As an NDIS Support Coordinator, protecting participant privacy and confidentiality is
essential. Participants have the right to control what information is shared and with whom.
Always follow your comapnies consent and privacy policy to maintain trust and ensure
compliance with the NDIS Code of Conduct and Privacy Act 1988 (Cth).
Key Principles of Consent & Privacy
Never Share Information Without Consent
Always obtain informed consent before sharing participant details with
providers, services, or other stakeholders.
Is There a Signed Consent Form on File?
Ensure a current signed consent form is in place before disclosing any participant information. Regularly review consent forms, as preferences may change over time.
Have You Confirmed What Can & Can’t Be Shared?
Discuss with the participant what information they are comfortable sharing and what they want to keep private. Example: Some participants may not want their full history shared with providers—only relevant details.
Limit Information to What is Necessary
Only provide relevant details that providers need to deliver services. Never disclose full NDIS plans, funding details, or sensitive personal data unless the participant has explicitly agreed.
AI & Digital Privacy – Critical Safeguards
Never Upload Participant Data to AI Systems
Do not enter participant details, NDIS numbers, or any identifying information into AI tools.
Always de-identify information before using AI for administrative tasks.
Using AI in Meetings?
Obtain Consent
If using AI tools for case notes or meeting records, you must:
- Inform the participant and explain how AI is being used.
- Obtain verbal or written consent before proceeding.
- Ensure the information is securely stored and complies with privacy laws.
Breaches of Privacy – What to Avoid
Sharing participant information without consent (even with good intentions).
Discussing participant details in public spaces where others may overhear.
Leaving physical or digital files unsecured.
Sending emails with participant details to the wrong recipient (always double-check!).
Storing personal information on personal devices.
Remember: Privacy breaches can lead to serious consequences
Best Practices for Support Coordinators
Always obtain informed consent before sharing any information.
Regularly review participant privacy preferences.
Store everything in our CRM only
When in doubt, check with the participant or our privacy policy.
By following these guidelines, you ensure ethical, legal, and professional
support coordination while empowering participants with choice and
control over their information.