Is a consent policy required for NDIS registration in 2026?

Yes. Registered NDIS providers must demonstrate compliance with the NDIS Practice Standards, which require documented processes for obtaining and managing participant consent. A standalone consent policy — or equivalent embedded procedures — is expected as part of your quality management system and will be assessed during certification and verification audits.

What is the difference between supported decision-making and substitute decision-making in an NDIS consent policy?

Supported decision-making means assisting a participant to understand information and make their own decision — for example, through plain language, a support person, or extra time. Substitute decision-making applies where a legally appointed guardian or administrator makes decisions on behalf of a participant. Your policy must address both and default to supported decision-making wherever possible, as the NDIS Act and Practice Standards prioritise participant autonomy.

How often should an NDIS consent policy be reviewed?

At minimum, annually. You should also trigger a review whenever the NDIS Commission updates relevant Practice Standards or guidance, when an incident reveals a gap in your consent processes, or when a participant's communication or decision-making needs change significantly. Document the review date and any changes made.

Does our consent policy need to cover restrictive practices separately?

Yes. Consent for regulated restrictive practices is governed by specific requirements under the NDIS (Restrictive Practices and Behaviour Support) Rules and must be documented separately from general service consent. Your policy should reference your behaviour support policy and the separate consent process required for each regulated practice, including the involvement of an NDIS behaviour support practitioner.

Can a participant verbally withdraw consent, or does it need to be in writing?

Verbal withdrawal must be respected immediately — you cannot require written notice before acting on a participant's withdrawal of consent. However, your policy should require staff to document the withdrawal in writing as soon as practicable, noting the date, what was withdrawn, and any actions taken in response.

What accessible formats should a SIL provider offer for consent documentation?

At minimum, providers should offer plain English versions, Easy Read documents for participants with intellectual disability, and verbal explanations with the option to have a support person present. Depending on your participant cohort, you may also need translated documents, large print, or Auslan interpretation. The key test is whether the participant genuinely understood what they consented to.

How to Write an NDIS Consent Policy (2026 Template + Example)

Why a Consent Policy Is Non-Negotiable in 2026

Consent sits at the centre of rights-based support delivery. The NDIS Practice Standards require registered providers to demonstrate that participants give genuine, informed, and voluntary consent before services begin and at every significant decision point throughout the relationship. The strengthened framework introduced under the NDIS Amendment (Strengthening Quality and Safeguards) changes, which took effect progressively from 2024 into 2026, places increased weight on participant autonomy, supported decision-making, and documented evidence that providers have respected both.

For SIL providers in particular, where participants may have complex communication needs or limited decision-making capacity, a robust consent policy is both a compliance requirement and a practical tool for safeguarding participants from abuse, neglect, and exploitation.

Quality auditors reviewing your documentation against the NDIS Practice Standards — specifically the Core Module on Rights and Responsibilities and the High Intensity Supports Module — will expect your consent policy to be current, accessible, and operationally embedded in your intake and ongoing support processes.

What Must Your Consent Policy Cover?

A compliant NDIS consent policy should address all of the following elements:

Definition of informed consent: What constitutes valid consent — voluntary, informed, specific, and capable of being withdrawn.
Scope: Which situations require consent (initial service agreement, sharing personal information, use of photographs, restrictive practices, incident reporting, health and medical decisions).
Supported decision-making: How staff assist participants who require support to understand information and make decisions, consistent with the NDIS Act 2013 and the UN Convention on the Rights of Persons with Disabilities.
Substitute decision-makers: When a guardian, administrator, or nominee is involved, and how their authority is verified and documented.
Accessible formats: How you provide information in plain language, Easy Read, Auslan, or other formats to ensure participants can genuinely understand what they are consenting to.
Recording and storage: How consent is documented, where records are kept, and the retention period in line with your state or territory legislation and the NDIS Commission's requirements.
Withdrawal of consent: The participant's right to withdraw consent at any time without disadvantage, and how your organisation responds.
Review cycle: How often consent is revisited (at minimum at each plan review or when circumstances change).
Staff responsibilities and training: Who is accountable for obtaining consent, and what training is required.
Complaints: How participants can raise a concern if they feel their consent has not been respected, including referral to the NDIS Commission.

