Rights and Responsibilities

Downloads

Why do I need this document?

Among other things, the Human Resource Management Practice Standard wants to know you have “the relevant expertise and experience to provide person-centred support” to NDIS participants. We have found that developing a Service Delivery Model for your business is a great start! 

By spending a bit of time writing a Service Delivery Model that reflects how you deliver your services it shows you understand the Code of Conduct and person-centred support. It also tells others your values and practice standards. This document is not just for the auditor it can become a key marketing document for you, showing potential clients how you operate. So think about how and where you may use this document or where else in your system you may prefer to communicate this information. Some providers choose to include it in service agreements. 

Of all the documents we provide, we anticipate this one will require the most of your attention. It is really important it reflects your practice and how you operate. 

When writing your Service Delivery Model consider including the following: 

• Defining what you mean by person-centred support and ensuring you use person-centred language throughout – some providers prefer to write this document as if speaking to the participant rather than in 3rd person 
• How you meet the needs of participants and their family (if practical and if directed by the participant to do so) 
• Respecting the participant’s cultures, beliefs and values 
• Working with trusted/appointed decision makers 
• Communicating with participants in a way they understand and encourages their involvement 
• The professional model or framework you use to direct your intervention. In our sample Service Delivery Model, we have used the Occupational Performance Model by Chris Chapparo and Judy Ranka. Only use it if it really suits your practice – there are many other models available for different professions, your professional associations competency standards framework is another good option to utilise 
• Dignity of risk 
• Culture of continuous improvement and the importance of feedback. 

Why the auditors like it 

• They get a feel for the type of practice you are. Remember for a Verification audit, auditors do not come on site – they need to know you understand person-centred supports and actually do provide them. 
• They can see what you say you are doing in your Service Delivery Model links back to your Annual Training Plan e.g., you say you respect the cultures, beliefs and values of your clients and you have an annual training event correlating to this. 

Next steps 

• LOOK at the Sample Service Delivery Model and use it as a guide to write your own. Keep it to a max of one page. 
• GET FEEDBACK from some of your participants – does it reflect what you do?
  
• ONLY INCLUDE things in your Service Delivery Model that you actually do now and can demonstrate and/or implement new ways of working which address the aspects listed for inclusion above. For example, if you say you understand and respect the culture, beliefs and values of your participants make sure you have evidence of how you are doing this e.g., is it a question on your initial assessment or intake form and what do you do with the answers? 

Downloads

Why do I need this document?

The purpose of the NDIS Service Agreement is to ensure you and your participants have an agreed set of expectations as to how services will be delivered. 

The Service Agreement provided here is designed to complement the Support Plan (see Risk Management section for details and example). In this example, the Service Agreement informs the participant of the general cost of services e.g. the hourly rate for service, the travel rate and the cancellation policy. The Support Plan details the number of services and the associated cost. This  can be preferable so that when you review your Support Plan you do not need to issue a new full Service Agreement.  

However, depending on the type of services you provide, participants you work with and systems within your workplace, you may prefer to include the details related to services and costs or a ‘quote’ within this Service Agreement. It is recommended you consider the Service Agreement and Support Plan aspects together and consider if you require both or where you will include other relevant information within your systems and documents if you prefer not to use both.  

If you have already set up a system that works for you and your participants, consider the need for change – it may not be necessary, just ensure you have included all the relevant pieces of information to ensure you are compliant with the NDIS rules. 

You need to demonstrate that you inform your participants: 

• Of the cost of services 
• The period of the service agreement 
• Of their rights 
• Of your responsibilities as the provider and theirs as the participant 
• How you endeavour to maintaining their privacy 
• How to make a complaint 
• Of the cancellation policy 
• How to end the services agreement. 

Obtaining consent is critical – the NDIS Service Agreement summarises six different consents. Two of the consents are about participating in quality improvement activities. It is much easier to obtain this consent at the commencement of services. 

Why the auditors like it 

They can see: 

• You have informed participants appropriately before commencing services 
• You have obtained appropriate consents 

Next steps 

• • OPEN the NDIS Service Agreement 
  • READ the NDIS Service Agreement and ensure it reflects your practices 
  • CUSTOMISE the NDIS Service Agreement if required 
  • ADOPT the form 
  • EDUCATE your team, if applicable, on the purpose and use of the form 

Downloads

Downloads

Why do I need this document?

