ADVERTISEMENT: Services or products are not endorsed by the Trust.

Data Protection

The Dudley Group NHS Foundation Trust (DGOH) is registered to process personal and sensitive personal data under the Data Protection Act 2018 (data controller).

The Trust’s Data Protection Officer; who is responsible for monitoring the Trust’s compliance with Data Protection Act Legislation, informing it of and advising on its data protection obligations, and acting as a contact point for data subjects and the Information Commissioner’s Office is;


Governance Department

Russells Hall Hospital


West Midlands

DY1 2HQ 


We collect data on our patients for the purposes of care and treatment and to audit that care and treatment. We may use personal and sensitive personal data for the purposes of teaching and research, but we will only do this with the consent of the patient and/or their carer where applicable.

We will use anonymised data wherever possible to protect patient confidentiality.

DOH may share information with other NHS or social care organisations for the purposes of ongoing care and treatment. You will always be informed of this and given the opportunity to object. We will also give out information as required by law, for example to comply with a court order.

National Fraud Initiative – Fair Processing Notice

We are required by law to protect the public funds we administer. We may share information provided with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud. The Cabinet Office is responsible for carrying out data matching exercises.

Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it may indicate that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

We participate in the Cabinet Office’s National Fraud Initiative: a data matching exercise to assist in the prevention and detection of fraud – see guidance

The processing of data by the Cabinet Office in a data matching exercise is carried out with statutory authority under its powers in Part 6 of the Local Audit and Accountability Act 2014. It does not require the consent of the individuals concerned under data protection legislation or the General Data Protection Regulation (GDPR).  For further information on the reasons why it matches particular information, see

For further information on data matching at The Dudley Group NHS Foundation Trust please contact Sophie Coster Counter Fraud Specialist, by emailing  Further information on how the NFI has assisted the NHS and other public sector organisations can also be found at

Further information on how we process your data and your rights can be found under our Privacy Statement