Does a worker screening policy need to be a separate document, or can it be part of an HR policy?

Either approach is acceptable provided the content is comprehensive. Many providers embed worker screening within a broader HR or workforce management policy. What matters to quality auditors is that the relevant requirements — risk-assessed role definitions, pre-engagement verification, ongoing monitoring, and non-compliance response — are clearly articulated and findable, not where they sit in the document structure.

We use a lot of agency and labour-hire staff. Does our screening policy need to cover them?

Yes. You remain responsible for ensuring that any worker you engage in a risk-assessed role holds a valid NDIS Worker Screening Check, regardless of who employs them. Your policy should address how you verify and record agency and labour-hire workers' clearance status before they commence work with participants — you cannot simply rely on the labour-hire agency's assurance without your own verification step.

What should we do if a worker's clearance is withdrawn or expires while they are employed?

Your policy must require the worker to be stood down from all risk-assessed duties immediately upon becoming aware of an expired or withdrawn clearance. They must not work in a risk-assessed role until a new valid clearance is in place. Document the date you became aware, the action taken, and when the issue was resolved. Failing to act promptly exposes the organisation to enforcement action.

How long do we need to keep worker screening records?

The NDIS Practice Standards require providers to maintain records sufficient to demonstrate compliance. While the standards do not prescribe a specific retention period for screening records, a commonly applied benchmark is seven years from the date of the worker's departure, consistent with general employment record obligations. Your policy should state your chosen retention period and the storage and access controls that apply.

Are volunteers required to have an NDIS Worker Screening Check?

Volunteers who provide supports or services directly to NDIS participants and have more than incidental contact with them are generally in a risk-assessed role and are subject to the same screening requirements as paid workers. Your policy should address how you assess volunteer roles and manage their screening, including the pre-engagement verification step.

Will the 2026 strengthened Practice Standards change our existing worker screening policy?

The strengthened Practice Standards place greater emphasis on provider governance, workforce oversight, and demonstrable implementation — not just documented intent. Providers should review their worker screening policy against any updated quality indicators published by the NDIS Commission prior to their next audit. Key areas likely to receive closer scrutiny include ongoing monitoring processes and how management is alerted to clearance changes in real time.

Do you need an NDIS worker screening policy? Provider requirements

Who needs an NDIS worker screening policy?

If your organisation is a registered NDIS provider, you are required to have documented processes for managing worker screening. This is not optional. The NDIS Practice Standards — reinforced under the strengthened 2026 framework — place a specific governance obligation on providers to ensure that every worker engaged in a risk-assessed role holds a valid NDIS Worker Screening Check (or an equivalent state/territory clearance that meets the national worker screening framework).

The obligation extends beyond your directly employed workforce. It applies to:

Permanent and casual employees
Contractors and subcontractors engaged to deliver NDIS supports
Labour hire workers placed in risk-assessed roles
Volunteers who provide supports directly to NDIS participants
Key personnel as defined under the NDIS Act

Unregistered providers delivering lower-risk supports through plan-managed or self-managed arrangements are not subject to registration obligations, but they remain bound by the NDIS Code of Conduct and participants retain the right to request screening status. Having a policy even as an unregistered provider signals seriousness about safeguarding.

What is a risk-assessed role?

A risk-assessed role is any position in which a worker delivers NDIS supports or services and has, or is likely to have, more than incidental contact with a person with disability. The NDIS Commission guidance identifies roles that involve direct delivery of supports — including personal care, behaviour support, SIL accommodation, and supports for children — as risk-assessed by default. Back-office roles with no participant contact are generally not risk-assessed, though providers should apply a documented assessment process to make that determination rather than assuming.

For SIL providers specifically, virtually every support worker, team leader, and house coordinator will fall into a risk-assessed role. This means screening requirements are pervasive across the workforce, making a robust written policy even more critical.

What the NDIS Practice Standards require

The NDIS Practice Standards (Quality Indicators) set out what a provider must demonstrate to achieve and maintain registration. The worker screening obligation sits primarily within the Human Resources standard and is cross-referenced through the Governance and Operational Management standard.