New team members joining your business need to understand how you provide services to NDIS participants and the underlying principles of your service delivery.

An Induction Checklist will ensure you have a comprehensive program for new staff.
The sample Induction Checklist addresses NDIS requirements but you will need to add your internal procedures and specific clinical topics.

Fair Work Australia has a large number of HR resources including induction templates. This may be a useful starting point if you don’t currently have a documented induction process.

Why the auditors like it

• They can see new members on your team are provided with the necessary NDIS training
• They don’t have to have long conversations with you to find out what training is provided for new team members
• They like to see you have a system in place and things are done as planned, not ad hoc.

Next steps

• OPEN the Induction Checklist
• CUSTOMISE the Induction Checklist to suit your business
• COMPLETE the induction requirements
• RECORD date of completion of induction on the HR Register

Downloads

All registered providers must conduct pre-employment checks for workers in line with the worker screening requirements which are based on the NDIS Practice Standards – Worker Screening Rules 2018. This helps ensure that key personnel and workers in these roles do not pose an unacceptable risk to the safety and wellbeing of NDIS participants. 

 Not all workers require screening checks.  

 TASK 

To determine which of your employees / staff / workers require a check download the NDIS worker screening risk assessment template document available below, and conduct a risk assessment for each of your staff. 

This document must be completed and stored for all staff to ensure compliance with worker screening record keeping requirements.  

 When conducting risk assessments also consider: 

Students: 

• “Secondary school students on a formal work experience placement with a registered NDIS provider do not need an NDIS worker screening clearance or acceptable check to be engaged in a risk assessed role. This is provided they are directly supervised by another worker who has an NDIS worker screening clearance, or who has an acceptable check.” (reference) 
• See requirements related to Tertiary and TAFE students here 
• The worker screening system requires an application within one State or Territory but is now a national scheme and checks apply nationally. However, some States and Territories may have additional requirements in place and/or have identified alternative acceptable checks which meet the Commission’s requirements in place of the NDIS Worker Screening Check clearance. 
• You can see acceptable alternative checks here 
• You should check here to see if there are any additional requirements in any States or Territories you will provide services. 
• Contractors: Requirements related to contractors are noted here 

Once you have determined which staff need a check: 

• You can use the Worker Screening Database to determine if staff and/or prospective employees have already had a check and the outcome (cleared or excluded) of the check. 
• To request access to the NDIS Worker Screening Database before you are registered you need to complete an application form. 
• Refer to the Quick reference guide – Unregistered Provider – Request access to the NDIS Worker Screening Database for assistance. 
• Once you are registered you can access the Worker Screening Database via the NDIS provider portal. 
• Ask remaining staff to undergo a worker screening check – the link to the relevant worker screening unit in your state or territory can be found here
• When making an application, workers will need to nominate an employer to verify that they intend to engage the worker to deliver NDIS supports or services. Most application forms will allow workers to search for their employer using their Employer ID. This is the best way to find the employer and make sure the correct one has been selected.  
• Organisations can find their Employer ID and provide it to workers by doing the following: 
• Enter the NDIS Commission Provider Portal 
• On the Portal entry point screen, use the drop down menu to select the Provider name. In the Role drop down, select Registrant 
• Once you are in the NDIS Commission Portal, select the My Registration tile 
• On the left side menu, towards the top you will be able to see your Registration Id. This is the Employer Id that you can advise your workers to use when applying for the NDIS Worker Screening Check 

Once staff have completed their checks: 

• You will receive notification as the employer and a number related to their check to record 
• You should record this number in the HR register along with any other relevant details related to their check as per the required record keeping requirements 
• If you complete the registers provided in this resource your requirements should be met, however, you must remember if anything changes about the staff members position to update your records – the requirement is within 20 days.  

Downloads

In addition to the worker screening checks, there are specific requirements related to ensuring the identity of your personnel, their right to work in Australia and their level of qualifications and experience and how this relates to the services they provide to participants on behalf of your business. Workers must have Proof of Identity and Right to Work checks 

There are differences in the requirements dependent upon whether your business is set up as a Body Corporate (Incorporated or Pty Ltd) or Individuals and Partnerships. You need to refer to the Verification module – September 2021, locate the heading related to your business structure and see the detailed requirements to understand how you meet these relevant headings within the compliance register.

