Terms, Fees & Privacy

Terms, Fees & Privacy

Terms & Fees

  • Instructions are accepted on the basis that these terms represent the entire understanding between myself and the instructing solicitor, and the agency if one is used. Instructing me indicates acceptance of these terms.
  • Fees for all time spent on case, per hour, or part thereof: £225.00
  • Fees for in-person attendance at court, conference with counsel, expert meetings, to include travel time, court appearance/conference/ meeting time, and waiting time. Per half day, subject to a minimum charge of half a day: £920.00
  • Fixed fee option for first CPR-compliant report (corrections of fact included in price, but Part 35 questions, clarifications and additional work charged in addition at usual hourly rate): £1,250.00
  • Fixed fee option for informal, not-for-disclosure screening opinion (corrections of fact included in price, but clarifications and additional work charged in addition at usual hourly rate): £575.00.
  • If further work upon a case is required, the fees charged for that further work will be at the prevailing hourly rate at the time of the request for further work being received, not at the rate that prevailed at the time of initial instruction.
  • If it is possible for me to attend conference by telephone, or web platform, then billing is by the hour, rather than half day.
  • I expect to be paid for the entire time booked for court attendance regardless of whether I give oral evidence.
  • Travel expenses for court attendance, conference with counsel, or expert meetings will be charged at 60 pence per mile, and/or first class rail fare, plus parking and taxi charges. Over-night subsistence expenses including accommodation and meals may be charged for any attendance in person more than 2 hours travel away from my correspondence address.
  • Once booked for court attendance, conference with counsel, or expert meeting, if cancelled less than 12 working days before first date booked, then 50% of the total fee for the whole time booked will be charged. If cancelled less than one clear working day before first date booked, 100% of the total fee for the time booked will be charged. Any travel expenses incurred prior to cancellation will be charged in full.
  • My accounts are not currently subject to VAT.
  • Instructing solicitors accept sole responsibility for paying my fees and disbursements, unless instructions are received via an agency, in which case the instructing solicitor and agency both accept joint and several liability for my fees. Payment is due within 90 days of the date of invoice, irrespective of whether you have received reimbursement of my fee from your client, the legal aid agency, or a third party insurer.
  • I am not prepared to have my accounts or invoices subjected to assessment and look to you, my Client, to fund any assessment deducted relating to the Case, at any time.
  • Should an invoice not be settled on time, the provisions of the Late Payment of Commercial Debts (Interest) Act 1998 as amended by the Late Payment of Commercial Debts Regulations 2002 & 2013 may be applied at my discretion.
  • All charges are made for “work done”, and settlement or otherwise of my invoices is not conditional upon success of a case.
  • Medical records and any other documents relied upon in evidence can only be accepted in the following format:
  • sent all together, rather than piecemeal;
  • as an electronic file such as .pdf or .doc. (NB I do not accept image files such as .jpg or .tif except for photographs);
  • fully sorted, paginated and indexed;
  • in chronological order;
  • 1 page of original document per electronic page; and
  • with all pages in the same orientation.
  • Medical records will be confidentially destroyed when they remain in my possession for more than two years after the last correspondence or piece of work on file. Work product will be retained for six years.
  • Instructing parties confirm that they have shared a copy of my privacy notice (available by contacting me or from my website) with any and all data subjects about whom they intend to send me personal data.

Privacy Notice

Purpose of Data Storage & Processing

I am provided with personal data about data subjects, by the legal teams that instruct me. The data subjects include:

  • Claimants and Defendants in medical negligence claims
  • Patients and Doctors in professional regulation matters
  • Witnesses in either of the above scenarios.

This data is stored by me, and processed only insofar as it is required to enable me to offer expert opinion on the standard of practice of General Practitioners (GPs) in two broad scenarios:

  • For the Court in civil litigation
  • on behalf of the Claimant, and
  • on behalf of the Defendant.
  • For the General Medical Council (GMC), and/or the Medical Practitioners Tribunal Service (MPTS) in the professional regulation of GPs:
  • on behalf of the GMC
  • on behalf of registered medical practitioners.

Nature of Data

Data includes: demographic data, health records, witness statements from individuals involved in a case, opinions from other medical experts, and legal documents pertaining to the case. Health records may contain, in addition to information about health, information about race, ethnic origin, religion, sex life, and sexual orientation. The General Data Protection Regulation 2018 (GDPR) defines the data that I store and process as “Special Category Data”.

Nature of Processing

  • The contents of the documents referred to above are scrutinised by myself only, for the purposes of considering the information contained within them insofar as in it relates to questions about standard of practice of General Practitioners.
  • This information informs opinions provided by me in writing and orally to the Court, the GMC, the MPTS, and the legal teams involved in conduct of professional regulation proceedings and civil litigation.
  • Parts of the aforementioned documents may be transcribed into documents (reports and letters) that I write for the Court, the GMC, the MPTS, and the legal teams involved in conduct of professional regulation proceedings and civil litigation.
  • The whole of the aforementioned documents are scrutinised, as it is not apparent until they are scrutinised which parts of them contain relevant information. However, only relevant information is transcribed into, or referred to, in reports, letters and oral advice or evidence.

