Data Security

Your privacy is of paramount importance to us.
Please remain assured that any patient or claimant details will not be shared outside of my immediate business framework and administrative staff. GDPR regulations are thoroughly upheld and any data or details are retained only until deemed appropriate for safe deletion of both electronic and paper copy. We utilise full data protection services including anti-virus, anti-malware and end to end email encryption. Please see below for further details on Data Protection and GDPR compliance.


I have an active interest in medicolegal issues and regularly complete expert witness / medical expert reports for industrial hearing loss.

I have also completed specialist reports following road traffic accident claims for various injuries and specialist rhinology claims.

I have been involved in a number of specialist claims for atypical industrial and occupational noise exposure.

I have acted for the claimant in specialist rhinological clinical negligence claims and completed screening reports and also reports for the courts on liability and causation.

I work closely with two experienced and highly qualified audiologists for audiological testing in noise exposure claims.

Example of typical fees (vary according to hospital venue and audiological requirements)

Noise induced hearing loss reporting - cost according to complexity / time spent

(includes advanced puretone audiometry/tinnitus tests in fully soundproofed booth)

Other medicolegal cases - fees by separate arrangement. Preparation of reports/research/court attendance charged at £175 per hour as a guide.


Mr David Lowe Consultant ENT Surgeon (Nasalsurgeon.co.uk) is committed to protecting the privacy of your personal data and confidential medical records, complying fully with the General Data Protection Regulation of 2018.


This Privacy Policy sets out the basis on which date is collected and processed about you including our practices regarding the collection, use, storage and disclosure of personal data that we collect from you and/or hold about you, and your rights in relation to that data. 

Please read the following carefully to understand how we process your personal data. By providing your personal data to us or by using our services, website or other online or digital platform(s) you are accepting or consenting to the practices as described or referred to in this Privacy Policy.


What personal data may we collect from you?

Personal data we collect from you may include the following:

·       Information that you give us when you enquire or become a client or patient of us including;



Date of birth

Contact details (including email address and phone number)

·       We may also require the name and contact details (including phone number) of your next of kin

·       The details of referrals from your General Practitioner, other referring medical specialists. Details of services and/or treatment you have received from us or which have been received from a third party and referred on to us

·       recordings of calls we receive or make

·       notes and reports about your health and any treatment and care you have received and/or need, including about clinic and hospital visits and medicines administered

·       patient feedback and treatment outcome information you provide

·       information about complaints and incidents

·       information you give us when you make a payment to us, such as financial or credit card information

Where you have named someone as your next of kin and provided us with personal data about that individual, it is your responsibility to ensure that that individual is aware of and accepts the terms of this Privacy Policy.


Information from your medical records may be shared with other health practitioners or organisations so that you can be provided with safe care and treatment. This may include referring specialist, hospital or general practitioner.

. Data will be shared with:

         Other healthcare professionals or staff working for Mr Lowe      Local Hospitals should further referral be required

Diagnostic and treatment centres

Referring specialist, general practitioner, insurer or agency


You have the right to object to information being shared between those providing you with care.

This may affect the care you receive – please speak to Mr Lowe.

In appropriate circumstances it is a legal and professional requirement to share information for safeguarding reasons.


 When do we collect personal data about you?

We may collect personal data about you if you:

·         enquire about any of our services or treatments

·         Referrals from General Practitioners or other Medical Practitioners

·         register to be a client or patient with us or book to receive any of  services or treatments with Mr Lowe.

·         fill in a form or survey for us

·         make online payments

·         contact us, for example by email, telephone

·         by visiting the one of our websites.


In the interests of training and continually improving our services, calls to Mr Lowe secretarial team or one of his agents may be monitored or recorded. Private calls to and from patients by Mr Lowe or his personal assistant are generally not recorded.


What personal data we may receive from third parties and other sources?

 We may collect personal data about you from third parties such as:

·         If you are a client of one of our medico-legal agencies who has taken up one of our services, we may be passed your name, contact number and email address, in order to get in touch with you to arrange an appointment or collect further information from you;

·         We work with independent third parties acting who may collect personal data from you to allow us to carry out the services we offer e.g. audiologist who work with us may contact you to arrange an appointment.