The NDIS Code of Conduct is intended to promote safe and ethical service delivery by setting out expectations for the conduct of both NDIS providers and workers. 

All registered NDIS providers and their employees must comply with the code at all times. 

See here for information related to: 

• Who else the Code applies to 
• A summary of what the Code requires 
• Guidelines to help NDIS providers and workers understand their obligations under the Code were updated in September 2023 and are now available. 

 A free Worker Orientation Module is available to help workers understand the NDIS Code of Conduct.  

The module It takes about 90 minutes, and a certificate of completion is provided by the system once you have done so.

Task: 

• All registered providers and their workers must complete the module to support compliance with the Code 
• You and each employee must access the module here and complete it so you receive a certificate of completion 
• Collate these completion certificates within your management system and provide a copy for each relevant worker / employee to the auditor. 

Why do I need this document?

The NDIS Commission’s Module’s, Practice Standards and Code of Conduct require providers and workers to understand and comply with various policies and apply various principles in their practice. One way of ensuring this occurs is for regular training to occur on key issues. This training is in addition to your CPD requirements for professional registration and/or membership (although you may be able to use some of the training for CPD points). 

The Training & Competencies tab of the combined compliance register provides a clear list of what training is required and how often and records what you have completed. It includes training on policies such as Privacy, Incident Management and Risk Management but also on topics such as the NDIS Code of Conduct and Dignity of Risk. You may also need to add topics to the plan if you are providing some specific supports to NDIS participants. 

• If you work on your own, a lot of this training will be informal e.g., reviewing the NDIS Code of Conduct and reflecting on how you apply the code to your delivery of services. Consider arranging to meet up with your peers to discuss some of the training topics together. 
• Small practices might like to consider covering one topic a month as part of a team meeting. 
• For larger organisations you will need to keep records of who attended the training and how you provided the training to any staff that missed out.  

You may wish to regularly review the training and competencies completed and frequency dates to see when refresher training is required or set up a separate training plan so you can more easily identify when training is required throughout the year and ensure you have proactively planned time to complete the training.  

Why the auditors like it 

• They can see you understand what you must do each year and have a system in place to remember what training you plan to do. 
• It prevents them from having to engage in long conversations with you to find out what training you are doing. 
• They have specific training topics they can ask you/your team about. 

Next steps 

• Customise the training and competencies tab within the combined compliance register (or set up in your alternative system) to suit your business  
• FILL IN the completed date when training is undertaken 
• UPDATE your professional CDP record to show the auditor you are maintaining your relevant professional development. 

Downloads

Why do I need this document?

Sometimes NDIS participants don’t achieve their goals, despite receiving services and supports. Understanding why some goals are not achieved will help you to improve your practice. The Goal Attainment Quality Improvement Activity also helps demonstrate your ‘competence’ as per the NDIS Code of Conduct.

The activity form below will help you to determine:

• How many of your ‘intervention goals’ have been achieved
• The reasons why any were not achieved
• How many of your intervention goals are in line with participants’ participation goal/s. Showing your intervention goals are in line with the participants’ participation goals demonstrates you are providing person-centred intervention.

The activity form is an Excel document with formula inserted into the fields to help you quickly undertake a quality improvement activity. There is sample data inserted into the spreadsheet to show you how it works.

This form is designed to be used with the Quality Improvement Activity Report (QIAR) form. Complete the initial part of the QIAR and then collect your data. Once you have completed the audit, summarise the results and complete the rest of the QIAR, including any actions required.

The source document for the data you will need to collect is on your participants’ NDIS Support Plan. Unless you have been collecting your goal attainment outcomes in a way that can be readily accessed, you may find it easier to wait until you have used the NDIS Support Plan provided before completing this audit.

It is very difficult for small services to get statistically significant sample sizes.

• For a small practice (2-3 allied health professionals), we suggest using information from 10 randomly selected participants. This will be enough to indicate how effective your services are and alert you to any trends. Do this once a year and take note of any changes in outcomes.
• Larger services should consider sampling 10% of current participants.

