See our new Annual Report!

KEYS Privacy Policy

We value your privacy


How we use information

KEYS WA is committed to protecting your privacy. We may need to collect personal information from users of this website in order to assist in the delivery of information and the provision of services. In doing so, we recognise the importance of keeping that information confidential. If you choose to provide personal information, such as your email address, it will not be used for any purpose other than that to which you consent.

No information that personally identifies you is collected by simply browsing this website. KEYS WA will not disclose your personal information or use it for anything other than the stated uses, functions and activities of the organisation, unless the disclosure is required or authorised by law.

Non-identifying statistical information collected using this website may be disclosed at KEYS WA’s discretion. This may include server information, pages accessed or downloaded, search terms used, the date and time of site visits, the site from which you entered and exited the KEYS WA website and, information regarding your browser and operating systems.


Privacy Policy

KEYS WA is committed to ensuring the privacy and confidentiality of clients, staff and stakeholder personal information and recognises the need for appropriate protection and management of any personal information collected. KEYS WA demonstrates compliance with the Australian Privacy Principles (APP’s), applied to all organisations and health service providers in the private sector effective March 2014.



The purpose of this policy and the related procedures is to communicate how KEYS WA collects and uses individual identifying information. Everyone associated with KEYS WA has the right to the protection of personal information. Clients have an expectation that information relating to their family and child/children will be treated confidentially by the staff of KEYS WA.

The legislation, the Privacy Amendment (Enhancing Privacy Protection) Act 2012 requires that each organisation bound by the Act must comply with the following 13 harmonised privacy principles that represent the minimum privacy standards for handling personal information.


Part 1: Consideration of personal information privacy 

APP 1: Open and transparent management of personal information 

KEYS WA manages personal information in an open and transparent way in line with Privacy fact sheet 17: Australian Privacy Principles. This includes having a clearly expressed privacy policy and procedures that outline KEYS WA’s obligations under the Act.

APP 2: Anonymity and pseudonymity

KEYS WA provides individuals with the option of not identifying themselves, or of using a pseudonym where possible. Where there are legal requirements for keeping records or where it is impracticable for KEYS WA to work with individuals who have not identified themselves or
provided a pseudonym, this principle does not apply.

Part 2: Collection of personal information

APP 3:
Collection of solicited personal information

KEYS WA can only collect personal information, with a person’s consent, that is necessary and directly related to providing a service, employment or the business functions of the organisation.

APP 4: Dealing with unsolicited personal information


Where KEYS WA receives unsolicited personal information, it is required to assess whether this information could have been solicited direct from the client/stakeholder otherwise the organisation has an obligation to not use and promptly dispose of such information.

APP 5: Notification of the collection of personal information

Outlines when and in what circumstances KEYS WA has an obligation to notify an individual that they are collecting (recording and holding) personal information and the purpose of this collection.

Part 3: Dealing with personal information

APP 6:
Use or disclosure of personal information

Outlines the circumstances in which KEYS WA may use or disclose personal information that the organisation holds. Consent is required to use any information for other than the purpose for which it was collected.

APP 7: Direct marketing

Where KEYS WA holds personal information about an individual, the organisation must not use or disclose the information for the purpose of direct marketing.

APP 8: Cross-border disclosure of personal information

Outlines the steps KEYS WA must take steps to protect personal information before it is disclosed overseas and ensure that it does not breach any APP’s in relation to that information.

APP 9: Adoption, use or disclosure of government related identifiers

Outlines the limited circumstances when KEYS WA may adopt or disclose a government related identifier of an individual. KEYS WA maintains its own client identifying systems for this purpose.

Part 4: Integrity of personal information

APP 10:
Quality of personal information

KEYS WA must take reasonable steps to ensure the personal information it collects or discloses is accurate, up to date, complete and relevant having regard to the purpose of the use or disclosure.

APP 11: Security of personal information

KEYS WA must take reasonable steps to protect personal information it holds from misuse, interference and loss, and from unauthorised access, modification or disclosure. KEYS WA has obligations to destroy or de-identify personal information in line with legislation and any other privacy principle.

Part 5: Access to, and correction of, personal information

APP 12:
Access to personal information

KEYS WA has obligations to provide access, when an individual requests, to personal information held about them by the organisation unless a specific exception applies. Staff will refer to Privacy fact sheet 17: Australian Privacy Principles and KEYS WA procedures in every case.

APP 13: Correction of personal information

KEYS WA has obligations in relation to correcting the personal information it holds about
individuals to ensure accuracy is maintained. In any instance where there is a lack of clarity, return to reference Privacy fact sheet 17: Australian Privacy Principles and discuss with Manager or seek advice from the Quality Advisor.


  • Privacy: “Freedom from intrusion or public attention” (Oxford Dictionary, 7th edition, 1991).
  • Sensitive Information: All health information is acknowledged as sensitive, and for the purposes of this policy all personal information is considered sensitive.
  • Cross-border disclosure: The sharing of information across state or international borders.
  • Collects: an entity collects personal information only if the entity collects the personal information for inclusion in a record or generally available publication.
  • Holds: an entity holds personal information if the entity has possession or control of a record that contains the personal information.
  • Solicits: an entity solicits personal information, if the entity requests another entity to provide the personal information, or to provide a kind of information in which that personal information is included.

Related Legislation/Compliance
Privacy Act 1988
Privacy Amendment (Enhancing Privacy Protection) Act 2012

Supporting Procedures
OP-P06 Privacy Procedures
OP-P34 Code of Conduct

Privacy Act 1988 (No. 119, 1988 as amended)
Privacy Amendment (Enhancing Privacy Protection) Act 2012
Australian Privacy Principles: Privacy Fact Sheet 17 [Online]
Australian Government – Office of the Australian Information Commissioner