Quality auditors assess whether a provider can demonstrate all of the following:

A documented policy that clearly states which roles are risk-assessed and why
Processes to verify and record the screening status of every worker in a risk-assessed role before they commence work with participants
A system for monitoring ongoing clearance status, including managing expiry dates and acting on clearance withdrawals
Clear accountabilities — who in the organisation is responsible for compliance with screening requirements
Processes for managing situations where a worker's clearance lapses, is under review, or is refused
Record-keeping practices that satisfy privacy obligations while enabling audit evidence

Under the strengthened 2026 Practice Standards, the NDIS Commission has signalled a sharper focus on provider governance — including workforce governance. Providers can expect quality auditors to probe not just whether a policy exists, but whether it is implemented, understood by managers, and reflected in actual records.

What your worker screening policy must include

While the NDIS Commission does not mandate a single template, an audit-ready worker screening policy should cover the following elements as a minimum:

Purpose and scope: State that the policy applies to all workers in risk-assessed roles and reference the governing legislation (National Disability Insurance Scheme Act 2013, NDIS (Worker Checks) Act in your state/territory).
Definition of risk-assessed roles: List or describe which positions in your organisation are risk-assessed, and how that determination is made for new roles.
Pre-engagement verification: Explain the step-by-step process for checking and recording clearance status before a worker begins delivering supports — including what documentation is obtained and where it is stored.
Ongoing monitoring: Describe how the organisation tracks expiry dates, receives notifications of clearance changes, and responds promptly when a clearance is withdrawn or suspended.
Roles and responsibilities: Identify who is accountable for maintaining records, reviewing worker status, and escalating concerns (typically a HR manager, compliance lead, or operations manager).
Non-compliance and risk management: Specify what happens when a worker cannot produce evidence of a current clearance — including the requirement to stand the worker down from risk-assessed duties immediately.
Record-keeping and privacy: State how long records are retained, who may access them, and how the organisation complies with the Privacy Act 1988 when handling sensitive screening information.
Policy review: Commit to a review cycle (at minimum annually, or when legislation or the Practice Standards change).

Consequences of not having a compliant policy

The consequences of inadequate worker screening practices — and the absence of a written policy to govern them — are serious:

Non-conformance at audit: Quality auditors will record a non-conformance against the Human Resources standard, which can jeopardise registration renewal or trigger a mid-term audit.
NDIS Commission enforcement action: The Commission has broad powers to issue compliance notices, banning orders, and civil penalties where providers demonstrate systemic failures in safeguarding.
Criminal liability: Engaging a worker in a risk-assessed role without a current clearance is an offence under the worker screening framework, with penalties that apply to both the provider and, in some circumstances, individual managers.
Harm to participants: Beyond regulatory risk, inadequate screening creates direct safeguarding risk for the people your organisation supports — an unacceptable outcome that sits at the heart of why the framework exists.
Reputational damage: Incidents linked to inadequate screening attract public attention and can affect participant trust, referral relationships, and staff confidence in the organisation.

Practical steps to bring your policy into compliance

If your organisation does not yet have a worker screening policy, or has one that has not been reviewed recently, the following steps will help you get audit-ready:

Audit your current workforce records. Pull a list of every person delivering NDIS supports and confirm which are in risk-assessed roles. Cross-reference against your screening register to identify gaps.
Map your roles formally. Document the risk-assessed role determination for each position. For SIL providers, this mapping is usually straightforward but must be on paper.
Draft or update your policy document. Use the elements listed above as your structure. The policy should be written in plain language so that team leaders and support workers can understand their obligations, not just HR managers.
Build a live screening register. A spreadsheet or HRIS field that captures worker name, role, clearance number, clearance state, and expiry date — reviewed at least monthly — satisfies auditor expectations for ongoing monitoring.
Communicate the policy to your workforce. Include it in onboarding, link to it in your employee handbook, and ensure team leaders can explain the pre-engagement verification step in their own words.
Schedule a review date. Add the policy review to your compliance calendar, particularly in the lead-up to any scheduled audit or when the Practice Standards are updated.

How this fits your broader compliance picture

Worker screening does not sit in isolation. It is one element of a layered safeguarding framework that includes your Code of Conduct implementation, incident management system, complaints process, and — for SIL providers — your restrictive practices authorisation arrangements. Quality auditors assess the coherence of the whole system, not individual documents in a vacuum.

For providers building out their documentation suite from scratch or preparing for a strengthened-standards audit cycle, ndiscompliant.com.au offers a 74-document audit-ready SIL compliance kit that includes a worker screening policy template aligned to the current Practice Standards — which may save considerable time compared to drafting from a blank page.

Whether you use a template or build your policy in-house, the most important thing is that the document reflects your actual practice — not a generic aspirational statement that auditors will quickly see through when they speak to your support workers on the floor.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.