Why the auditors like it

They can see:

• You are undertaking quality improvement activities to improve the services you provide to NDIS participants
• The services you are providing are helping NDIS participants achieve their goals

Next steps

• OPEN the Goal Attainment Quality Improvement Activity Form – look at the Sample Data inserted
• CONSIDER when you will be able to complete the audit and how many participant files you will need to include
• INSERT your own data collected from the NDIS Support Plans you have completed and also complete the Quality Improvement Activity Report (QIAR) form (in Quality Management section). Enter the audit in the Quality Improvement Projects Register (also in Quality Management section)
• DETERMINE follow-up action required then monitor progress and document it has been completed on the Register
• SET date for future Goal Attainment Audit.

Downloads

Why do I need this document?

To be able to undergo continuous quality improvement, you need to know where you need to improve. You may think you know what your participant’s want and think of your service and/or where your energy is best placed for improvement, but the best way to be sure is to ask your participants. Collecting this information will also help you to demonstrate if you are doing what you say you are doing and if your participants are satisfied with the service they are receiving. 

This activity is a chance to strengthen your business by ensuring you are delivering what your participants and NDIS really want. 

AHPA recommends the use of valid and reliable measures wherever possible. There are many Patient Reported Experience Measures (PREMs) available in the literature. You need to choose PREMs which are appropriate for the services you provide, the types of participants you engage with and can be administered in a manner which works for you and your participants.  

Where a suitable PREM is not available or possible you may wish to conduct a participant survey to seek feedback and inform your quality improvement activities. 

Before collecting feedback via survey methods, always ensure the participant has provided consent to participate in such an activity and that they understand they may be contacted by a third party to complete a questionnaire.  

Why the auditors like it

They can see your participants: 

• Felt they were treated with dignity and respect 
• Felt their privacy and confidentiality was respected 
• Were involved in setting their goals 
• Were involved in planning their services 
• Felt the services you provided helped them achieve their goals
• Knew how to voice a concern or make a complaint and felt comfortable to do so.

Next steps

1. ACCESS A VALID AND RELIABLE EXPERIENCE MEASURE relevant to your service if possible 
2. Some professional associations have begun assisting members with this task by facilitating a profession wide service that provides the survey, survey provision and data collection and results analysis, see this example by the Australian Orthotic and Prosthetic Association 
3. Or use the previously provided survey and instructions attached below 
4. IMPLEMENT: When implementing the survey to gain feedback you should consider:

• Which participants you will ask and when
• If you are a sole trader or small practice (2-3 allied health professionals (AHPs)), we suggest you survey at least 10 participants before your first audit 
• If you have a larger business, say 6 AHPs, we suggest you do at least 30 surveys before your first audit  
• Make sure you interview participants across your team of providers to identify if a particular provider gets better results than another 
• Ask as many participants as you can over time and target all areas of your service 
• Best practice involves asking participants to answer the questions alone and anonymously, if a person needs to ask the participant the questions, make sure that person is someone who has NOT provided the services in question so they feel comfortable to provide honest feedback.  

If you can’t facilitate an anonymous option for completion, consider using a third person who is not connected to your service to undertake the survey, for example, talk to a colleague and offer to undertake their survey in return for them doing yours. 

• How you will collate the results in an efficient manner to enable you to collect more results over time, analyse the data and use the results in a meaningful way to inform your opportunities for improvement.  
• Once you have analysed the results make time to CELEBRATE good results and/or BRAINSTORM with your team on how to improve 
• DETERMINE follow up action required and document it has been completed 
• Ensure you have a process in place for ongoing/ periodic data collection in the same way over time so you can compare results and see if your changes have had the positive impact intended and whether participant’s have noticed.  

Downloads

Why do I need this document?

• The HR Register keeps all personal and professional information in the one place for you and all personnel involved in your business. Even if you are a sole trader it will ensure all relevant information is in one place and enable you to easily find information when required. 
• It reminds you what you need to check when employing or contracting additional personnel.  
• It ensures your due diligence, if something does go untoward your insurer will want to know you have done these pre-employment checks. 
• It allows you to match staff skills and services with the needs of your participants e.g. second languages, skilled at using assistive technology, Makaton, Auslan, different NDIS registration groups.  

