Lucy Webster | The Guardian

Nikki Fox, disability correspondent (BBC): Nikki Fox, disability correspondent – BBC News Email: nikki.fox@bbc.co.uk

8 disability rights activists changing the world for disabled people – Able Magazine

Sophie Morgan: is a British journalist, TV presenter, artist, and disability activist. Email: Website: https://www.sophiemorgan.com/

Disabilityrights.org.uk: Tel: 07722 004337 Email: kester@disabilityrights.org.uk
Website: www.disabilityrights.org.uk

Disabled Writers Website: https://disabledwriters.com/

Blue Butterfly Logo

Directory Of Disability Journalists, Coming Soon Stay Tuned!

Press Releases


Further Reading


If you encounter issues with the services provided by the Department for Work and Pensions, there is a well-defined complaints procedure in place to help you address your concerns. By following the process and providing clear information about the problem, you can increase your chances of finding a resolution and contribute to the improvement of the services.

Before contacting mainstream media or taking legal action, it is advised to contact the DWP to allow them to come to an amicable resolution.

In the defence of the Editor of Disabled Entrepreneur – Disability UK Online Journal, she is citing:

  1. Disability Discrimination: (DWP assumes that because the editor has mental health conditions she is deemed to be able to do things of an abled body person, which is a contradiction as she suffers from OCD -germ contamination).
  2. Breach of the DWP’s Code of Conduct: (Trigger Questions – Suicidal Thoughts, has now caused her to be paranoid and depressed).
  3. Data Breach: (Lost Report sent by 2nd class Royal Mail – Someone has the editor’s personal information because it was not sent digitally).
  4. Data protection laws: The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 govern the processing of personal data in the UK and the EU (if the assessor recorded the call without telling the claimant and then went on the share the recording with DWP, she would have breached data protection laws. She would also have to have the call recording if requested by law).
  5. Emotional Distress & Damages: (Emotional distress caused by discrimination and humiliation can have a significant impact on your mental health and well-being. In some cases, it might even lead to long-term psychological issues).

#dwp #dwpcompaints #pip #personalindependancepayments #pipcomplaints #disabilitydirscrimination #gdpr #databreach #mandatoryreconsideration #intimidation #sircharleswalker #kevanjonesmp #rebeccaevansms #justintomlinsonmp #elunedmarhanms #drsarahwollaston


Blue Butterfly Logo

Can You Sue for Emotional Distress and Discrimination?

Emotional Distress

Can You Sue for Emotional Distress and Discrimination?

Emotional distress and discrimination are deeply distressing experiences that can have a significant impact on an individual’s mental and emotional well-being. When faced with discrimination in the workplace, housing, or other aspects of life, it is natural to wonder whether you can take legal action to seek compensation for the emotional distress caused by such treatment

Understanding Emotional Distress

Emotional distress, often referred to as “emotional harm” or “mental anguish,” can encompass a wide range of emotional and psychological symptoms. These may include anxiety, depression, panic attacks, sleep disturbances, and even physical symptoms such as headaches or stomachaches. Emotional distress can result from a variety of experiences, with discrimination being one of the significant factors contributing to its onset.

Emotional distress, in a legal context, can be a central element in a lawsuit when seeking compensation. However, it’s important to recognize that emotional distress claims are often challenging to prove in court. To succeed in such a case, one must typically establish that the emotional distress was a direct result of the discriminatory actions or behaviors.

Suing for Discrimination

Discrimination, whether based on race, gender, age, disability, religion, or other protected characteristics, is prohibited by various laws. Discrimination is an affront to the principles of equality and human rights, and it is unequivocally prohibited by law in the United Kingdom. Those who experience discriminatory treatment in various aspects of life, including employment, housing, education, and access to goods and services, have the legal right to seek redress through the UK’s robust anti-discrimination framework. This framework, rooted in both domestic and European legislation, offers individuals the means to pursue justice and hold those who engage in discriminatory practices accountable.

To sue for discrimination, you generally need to prove the following elements:

  1. You are a member of a protected class: You must belong to a group that is protected by anti-discrimination laws. For example, if you are suing for racial discrimination, you should belong to a racial or ethnic minority group.
  2. Adverse action: You must demonstrate that you suffered an adverse action, such as being fired from your job, denied housing, or experiencing unequal treatment in comparison to others.
  3. Causation: You need to establish a causal link between your membership in the protected class and the adverse action. In other words, you must show that the adverse action occurred because of your membership in the protected class.
  4. Discriminatory intent: You must prove that the adverse action was taken with discriminatory intent or motivation, such as racial bias or gender discrimination.

Suing for Emotional Distress

To sue for emotional distress, you typically need to demonstrate that:

  1. You have experienced severe emotional distress: The emotional distress you have suffered must be severe and substantial, causing significant disruption in your life.
  2. The distress is a result of the discriminatory actions: You need to establish a direct link between the emotional distress and the discrimination you experienced. This can be challenging, as emotional distress can be caused by various factors.
  3. You have supporting evidence: It is essential to have documentation and evidence to support your emotional distress claim. This may include medical records, therapist reports, or eyewitness testimony.

Challenges and Limitations

Suing for emotional distress and discrimination can be complex and challenging. There are several potential hurdles to consider:

  1. Proof: Proving emotional distress and discrimination can be difficult, as it often relies on subjective experiences and intentions.
  2. Statute of limitations: There are time limits for filing discrimination claims, which can vary depending on the jurisdiction and the specific law.
  3. Legal costs: Pursuing a discrimination case can be costly, as legal fees and court expenses can add up quickly.
  4. Outcomes may vary: Success in discrimination cases can vary widely, depending on the strength of your evidence and the effectiveness of legal representation.

