Privacy Impact Assessment

Privacy Impact Assessment Register

The NDIS Quality and Safeguards Commission (NDIS Commission) promotes a culture that values privacy and is committing to protecting personal information shared with us. The NDIS Commission completes privacy impact assessments (PIA) for high-risk privacy projects to ensure privacy considerations are taken into account from the outset of a project and through its lifecycle. PIAs provide a systematic assessment of compliance with the Australian Privacy Principles contained in the Privacy Act 1988 to identify potential privacy risks and provide mitigation strategies for managing, minimising or eliminating risks.

The NDIS Commission is required by section 15.1 of the Privacy (Australian Government Agencies – Governance) APP Code 2017 to maintain a register of the privacy impact assessments (PIAs) it conducts, and to publish that register on its website.

PIAs that have been completed by the NDIS Commission are listed below:


Reference number


Completion date


Functions of the NDIS Quality and Safeguards Commission

10 July 2019



Proposed amendments to the National Disability Insurance Scheme (Protection and Disclosure of Information – Commissioner) Rules 2018

9 March 2021


NDIS Quality and Safeguards Commission’s Consultative Committee 

15 March 2024


NDIS Quality and Safeguards Commission -Suitability Project

28 March 2024


Further Information

For further information, contact either the Privacy Champion or Privacy Officers of the Internal Integrity Unit at .

The NDIS Commission easy read Privacy Policy is available at Easy Read information | NDIS Quality and Safeguards Commission .

The Privacy Act is accessible at .

Extensive guidance from the Office of the Australian Information Commissioner is available at Privacy | OAIC .   

Related resources

Privacy Impact Assessment Register