Why the auditors like it 

They can: 

• See at a glance (i.e., without having to look at a range of documents) that you and anyone working for you has the right to work in Australia and the appropriate qualifications, experience and checks are in place to provide services to NDIS participants 
• See that requirements are current 
• Easily do the checks they need to do, e.g., look up your AHPRA registration or worker screening details 
• See you consider the communication needs of your participants by recording the communication skills of your team members 
• See you have systems in place to ensure your compliance if you employ additional personnel. 

Next steps 

• Complete the listed details for all relevant personnel within the HR Register tab of the combined compliance register or alternative system you have chosen to use 
• GET CONSENT from any employees or contractors to share this information with the auditor for the purpose of completing NDIS registration. 
• SIGHT original documents and STORE copies for auditors upon request. 

Downloads

Why do I need this document?

When receiving referrals for new NDIS participants there is some minimal data you need to collect to meet your requirements under the NDIS Code of Conduct and the Practice Standards.

This Intake Checklist provides you with prompts to ensure:

• Information pertinent to NDIS participants is gathered prior to the initial appointment/assessment
• Required documentation such as signed service agreement and consents have been obtained and saved to the participants file.

The information referred to on this checklist should be incorporated into your referral form for new NDIS participants, whether this is paper-based or electronic.

There will be other business-related and clinical information you will be collecting at the time of a new referral. This checklist is not intended to capture all that information.

You could combine this checklist with the Participant Transition-Discharge Checklist (in Access to Supports under Provision of Supports [Service Delivery]) to create a tool that will see a participant from the beginning to end of their time with your service. It may also suit your organisation to produce this as an electronic flow chart.

Why the auditors like it

They can see:

• You are aware of what information is important to have prior to your initial assessment with NDIS participants.

Next steps

• OPEN the New Participant Intake Checklist
• DETERMINE how you will capture this information at the time of taking a new referral
• MODIFY your own referral form, if necessary, to include this information
• EDUCATE your team members taking referrals about the importance of collecting this information
• ADD training dates to your Annual Training Plan

Downloads

Why do I need this document? 

This vital document is designed to ensure (and provide evidence) that you are doing what you say you are doing in your Service Delivery Model and policies.  

It is designed to keep you and the participant focused on what the participant wants to achieve and how you will allocate their resources to assist them with meeting their goals.   

When completing the NDIS Support Plan do not leave any fields blank, if there is nothing to note write ‘nil identified’ to clearly demonstrate the relevant factor has been considered.   

In our examples, a participant’s NDIS Service Agreement refers to their Support Plan for a breakdown of costs. Some providers choose to have the full breakdown of costs in the Service Agreement. That’s fine but it means you will need to issue a full new Service Agreement every time you update a participant’s Support Plan. We suggest you refer to the current Support Plan as the detailed ‘quote’.  

Changes in 2021 to the legislative requirements relating to Emergency and Disaster management also make it critical that you consider this Support Plan document in conjunction with your Service Agreement. The two documents need to be complementary to ensure all relevant pieces of information for compliance with registration requirements are included.  

You should carefully consider the below requirements and determine where these aspects fit best within the system you are using and the way you document information and share with participants and their support networks to ensure everyone is aware of what should occur in these situations should they arise. 

These requirements were included in the legislative changes related to Emergency and disaster management: 

“In collaboration with each participant:                               

(a)  risk assessments are regularly undertaken, and documented in their support plans; and
(b)  appropriate strategies are planned and implemented to treat known risks to them.  

(2A)  Risk assessments include the following:  

(a)  consideration of the degree to which participants rely on the provider’s services to meet their daily living needs;  

(b)  the extent to which the health and safety of participants would be affected if those services were disrupted.  

9)  Each participant’s support plan:  

(a)  anticipates and incorporates responses to individual, provider and community emergencies and disasters to ensure their safety, health and wellbeing; and  

(b)  is understood by each worker supporting them.   

(5)  Service agreements set out the arrangements for providing supports to be put in place in the event of an emergency or disaster.” 

This indicator is included within the NDIS Practice Standards and Quality Indicators: 

• “Each support plan is reviewed annually or earlier in collaboration with each participant, according to their changing needs or circumstances. Progress in meeting desired outcomes and goals is assessed, at a frequency relevant and proportionate to risks, the participant’s functionality and the participant’s wishes.” 