What if Personal Independence Payments (PIP) Discriminate and cause emotional distress?

If you believe that the process or decisions related to Personal Independence Payments (PIP) discriminate against you and have caused you emotional distress, it is essential to understand your rights and options. PIP is a disability benefit in the United Kingdom, and it is meant to provide financial support to individuals with disabilities or health conditions.

If you believe you’ve experienced discrimination in the PIP application or assessment process, or if you’ve been denied PIP despite being eligible, here’s what you can consider:

  1. Gather Evidence: Begin by collecting any evidence that supports your claim of discrimination or emotional distress. This may include written communications, medical records, statements from healthcare professionals, or personal testimonies from witnesses to the discrimination or distress. Request copies of all audio recordings and transcripts.
  2. Understand Discrimination: Discrimination in the context of PIP may relate to treating you unfairly based on a protected characteristic. Protected characteristics include disability, age, gender, race, religion, and sexual orientation. If you believe you were treated unfairly because of one of these characteristics, you may have a discrimination claim.
  3. Complaints Procedure: The first step is to use the official complaints procedure of the Department for Work and Pensions (DWP), which administers PIP. You can make a formal complaint about your experiences or decisions. Provide as much detail and evidence as possible to support your complaint.
  4. Seek Legal Advice: If you are not satisfied with the response from the DWP or if you believe that the discrimination and emotional distress you experienced warrant further action, consult with a solicitor or an advocacy group specializing in disability or discrimination issues. They can advise you on your legal rights and the potential for legal action.
  5. Tribunal Appeal: If you’ve been denied PIP and believe you are eligible, or if you believe the assessment process was discriminatory, you have the right to appeal to the First-tier Tribunal. At the tribunal, you can present your case and provide evidence of the discrimination and emotional distress you experienced.
  6. Document Emotional Distress: To establish emotional distress, consider seeking support from mental health professionals, therapists, or counselors. They can provide expert testimony regarding the emotional impact of discrimination and the PIP process on your mental well-being.
  7. Support from Advocacy Groups: Several advocacy groups in the UK specialize in supporting individuals facing difficulties with PIP and other disability-related benefits. These organizations can provide guidance, emotional support, and resources to help you navigate the process.

It’s important to remember that pursuing a discrimination claim can be a complex and challenging process. Success may vary depending on the strength of your case and the evidence you can provide. Seeking legal advice and the support of advocacy organizations can be invaluable in your efforts to address discrimination and emotional distress related to PIP. Additionally, staying informed about your rights under disability and discrimination laws in the UK is crucial as you seek justice and fair treatment.

When making a phone call recording in the UK do you have to notify the other person they are being recorded by law?

In the United Kingdom, the laws regarding recording phone calls are governed by the Regulation of Investigatory Powers Act 2000 (RIPA) and the Data Protection Act 2018. Under UK law, it is generally legal to record phone calls without the consent or knowledge of the other party, provided that you are the one initiating and participating in the call. In this situation, it is considered “one-party consent.” This means that if you are one of the participants in the call and you wish to record it for your own use, you are generally not required by law to inform the other party that the call is being recorded. However, it is essential to ensure that the recording is for lawful purposes, and it should not be used for malicious or illegal activities.

It’s important to note that if a third party wishes to record a phone call in which they are not a participant, such as recording someone else’s conversation without their consent, this could be a violation of privacy laws, and it may not be legal without proper consent or a legitimate reason. Therefore if the DWP (the third party) wishes to have the recording of the assessor and the claimant, the claimant must be informed the call is being recorded.

If you are planning to record phone calls, it’s always a good practice to be transparent and inform the other party at the beginning of the call that you intend to record it. This not only helps maintain trust and open communication but can also prevent any misunderstandings or legal complications that may arise in specific situations.

Please keep in mind that legal requirements and interpretations may change, so it is advisable to consult with legal counsel or relevant authorities for the most up-to-date information on recording phone calls in the UK.


Suing for emotional distress and discrimination is possible, but it is essential to understand the legal requirements and challenges associated with such cases. Emotional distress claims often go hand-in-hand with discrimination cases, as the emotional harm caused by discriminatory actions can be significant. If you believe you have a valid claim, consult with an experienced attorney who specializes in discrimination cases to assess your situation, gather evidence, and navigate the legal process. While success is not guaranteed, pursuing justice in cases of discrimination and emotional distress is an essential step toward addressing unfair treatment and protecting the rights of individuals within a diverse society.

In the case of the Editor of Disabled Entrepreneur – Disability UK, the experience of discrimination, humiliation, and emotional distress at the hands of the Personal Independence Payments (PIP) system sheds light on the very issues that this article has explored. It underscores the need for vigilance in safeguarding the rights of individuals with disabilities and the imperative of holding discriminatory practices accountable. The personal stories of those affected serve as a powerful reminder that while the UK has made significant strides in the protection of disability rights, there is still work to be done to ensure that all individuals can access the support and services they need without enduring discrimination or distress. The Editor’s experience underscores the importance of continued advocacy and reform in addressing these critical issues in the UK.

#emotiondistress #discrimination #dataprotectionact #gdpr #ripa #law #telephonerecordings #humanrights #equality


UK Banner

Blue Butterfly Logo
Verified by MonsterInsights