Is a verbal consent enough for NDIS supports, or does it need to be written?

Verbal consent is valid, but the NDIS Practice Standards require you to document how consent was given. Best practice is to record verbal consent in the participant's file immediately, noting the date, support type, and circumstances. Written or signed consent is preferred for personal care, restrictive practices, and information-sharing with third parties.

Can a participant's family member give consent on their behalf?

Not automatically. A participant should give consent themselves wherever possible. Family members can provide consent only if they hold a formal legal authority — such as guardianship, administration order, or a supported decision-making arrangement — and this must be documented. Defaulting to family without checking the participant's own preferences is a common audit non-conformance.

How often does a consent policy need to be reviewed?

The NDIS Commission does not specify a fixed interval, but standard practice is at least annually and whenever relevant legislation or the NDIS Practice Standards change. In practice, you should also trigger a review after any significant incident linked to a consented support, or when a participant's circumstances change materially.

What happens if a participant withdraws consent mid-support?

Staff must stop the support immediately, acknowledge the withdrawal without argument, and record it in the participant's file. A team leader should be notified promptly. If the withdrawal creates a safety risk, the provider's escalation and duty-of-care procedures apply. Continuing a support after withdrawal is a potential Code of Conduct breach and may be reportable to the NDIS Commission.

Does our consent policy need to cover restrictive practices separately?

Yes. Regulated restrictive practices require additional authorisation under the relevant state or territory legislation, as well as a Behaviour Support Plan from a registered Behaviour Support Practitioner. Your consent policy should cross-reference your restrictive practices policy rather than trying to cover both in a single document.

What does the 2026 strengthened NDIS registration framework change about consent requirements?

The strengthened framework increases scrutiny on genuine participant choice and control — auditors look beyond signed forms to evidence that participants understood what they agreed to and that staff actively support decision-making. Providers renewing registration from 2026 onwards should expect auditors to request staff training records and participant file samples as part of consent verification.

NDIS Consent Policy Example (Filled-In Sample)

Every registered NDIS provider — including SIL providers, specialist disability accommodation operators, and community support organisations — must demonstrate that they obtain informed consent before delivering supports. For auditors assessing compliance against the NDIS Practice Standards, a written consent policy is not optional; it is a foundational document that underpins a participant's right to make decisions about their own life.

Below you will find a realistic, filled-in consent policy sample that a SIL provider could adapt. Read the explanatory notes alongside it to understand what each element satisfies under the Practice Standards and the NDIS Code of Conduct.

What the NDIS Requires on Consent

The NDIS Practice Standards require providers to support participants to make their own decisions and to ensure that supports are only delivered with the participant's consent. Key obligations include:

Informed consent — participants must understand what they are agreeing to before consent is sought.
Ongoing consent — consent is not a one-time event; it must be revisited when circumstances, supports, or the participant's decision-making capacity changes.
Supported decision-making — providers must actively support participants to exercise their own decisions rather than defaulting to a guardian or family member wherever the participant can express a preference.
Documentation — evidence that consent was obtained and how it was given must be kept in a retrievable format.
Withdrawal — participants must be told they can withdraw consent at any time without penalty, and the process for doing so must be clear.

Under the strengthened framework taking effect from 2026, the NDIS Commission has placed greater emphasis on demonstrating genuine consent practices — not just signed forms — particularly for restrictive practices and personal care supports in SIL settings.

Filled-In Sample: Consent Policy (SIL Provider)

Policy Title	Consent to Supports Policy
Organisation	Bright Path Supported Living Pty Ltd
Version	3.1
Review Date	July 2027 (or sooner if legislation changes)
Policy Owner	Quality and Compliance Manager
Approved By	Chief Executive Officer

Purpose

This policy ensures that Bright Path Supported Living Pty Ltd obtains, records, and respects the informed consent of each participant before and during the delivery of any NDIS support. It reflects our obligations under the National Disability Insurance Scheme Act 2013, the NDIS Code of Conduct, and the NDIS Practice Standards.

Scope

This policy applies to all staff, contractors, and volunteers engaged by Bright Path Supported Living Pty Ltd who deliver supports to NDIS participants in SIL and community access settings.