Therefore, it is critical you can demonstrate where the following is addressed in your system:  

• Risk assessments are occurring in collaboration with participants  
• Risk assessments are documented and easily drawn upon as required, particularly in the event of an emergency or disaster  
• How risks related to disrupted services will be managed by your service  
• How these management strategies have been communicated to the participant and how they will know what to do and expect.  

In our example it is within the Support Plan, however, you need to make relevant updates to the Service Agreement document. 

Why the auditors like it 

They can see:  

• Who has contributed to developing the plan  
• You are aware of the participants’ goals and your intervention is directed to achieving these  
• You have considered the cultural needs of the participant  
• You identify and focus on the strengths of the participant  
• You have communicated clearly to your participant the intended services to be provided to meet their goals  
• You have identified any risks in relation to the implementation of the plan  
• The participant and their support network are aware of what will happen and/or what to do if planned services are interrupted  
• You review the plan and identify the reason for any goals not being achieved  
• The plan has been accepted by the participant and/ or their decision maker  

Next steps 

• OPEN the Support Plan – read it carefully and adjust to suit your business in line with your Service Agreement and Safe Practice and Environment policy  
• CUSTOMISE the document to reflect your practice  
• ADOPT the document  

Downloads

Downloads

Why do I need this document?

By conducting annual audits of your NDIS Support Plans you will demonstrate that you are collecting the information required to comply with the NDIS Practice Standards. It is one thing to say you consider the cultural needs of your participants, but you need to be able to show the auditors you are actually doing it.

• If you are a sole trader or small practice (2-3 allied health professionals), we suggest you audit 10 current Support Plans.
• If you have a larger business, say 6 practitioners, we suggest you audit 30 Support Plans.
• If you are a larger organisation we suggest you audit 10% of your current Support Plans.

Make sure you audit Support Plans from across your team to identify if a particular practitioner gets better results than another.

Audits can be time consuming to complete and depending on when your third-party audit is, you may or may not have time to complete this before your audit date. If you don’t have time, don’t panic. You could:

1. Put it in your Quality Management Plan and advise the auditors you intend to undertake an NDIS Support Plan Audit to determine compliance across your team in terms of collecting information.
2. Do a small sample audit (e.g. 6 files) which you can improve on next time around. This will show the auditors you have tested the process of conducting an NDIS Support Plan Audit and have considered the information it will provide you.

Don’t worry if your audit reveals poor compliance in some areas. The main thing is to demonstrate you have addressed the issues and put in place processes for improvement. But it will be important to show improvement in in the results of your next audit, otherwise it indicates that your management strategies didn’t work. Whatever you do, don’t fudge the results.

An NDIS Support Plan Audit Form is provided for you to collect information on. The fields on this form correlate to those on the NDIS Support Plan. If you change the NDIS Support Plan you will need to change the audit form to mirror the fields on your revised Support Plan.

Once you have completed the audit you will need to spend some time analysing your results using the Quality Improvement Activity Report (QIAR) form (see the Quality Management Section). You could consider analysing:

• Individual practitioners’ strengths and weaknesses
• Team trends
• Best compliances
• Worst compliances
• Actions to complete to achieve improvement – individual actions, team actions
• Review date

Why the auditors like it

They can see you:

• Are asking participants about their cultural needs, recording these needs and consider them in your provision of service
• They can see you put in place strategies to improve your services
• Are doing what you say you are doing.

Next steps

• OPEN the NDIS Support Plan Audit Form
• CUSTOMISE it to reflect the fields in your NDIS Support Plan
• PLAN an audit date and insert it on your Quality Management Plan. Note: this will be covered in Risk Management under the Governance and Operational Management Standard.
• CONDUCT the NDIS Support Plan Audit
• CONSIDER the results and DOCUMENT using the Quality Improvement Activity Report
• CELEBRATE good results and/or BRAINSTORM with your team on how to improve
• DETERMINE a plan to improve performance
• FOLLOW UP on plan and DOCUMENT
• SET date for next NDIS Support Plan Audit and insert it on your Quality Management Plan

Downloads

Downloads

Why do I need this document?