Step-by-Step: How to Write Your Consent Policy

Map every consent trigger in your service. Walk through your entire participant journey — referral, intake, service agreement signing, goal reviews, incident reporting, photo consent, information sharing with families or allied health, and any use of regulated restrictive practices. List every point where a decision is made that affects the participant.
Draft your consent procedure for each trigger. For each situation, write a short procedure: who explains the decision to the participant, what information must be provided, how understanding is checked, and how the consent is recorded.
Address supported decision-making explicitly. The strengthened Practice Standards require providers to actively support participants to make their own decisions rather than defaulting to substituted decision-making. Include a section explaining how staff identify a participant's decision-making support needs and what adjustments they make.
Write your withdrawal clause. Make it unconditional and plain in language. The participant can withdraw consent at any time without needing to give a reason, and no service will be withheld as a consequence.
Define accessible format options. List the formats you have available (Easy Read, large print, translated documents, verbal explanation with a support person present, etc.) and include a process for participants to request an alternative format.
Set your record-keeping standard. Specify that signed consent forms are stored in the participant's file within your case management system, with the date, the name of the staff member who witnessed consent, and notes on any supported decision-making adjustments made.
Assign ownership and set a review date. Every policy needs a named role responsible for its maintenance and a scheduled review date — annually as a minimum, or sooner if NDIS Commission guidance changes.
Have it reviewed by someone with lived experience. Best practice — and increasingly expected under the Quality Indicator framework — is to have at least one participant or self-advocate review the policy for clarity and rights-alignment before it is finalised.

Template Structure: Key Sections at a Glance

Section	What to Include
Purpose	Why the policy exists; reference to NDIS Practice Standards and NDIS Act 2013
Scope	Which services, staff, and participant groups this policy applies to
Definitions	Informed consent, supported decision-making, substitute decision-maker, withdrawal
Procedure	Step-by-step for each consent trigger; accessible format process; recording standard
Roles and Responsibilities	Support workers, team leaders, coordinators, management
Record Keeping	Where, how long, and who can access consent records
Review and Monitoring	Annual review cycle; triggers for earlier review; participant feedback mechanism
Related Documents	Service Agreement template, Privacy Policy, Complaints Policy, Restrictive Practices Policy

Example Policy Clause: Informed Consent for Service Delivery

The following is a realistic example clause you can adapt. Customise the bracketed fields to match your organisation's name and processes.

4.1 Obtaining Informed Consent at Intake

Before [Organisation Name] commences any funded support, the Support Coordinator or Intake Officer will meet with the participant (and their nominee or substitute decision-maker where applicable) to explain:

the nature of the supports to be provided;

any risks or alternative options the participant should be aware of;

the participant's right to ask questions and take time to decide; and

the participant's right to withdraw consent at any time without penalty.

This explanation will be provided in the participant's preferred communication format. Where a participant requires support to understand the information, a support person nominated by the participant may assist. Where a statutory substitute decision-maker holds authority, [Organisation Name] will verify that authority before seeking consent.

Consent will be recorded on the Participant Consent Form (Form CON-001) and filed in the participant's electronic record within one business day. The form records the date, the decision made, the name of the staff member present, and any communication adjustments made.

Consent is specific and does not imply agreement to future decisions. Consent for each new significant decision will be sought separately in accordance with this policy.

Common Gaps That Auditors Flag

When quality auditors assess consent policies against the NDIS Practice Standards, the most frequent non-conformances include:

Consent forms that are signed at intake and never revisited, with no process for ongoing or renewed consent.
No documented procedure for participants who have fluctuating decision-making capacity.
Accessible format options listed in the policy but no evidence they are actually available or used.
Lack of clarity about what happens when a participant withdraws consent — particularly for SIL participants whose housing may be linked to the service.
Restrictive practices documented without separate, specific consent processes as required under the behaviour support framework.
No link between the consent policy and the privacy and information sharing policy, creating gaps in how third-party sharing is authorised.

Keeping Your Policy Audit-Ready in 2026

With mandatory registration timelines tightening and the NDIS Commission increasing its scrutiny of documentation quality, providers should treat their consent policy not as a static document but as a living instrument. Schedule a policy review at each participant's plan review, whenever NDIS Commission guidance updates, and at least annually across the organisation.

If you are preparing a full SIL compliance documentation suite, ndiscompliant.com.au offers a 74-document audit-ready kit that includes consent policy templates, staff training checklists, and all related forms aligned to the current NDIS Practice Standards — a practical starting point for providers building their document library from scratch or closing gaps before an audit.

The most important test for any consent policy is whether your frontline staff can actually follow it in practice and whether participants genuinely understand what they are agreeing to. Policy language and procedure must match what happens on the ground — auditors will interview staff and participants, not just read the document.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.