·         Mr Lowe may need to share your personal data and medical records with other Medical establishments in the interest of your treatment or care

·         Insurance providers will pass Mr Lowe personal data of patients who have commenced a claim and require medical treatment with Mr Lowe. This will normally be in the form of a referral and may consist of basic details e.g full name, date of birth, address, contact number and email address and the type of procedure/treatment required.


How do we use your personal data?

Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be used for the purpose(s) for which it was collected and in accordance with this Privacy Policy, applicable Data Protection Laws, clinical records retention periods and clinical confidentiality guidelines.

Sensitive personal data related to your health will only be disclosed to those involved with your treatment or care.


Further details on how we use health related personal data are given below.  We will only use your sensitive personal data for the purposes for which you have given us your explicit consent to use it.  Please note that, although we have set out the purposes for which we may use your personal data below, we will not use your sensitive personal data for those purposes unless you have given us your explicit consent to do so.

We may use your personal data to:

·         enable us to carry out our obligations to you arising from any contract entered into between you and us including relating to the provision by us of services or treatments to you and related matter such as, billing and accounting.

·         provide you with information or services that you request from us

·         respond to requests where we have a legal or regulatory obligation to do so

·         check the accuracy of information about you and the quality of your treatment or care, including auditing medical and billing information for insurance claims as well as part of any claims or litigation process

·         assess the quality and/or type of care you have received (including giving you the opportunity to complete customer satisfaction surveys) and any concerns or complaints you may raise, so that these can be properly investigated

·         to ensure that content from any of our websites is presented in the most effective manner for you and for your computer.

 Data Retention

 In line with our overall data retention policy, any personal data held on patients in either electronic or paper form will be destroyed securely with GDPR compliant P-5 level      micro-cut shredding of paper documents in excess of 7 years old.

The security of your personal data

We protect all personal data we hold about you by ensuring that we have appropriate organisational and technical security measures in place to prevent unauthorised access or unlawful processing of personal data and to prevent personal data being lost, destroyed or damaged. We conduct assessments to ensure the ongoing security of our information systems. 

Any personal data you provide will be held for as long as is necessary having regard to the purpose for which it was collected and in accordance with all applicable UK laws.


Health information collected during provision of treatment or services

Sensitive personal data (including information relating to your health) will only be disclosed to third parties in accordance with this Privacy Policy. That includes third parties involved with your treatment or care.

Where applicable, it may be disclosed to any person or organisation who may be responsible for meeting your treatment expenses or their agents.

Medical professionals:

If we refer you externally for treatment, we will share with the person or organisation that we refer you to, the clinical and administrative information we consider necessary for that referral.  It will always be clear when we do this.


Your GP If the practitioners treating you believe it to be clinically advisable, we may also share information about your treatment with your GP.  You can ask us not to do this, in which case we will respect that request if we are legally permitted to do so, but you should be aware that it can be potentially very dangerous and/or detrimental to your health to deny your GP full information about your medical history, and we strongly advise against it.


Your insurer:  We share with your medical insurer information about your treatment, its clinical necessity and its cost, only if they are paying for all or part of your treatment with us.  We provide only the information to which they are entitled. If you raise a complaint or a claim we may be required to share personal data with your medical insurer for the purposes of investigating any complaint/claim.


Medical regulators:  We may be requested – and in some cases can be required - to share certain information (including personal data and sensitive personal data) about you and your care with medical regulators such as the General Medical Council for example if you make a complaint, or the conduct of a medical professional involved in your treatment is alleged to

have fallen below the appropriate standards and the regulator wishes to investigate.  We will ensure that we do so within the framework of the law and with due respect for your privacy. 

From time to time we may also make information available on the basis of necessity for the provision of healthcare, but subject always to patient confidentiality. 

In an emergency and if you are incapacitated, we may also process your personal data (including sensitive personal data) or make personal data available to third parties on the basis of protecting your ‘vital interest’ (i.e. your life or your health).

We will use your personal data in order to monitor the outcome of your treatment by us and any treatment associated with your care.



All appropriate measures are taken to protect your personal information as detailed below;

If information is required to be transmitted over the internet via email this is through secure encryption .

Appropriate secure measures are in place to safe guard any personal data held on hard disks.

Appropriate security measures are in place to safe guard against any cybercrime.