You must comply with the Information Privacy Principles of the Privacy Act 1988 and its subsequent amendments when dealing with NDIS participants’ personal information. Some states (NSW, VIC) and territories (ACT) have additional legislative requirements. Anyone providing services to NDIS participants is also obliged to “respect the privacy of people with disability”,  in accordance with the NDIS Code of Conduct.

This policy outlines your understanding of your responsibilities and how you go about maintaining privacy, not only of your NDIS participants but also other clients and staff.

Cyber security is an important consideration for both small and larger organisations. Recommended reading is Essential 8 Cyber Mitigation Strategies – one really easy recommendation to implement is multi-factor authentication.

If you have students doing clinical placements at your practice, make sure you adapt the Privacy and Information Management Policy and Procedures template to include them.

Why the auditors like it

They can see:

• You have an understanding of the legislative requirements associated with privacy
• You have recognised there are different consents required for different purposes
• You have a policy that is accessible to your participants
• You have systems in place to keep participants’ information safe
• You are aware of risks associated with maintaining privacy of information and are implementing appropriate mitigation strategies.

Next steps

• OPEN the Privacy and Information Management Policy – read it carefully
• ADAPT the policy as needed – aspects that may need to be reviewed are highlighted in yellow.
• DETERMINE if your state or territory has additional legislative requirements and include these in your policy
• REVIEW the section on Managing Privacy of Client Information Storage in this Policy – make sure you customise this to reflect what you do
• DOCUMENT any staff training you have conducted on this policy including who attended – this is your evidence.
• ADD upcoming training dates on Privacy and Information Management to your Annual Training Calendar.

Downloads

Why do I need this document?

By conducting annual audits of your NDIS Participant’s Service Agreements you will be able to:

• Demonstrate what percentage of your NDIS participants have signed and received a copy of their Service Agreement
• Determine if your NDIS Participants are completing the consent section of the Service Agreement correctly and you are able to retrieve the information efficiently.

If you are a sole trader or small practice (2-3 allied health professionals (AHPs)), we suggest you audit 10 current Service Agreements. If you have a larger business, say 6 AHPs, we suggest you do 30. If you are a larger organisation we suggest you audit 10% of your current Service Agreements.

Make sure you audit files from across your team to identify if a particular practitioner gets better results than another.

Audits can be time consuming to complete and depending on when your third-party audit is, you may or may not have time to complete this before your audit date. If you don’t have time, don’t panic. You could:

1. Put it in your Quality Management Plan and advise the auditors you intend to undertake an NDIS Support Plan Audit to determine compliance across your team in terms of collecting information.
2. Do a small sample audit (e.g. 6 files) which you can improve on next time around. This will show the auditors you have tested the process of conducting an NDIS Support Plan Audit and have considered the information it will provide you.

Don’t worry if your audit reveals poor compliance in some areas. The main thing is to demonstrate you have addressed the issues and put in place processes for improvement. But it will be important to show improvement in in the results of your next audit, otherwise it indicates that your management strategies didn’t work. Whatever you do, don’t fudge the results.

A NDIS Participant Service Agreement Audit Form is provided for you to collect information on.

This form is designed to be used in conjunction with the Quality Improvement Activity Report (QIAR) form (see Quality Management Section). Complete the initial part of the QIAR and then collect your data. Once you have completed the audit, summarise the results and complete the rest of the QIAR, including any actions required.

Once you have completed the audit you will need to spend some time analysing your results. Here are some things to consider:

• Has the Service Agreement been signed by the appropriate person?
• Was the participant provided with a copy of their Service Agreement?
• Is the consent section filled out and are the agreed consents easy to find on the participant’s file?
• Are some team members better than others at obtaining and documenting consent in the participant’s records?
• How will you improve any unsatisfactory results?

Why the auditors like it

They can see you:

• Are providing choice to participants regarding their consents
• Have put in place strategies to improve your services
• Are doing what you say you are doing.