Principles

Consent must be freely given — no coercion, manipulation, or undue pressure.
Consent must be informed — the participant understands the nature, purpose, risks, and alternatives of the support.
Consent must be specific — blanket consent forms do not satisfy this policy; each distinct support type is addressed separately.
Consent must be current — reviewed at each service review and any time a support changes materially.
Consent must be reversible — participants may withdraw at any time and staff will not respond punitively.

Types of Consent Covered

Personal care (showering, dressing, toileting)
Medication administration and health supports
Photographs and video recording
Sharing information with third parties (family, allied health, government agencies)
Use of assistive technology involving data collection
Regulated restrictive practices (where authorised under state/territory law)

How We Obtain Consent

At intake, the intake coordinator reviews this policy with the participant using plain language and, where relevant, visual aids or an Easy Read summary.
The participant's preferred communication method is recorded in their support plan (e.g., verbal, written, Auslan, AAC device).
Where a participant uses a supported decision-making arrangement, that arrangement is documented and the participant remains the primary consent-giver unless a legal guardian or administration order specifies otherwise.
Consent is documented in the participant's file using our Consent Record Form (Form QC-04). The form records: date, support type, who was present, how consent was communicated, and the staff member who witnessed it.
If a participant declines a support, the declination is recorded without judgement and the participant's right to reconsider is affirmed.

Ongoing and Renewed Consent

Consent is reviewed:

At each scheduled service review (minimum every twelve months)
When a new or materially different support is introduced
When the participant's communication needs, capacity, or living situation changes
Following any incident, complaint, or safeguarding concern linked to a consented support

Withdrawal of Consent

A participant may withdraw consent verbally or in writing at any time. Staff must:

Acknowledge the withdrawal calmly and without argument.
Record the withdrawal in the participant's file immediately, noting date, time, and circumstances.
Notify the team leader or on-call coordinator within two hours.
Arrange an alternative support approach or escalate to the Participant Experience team if withdrawal affects the participant's safety.

Restricted Practices — Additional Consent Requirements

Where a regulated restrictive practice has been authorised by the relevant state or territory body, Bright Path Supported Living Pty Ltd obtains additional documented consent from the participant and, where required by law, their authorised guardian. This is managed under our separate Behaviour Support and Restrictive Practices Policy (Policy QC-09) and must be consistent with any Behaviour Support Plan prepared by a registered Behaviour Support Practitioner.

Records and Storage

All consent records are stored in our participant management system under the participant's individual file. Records are retained for a minimum period consistent with the applicable state records legislation and NDIS Commission guidance, and are accessible to authorised staff only.

Breaches of This Policy

Any staff member who delivers a support without the participant's current consent, or who coerces or pressures a participant to consent, is in breach of the NDIS Code of Conduct. Suspected breaches are reported to the Quality and Compliance Manager and may result in disciplinary action and mandatory reporting to the NDIS Commission.

What Auditors Look For in Your Consent Policy

Approved quality auditors assessing against the NDIS Practice Standards will typically review:

Whether the policy distinguishes between different types of consent (not just a generic "I agree to receive services" clause).
Evidence that staff have been trained on the policy — training records, competency assessments, or sign-off sheets.
Completed consent forms in a sample of participant files, with clear evidence the form was explained in an accessible way.
A documented process for recording withdrawal of consent and what happens next.
Whether the policy cross-references restrictive practice authorisation processes where relevant.

Common non-conformances found in audits include: a single generic consent form with no support-type specificity; no process for participants with complex communication needs; consent forms signed only by a guardian when the participant could have participated; and no process for reviewing consent when a support changes.

Adapting This Sample for Your Organisation

To turn this sample into a compliant working policy:

Replace the sample organisation name, policy number, and review dates with your own details.
Tailor the list of consent types to the specific supports you deliver.
Reference your own form numbers and systems.
Ensure your Behaviour Support and Restrictive Practices policy is cross-referenced if you deliver supports involving regulated restrictive practices.
Have your policy reviewed by your Quality Manager or external compliance advisor before your next audit.
Train all relevant staff and retain signed acknowledgement records.

If you need a full suite of audit-ready documents — including consent, incident management, complaints, restrictive practices, and worker screening policies — the ndiscompliant.com.au 74-document SIL compliance kit provides pre-written, professionally formatted templates aligned to the current Practice Standards, designed for the 2026 mandatory registration round.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.