The Newcastle upon Tyne Hospitals NHS Foundation Trust has a legal duty to keep patient information secure. Their staff undertake annual training about information security and have regular audits and independent reviews to make sure that they do keep information safe. If researchers use other organisations to help process information. They make sure these organisations also comply with the trusts legal obligations to keep patient information secure, including when they are based outside of the UK.