Privacy Policy

Update about the HeartWest

Privacy Policy

At HeartWest we are committed to protecting the privacy of patient information and to handling your personal information in a responsible manner in accordance with the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012, the Australian Privacy Principles (APP) and relevant State and Territory privacy legislation (referred to as privacy legislation).

This Privacy Policy explains how we collect, store, use and disclose your personal information, how you can access that information and how you can seek the correction of that information. It also explains how you may make a complaint about a breach of privacy legislation.

This Privacy Policy is current from March 2023. From time to time we may make changes to our policy, processes and systems in relation to how we handle your personal information. We will update this Privacy Policy to reflect any changes. Our policy and any changes to our policy will be available on our website, in our clinics and upon request.

Collection of Information

We collect information that is necessary and relevant to provide you with appropriate medical care and treatment, and to manage our clinics.

This information includes your personal details such as your name, address, date of birth, gender, ethnicity, next of kin, emergency contact and contact details. Health information includes your medical history, past and current treatments and any other information which is necessary to assist us in providing you with appropriate care. We may also store medical images such as medical photographs.

We will also collect your Medicare number/veterans affairs number, pensioner/concession card number, private health insurance details, credit card and direct debit details. This information is stored on our computer medical records system.

Wherever practicable we will only collect information from you personally. However, in some circumstances we also need to collect information from other sources such as general practitioners, treating specialists, radiologists, pathologists, hospitals, My Health Record and other health care providers to assist in your medical care.

We collect information for research, data analytics and quality assurance activities to improve individual and community health care and practice management. Usually information that does not identify you is used but should information that will identify you be required, you will be informed and given the opportunity to ‘opt out’ of any involvement.

In emergency situations we may also need to collect information from your relatives, carers or friends.

We collect information in various ways, such as over the telephone, facsimile, email, in writing, in person in our clinics, or over the internet if you transact with us online. This information may be collected by medical and administrative staff.

We retain medical records for certain periods of time, as required by law, depending on your age at the time we provide services.

Dealing with unsolicited information

If we receive personal information that our clinics did not solicit, we will determine whether it could have been collected in the usual way and if not then it will be destroyed in accordance with the Australian Privacy Principles.

Anonymity and pseudonymity

Wherever it is lawful and practicable you have the option to request that we deal with you under a pseudonym or anonymously. However, it may be necessary for us to collect your personal or sensitive information for your health care treatment. It is important to be aware that if you provide incomplete or inaccurate information of withhold information we may not be able to provide you with healthcare services of the treatment you require.

Use and Disclosure

We treat your personal information as strictly private and confidential. We will only use or disclose it for purposes directly related to your care and treatment, or in ways that you would reasonably expect that we may use it for your ongoing care and treatment. For example, the disclosure of diagnostic results to your referring doctor or your medical history in requests for diagnostic testing.

There are circumstances where we are permitted or required by law to disclose your personal information to third parties. For example, to Medicare, regulatory bodies, tribunals, courts of law, hospitals, or debt collection agents.

We may also from time to time provide statistical data to third parties for research purposes; in this case we will notify you to obtain your consent, you may choose to ‘opt out’ of any involvement.

We may use your de-identified health information for research, audit, quality assurance, teaching and education, to improve current methods to improve diagnosis and treatment.

We may disclose information about you to outside contractors to carry out activities on our behalf, such as an IT service provider, accountant, solicitor or debt collection agent. We impose security and confidentiality requirements on how they handle your personal information. Outside contractors are required not to use information about you for any purpose except for those activities we have asked them to perform.

Further consent will be obtained if your information is used for any purpose other than set out in this document.

Data Quality and Security

We will take reasonable steps to ensure that your personal information is accurate, complete, up to date and relevant. For this purpose, our staff will ask you to confirm that your contact details are correct when you attend our clinics. We request that you let us know if any of the information we hold about you is incorrect or out of date.

Personal information that we hold is protected by:

· Securing our premises;

· Placing passwords and varying access levels on databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure;

· Providing locked cabinets and rooms for the storage of physical records.

· Information and technology services, including medical and practice management software which includes virus controls, firewalls, encryption, data hosting and back up; and

· Services provided by independent medical specialist IT contractors who are accredited and are in compliance with all Australian Data storage and security environments.

· Any breaches of privacy will be disclosed as per the Australian Privacy Principles


If you believe that the information we have about you is not accurate, complete or up-to-date, we ask that you contact us in writing or visit us personally at our clinic.


You are entitled to request access to your medical records. We request that you put your request in writing and we will respond to it within a reasonable time.

There may be an administrative fee for providing you a copy of your medical records.

We may deny access to your medical records in certain circumstances permitted by law, for example, if disclosure may cause a serious threat to your health or safety, or if it would interfere with the privacy of others. We will always inform you why access is denied and the options you have to respond to our decision.

Overseas Transfer of Data

We will not transfer your personal information to an overseas recipient unless we have your consent, or we are required to do so by law.

The Spam Act 2003

The Spam Act prohibits sending unsolicited emails, SMS and MMS messages for commercial purposes.

Website Privacy Policy

This website privacy policy applies to the website

This website policy informs you regarding how we collect your information and how we use it.

Here at HeartWest we respect and understand the importance of your privacy. We take reasonable measures to protect your personal information in which you provide to us voluntarily on this website by using encryption technology, but we cannot guarantee the security of any data you reveal online.

This website does not use “Website Cookies”, which are pieces of data sent from a website and stored in a user’s web browser while the user is browsing that website, however other website which are linked to this website may do so. HeartWest is not responsible for the data policies, procedures or contents of other websites. When you have followed a link to another website, you have left our website hence the privacy policy of that new website applies.

On this website we collect information such as your email address and contact details, when you chose to contact us via email. Your full name, Date of birth, Patient Number (if known), mobile phone and email address for online bookings. For Online registration for new patient, in addition to the personal information just mentioned, we also collect your current address and contact numbers, gender, ethnicity, emergency contact details, your Medicare / Concession card and Private Insurance details and medical information. We will only use or disclose the information you provide us for the purposes directly related to your appointment bookings, registration, care and treatment, and in ways that you would reasonably expect that we may use it to provide our service to you.

We reserve the right to use or disclose any information as required by law, regulation or legal request, to cooperate with any law enforcement or to lessen the threat to a person’s or public’s health or safety. We also reserve the right update and change our Clinic and website privacy policy and method of handling information at any time. The updates or changes will be available for viewing in our clinics, on this website and upon request.


If you have a complaint about the privacy of your personal information, we request that you contact us in writing. Upon receipt of a complaint we will consider the details and attempt to resolve it in accordance with our complaints handling procedures.

If you are dissatisfied with our handling of a complaint or the outcome you may make an application to the Australian Information Commissioner or the Privacy Commissioner :


For queries regarding our Privacy Policy please contact our Practice Manager on

Phone: 03 8721 0888


Post: Practice Manager


36 Lyons Street

Williamstown 3016

For more information in regards to Privacy Acts please visit the Office of the National Privacy Commissioner.