“Lawful Basis”

The law requires that I identify one of six categories of “Lawful Basis” for storing and processing data. The lawful basis for my processing and storage of data is: “Legal Obligation”. The Information Commissioner’s Office (ICO) says that: 


“Article 6(1)(c) provides a lawful basis for processing where: processing is necessary for compliance with a legal obligation to which the controller is subject.”


“Article 6(3) requires that the legal obligation must be laid down by UK or EU law. Recital 41 confirms that this does not have to be an explicit statutory obligation, as long as the application of the law is foreseeable to those individuals subject to it. So it includes clear common law obligations”


“This does not mean that there must be a legal obligation specifically requiring the specific processing activity. The point is that your overall purpose must be to comply with a legal obligation which has a sufficiently clear basis in either common law or statute.”


“You should be able to identify the obligation in question, either by reference to the specific legal provision or else by pointing to an appropriate source of advice or guidance that sets it out clearly. For example, you can refer to a government website or to industry guidance that explains generally applicable legal obligations”


As an expert witness I have legal obligations to provide honest and impartial opinion to the Courts, GMC, MPTS, and the legal teams responsible for conducting civil litigation and professional regulatory matters. It is impossible to provide expert opinion without storing and processing the data, which means that such storage and processing is essential so that I can comply with my legal obligations.


The legal obligations of expert witnesses are clearly defined in law, including:

  • Civil Procedure Rules (CPR);
  • Medical Act 1983 (as amended) together with the Fitness to Practise Rules 2004 (as amended);
  • The General Professional duties of an expert as defined by the GMC in Acting as a Witness in Legal Proceedings; and
  • Common Law obligations.

“Special Category Condition”

As the data is “Special Category Data”, the law also requires me to identify an additional “Special Category Condition” for my storage and processing of the data. The “Special Category Condition” listed in Article 9(2) of the GDPR that applies is:


“(f) processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.”


The draft UK Data Protection Bill defines ‘legal claim’ at Schedule 1, Part 3, Section 29 thus:


“Legal claim.... This condition is met if the processing— 


a) is necessary for the purpose of, or in connection with, any legal proceedings (including prospective legal proceedings), 


b) is necessary for the purpose of obtaining legal advice, or


c) is otherwise necessary for the purposes of establishing, exercising or defending legal rights


It is my view that my work meets this definition.

Risk Assessment

Risks associated with the loss of data are very small as all data that is stored and processed by me is also stored by other organisations. For example: a data subject’s health records will be stored by both the healthcare provider that created the record, and the legal teams involved in conduct of the proceedings.


Unauthorised access to data may occur by deliberate attempt by an unauthorised person, or by an error on the part of myself, for example sending a report to the wrong person.


Deliberate attempts to access health records by unauthorised persons are rare in the healthcare sector. However, if unauthorised access did occur, the potential consequence of such a breach is great for the individual subject as health records contain extremely sensitive personal information. Whilst unauthorised access to such information is unlikely to cause direct financial or physical harm to the data subject, it might cause great embarrassment, emotional distress, disruption to personal relationships, detriment to employability, and vulnerability to discrimination. In summary, the potential personal consequences for data subjects of a data breach involving health data are significant.


It is not possible to guarantee protection against unauthorised access to data by a determined third party acting outside the law. However, the measures described below represent accepted healthcare industry best practice in terms of protecting personal data and are likely to limit the possibility of unauthorised access to a great degree. Furthermore, they are proportionate, affordable and practical.

How Data Are Stored

Data are received and stored only in electronic format. 


Electronic documents are stored in computers which are protected by a password at log-in, and by regularly maintained antivirus and firewall software. The data is stored within an encrypted section of the hard drive that is protected by a further password.


The encrypted sections of each hard drive are synchronised with each other via a cloud service, which also stores a copy of each file on remote servers which are located within the UK in data centres that meet the ISO 27001 standard. The data is fully encrypted in transmission as well as in storage. If local data loss occurs, files can be restored from the remote servers.   


Health records are stored until either:

  • I am informed by the instructing legal team that the matter has concluded, or 
  • 2 years after the last activity on the file in that particular matter has expired,

whichever is sooner. This is because legal proceedings frequently experience long delays, and if records are destroyed sooner, this may necessitate copies being re-sent to me if I am asked to comment further at a later date. This would introduce additional risk of data breach in transmission. 


Documents that are created by me in the course of my processing of the data, for example letters and reports, are stored for 6 years from the date that the last document on file was created. I am personally liable for the opinions I give, and as such need to retain this work product in order to defend myself against potential claims.

Transmission of Data

Data are transmitted in one of two ways:


1) Via the cloud storage service referred to above.


2) Email, in which case files containing sensitive personal data are encrypted and password protected. Passwords are advised separately to receiving parties.


Data are not transferred outside the EU.

Access by Data Subjects

Should data subjects require access to the data I store about them, then this can be provided, free of charge. Data subjects should contact me to arrange this. For contact details please see my website: tomcaudell.co.uk.

Accountability

If data subjects have any concerns about how their data is processed they are invited to contact me to discuss this in the first instance. Alternatively, or if their concerns remain unresolved, they can contact the Information Commissioner’s Office (ICO). Their contact details are:


Web: ico.org.uk


Tel: 0303 123 1113

Share by: