Safeguard your NDIS privacy obligations

An NDIS Privacy Policy explains how you collect personal information from your clients. You provide it to your clients so they understand what information you collect and how you’ll use it.

If you work in this area, it’s important to have an NDIS-specific Privacy Policy rather than a standard Privacy Policy. This is because there are additional requirements when collecting sensitive, health-related information. A standard Privacy Policy may not meet those requirements.

To help protect your business and make sure you’re collecting information lawfully, get in touch with our team.

An NDIS Privacy Policy sets out what personal information you collect, who you collect it from (for example, plan managers or support coordinators), and how that information will be used by you and/or disclosed to third parties. Our NDIS Provider Privacy Policies are consistent with the Australian Privacy Principles.

As part of this package, we’ll draft an NDIS Privacy Policy to suit your business requirements and help you meet your obligations under the Australian Privacy Principles.

You’ll also receive phone consultations with a Sprintlaw lawyer, who will take your instructions, advise you on the legal issues you need to know, and answer your questions about the document.

Please note that while we’ll provide general information about your compliance obligations, this package does not include comprehensive regulatory advice, including state or territory privacy or health industry regulations. In NSW, Victoria and the ACT, private sector health service providers must comply with both Australian and state or territory privacy laws when handling health information. While we can provide some high-level advice on this, it is not included in this package.

At Sprintlaw, we offer a fixed-fee package for your NDIS Privacy Policy. This means you’ll know exactly what you’re paying upfront, with no surprise bills. Our NDIS Privacy Policy packages start at $900 + GST.