Privacy Collection Statement

The NDIS Quality and Safeguards Commission (NDIS Commission) is bound by the Australian Privacy Principles (APPs) outlined in Schedule 1 of the Privacy Act 1988 (Cth) (Privacy Act) which regulate how entities may collect, use, disclose and store personal information. 

The NDIS Commission is also bound by the information management provisions of the National Disability Insurance Scheme Act 2013 (the NDIS Act).  These provide that if the NDIS Commission holds information about a person in its records then that information is regarded as “protected Commission information” under the NDIS Act.  An example of protected Commission information is information about a worker on the NDIS Worker Screening Database. Unauthorised use and disclosure of protected Commission information by any person is a criminal offence under the NDIS Act.

Collection of personal information

The NDIS Commission will collect from this application form, personal information including names, email addresses, phone numbers, and organisational positions. 

The NDIS Commission may also collect other personal information, including date of birth, citizenship and residency status, criminal history, working with vulnerable people checks, information concerning past bankruptcies, insolvencies and other information.

This personal information is being collected to facilitate and support the exercise of the NDIS Commissioner’s functions, as outlined in the NDIS Act and the Rules established under the NDIS Act (the Rules). 

Specifically, this personal information is being collected for the purposes of: 

  • Assessing whether the Applicant meets the requirements under the NDIS Act and the Rules to be registered as a NDIS Provider under the National Disability Insurance Scheme (NDIS) including; 
    • assessing the Applicant’s conformity with the NDIS Practice Standards; and
    • assessing the suitability of the Applicant, and the Applicant’s key personnel
  • Registering, and renewing the registration of, the Applicant as a registered NDIS Provider 
  • Communicating with you about:
    • the application
    • matters relating to the registration, including any compliance, enforcement or investigation activities (if applicable)
    • matters relating to relevant reportable incidents
    • matters relating to relevant complaints
    • matters relating to behaviour support
    • matters in relation to NDIS Worker Screening requirements including the NDIS Worker Screening Database 
    • other NDIS Commission business relevant to NDIS Providers. 
  • Monitoring the ongoing registration of the Applicant to ensure that the Applicant complies with any Conditions of Registration and other requirements under the NDIS Act, and Rules.

If you do not provide us with the personal information sought in this application form, the NDIS Commission will not be able to process your application. 

If you choose to progress the application to the next stage and engage an approved Quality Auditor, the information in this application form will be disclosed to the approved Quality Auditor for the purpose of assessing the Applicant against the relevant sections of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 (Registration Rules). 

Information supplied on this application form, including personal information, may be published on the NDIS Provider Register pursuant to the Act and the Registration Rules. This includes, but is not limited to, information about the Applicant, the outcome of the application, and the reason for the decision. 

Information may still be published on the NDIS Provider register if the Application is not approved. Information about any compliance or enforcement activities relating to the Applicant and the provision of NDIS supports and services may also be published on the NDIS Provider Register. 

The NDIS Act authorises the collection, use and disclosure of protected Commission information in certain circumstances, including where this is for the purposes of the NDIS Act.

Protected Commission information contained on this application form will be disclosed as authorised under the Act, including to the National Disability Insurance Agency (the NDIA) for the purposes of: 

  • Notifying the NDIA of the outcome of the Application 
  • Establishing and maintaining the NDIS Provider finder; 
  • Providing the NDIA with the Applicant’s contact details in the event the NDIA needs to communicate with the Applicant;
  • Providing such information as is required for the NDIA to establish and maintain accurate payment records; and
  • Research and policy development in relation to the National Disability Insurance Scheme. 

The NDIS Commission may also use or disclose some or all of the protected Commission information collected from you for the purposes of performing the functions of the NDIS Commissioner under the NDIS Act such as the complaints function or functions in relation to the NDIS Worker Screening Database. This may include sharing such information with the Worker Screening Units in states and territories. 

If authorised by the NDIS Act, the NDIS Commission may also disclose some or all of the protected Commission information contained on this application form to other relevant parties, including other Commonwealth, state or territory agencies, regulatory bodies or professional associations. 

The NDIS Commission may disclose personal information to an overseas recipient to support certain NDIS Commission functions. 

Personal information obtained will only be used and disclosed for the purposes and in the circumstances outlined above and will not be used or disclosed without your consent for any other purpose or in other circumstances, except as authorised under the Privacy Act or where authorised or required by law, including by the NDIS Act. 

Personal Information obtained will be stored and held in accordance with the NDIS Commission’s obligations under the Privacy Act 1988 (Cth) and the Archives Act 1983 (Cth).

The NDIS Commission’s Privacy Policy contains information about how you may access and seek correction of your personal information and how you may complain about a breach of the APPs.