Next Steps

• OPEN the NDIS Participant Service Agreement Audit Form
• PLAN an audit date and insert it on your Quality Improvement Plan
• COMPLETE the initial part of the Quality Improvement Activity Report (QIAR) form. Enter the audit in the Quality Improvement Projects Register (see Quality Management section for these documents)
• CONDUCT the NDIS Service Agreement Audit
• DOCUMENT and CONSIDER the results
• CELEBRATE good results and/or BRAINSTORM with your team on how to improve
• DETERMINE a plan to improve performance
• FOLLOW UP on your plan. FINALISE the QIAR and DOCUMENT its completion on the Register
• SET date for next NDIS Participant Service Agreement Audit and insert it on your Quality Management Plan

Downloads

Downloads

Protecting participants from violence, abuse, neglect, exploitation and discrimination is a critical part of the NDIS Practice Standards. To ensure you are meeting this standard you must have appropriate policies and procedures in place and meet all the relevant compliance requirements. Completing and maintaining the following documents will be essential:

• Human Resources Register (see Person-centred Supports)
• NDIS Induction Checklist (see Person-centre Supports)
• Annual Training Plan (see Person-centred Supports)
• NDIS Employment Checklist
• Compliance Calendar
• Quality Plan and Quality Improvement Projects Register (see Quality Management)
• Incidents and Complaints Management Register (see Feedback and Complaints Management)

It is also critical that the participants are:

• Aware of their right to be free from violence, abuse, neglect, exploitation and discrimination (via the NDIS Service Agreement)
• Asked if these rights are respected and put into practice in your service (Participant Survey).

You may wish to develop a brochure for participants regarding complaints management that outlines more details than the Service Agreement.

Note: If you provide services to children you will need to develop additional policies and procedures. This may include children’s rights policies particularly referencing your state’s requirements. Information in the sections on Feedback and Complaints and Incident Management helpful for this.

Why do we have to do this?

NDIS want to know:

• Participants are informed of their right to be free from violence, abuse, neglect, exploitation and discrimination
• Participants understand they can complain if this is breached (through the Service Agreement and any other materials you may use)
• Your human resource practices minimise risks to participants – this includes initial employment checks and training, plus ongoing checks, training and supervision
• Any allegations or incidents of violence, abuse, neglect, exploitation or discrimination are identified, recorded and acted upon appropriately. This includes:
  • ensuring participants can use an advocate
  • reporting and investigating as required is conducted
  • outcomes are recorded and actions taken to prevent any re-occurrence.
• You monitor compliance with and outcomes of the above through use of management tools – monitoring registers, compliance checklists, meetings, plans, quality activities (particularly Participant Survey).

What auditors are looking for

They want to be able to see:

• Your NDIS participants feel supported to report any breach of their rights and where such incidents occur they are appropriately managed
• Your HR practices minimise risks to participants – this includes initial employment practices / checks / training, on-going checks / supervision / training
• You monitor compliance with your stated systems

Next Steps

• WATCH the Webinar
• READ and UNDERSTAND the Spiel
• CUSTOMISE each document to reflect your practice
• ADOPT the documents

Downloads

Downloads

Why do I need this document?

We all need to complete registrations, subscriptions, memberships, insurances and activities to maintain the right to work in our professions and to remain safe at work. 

The Compliance Calendar provides a system to manage all your ‘must-dos’. Once set up, it lets you easily see what you have to do each month to maintain currency and your legal obligations. 

Why the auditors like it 

They can: 

• See you have a system in place to effectively manage your ‘must dos’, reducing your risk of being non-compliant with statutory requirements or having out of date insurance! 
• Look at one document and feel confident you have everything under control 
• Easily do the checks they need to do e.g., randomly ask you to show them a specific certificate of currency. 

Next steps 

• Customise the list of issues within the Business Compliance tab of the combined compliance register (or set up in your alternative system) to suit your business e.g., if you do not have rooms that you operate out of, you won’t need some of the fire safety items; if you don’t have equipment that needs calibration you can delete that item. 
• Once you have decided on what you need/want to track, RECORD due dates in the corresponding boxes e.g., if your Professional Indemnity Insurance is due on the 06/03/2020 put ‘6’ in the March 2020 column alongside ‘Professional Indemnity’. 
• MARK things you have done GREEN to show they are ‘completed’, AMBER to show something is ‘behind schedule’ or RED to show it is ‘not delivered’. Right click over the corresponding square to insert a comment explaining why you are behind schedule or stopping an activity to document any anomalies. 
• REVIEW the Compliance Calendar Sample for an idea of how it works. 

Downloads