Does every SIL provider need to be registered under Module 1 High Intensity to support medication?

Not necessarily. If your workers only prompt or remind participants to self-administer their own medication, Module 1 registration is not required. However, if workers physically administer medication — including injections, PEG feeds, or crushing tablets — Module 1 registration and associated staff competency requirements apply. Auditors will closely check which activities are actually occurring versus what your registration scope covers.

What is the difference between medication prompting and medication administration for NDIS purposes?

Prompting means reminding or cueing a participant who self-administers their own medication without worker physical involvement. Administration means a worker physically gives the medication to the participant, including placing it in their mouth, preparing an injection, or managing a feeding tube. The NDIS Practice Standards treat these as distinctly different activities with different registration, training, and documentation requirements.

When does PRN (as-needed) medication use become a restrictive practice under the NDIS?

A PRN medication — typically a sedating or psychotropic agent — becomes a restrictive practice when it is used with the primary purpose of influencing a participant's behaviour, rather than purely for therapeutic or pain-relief purposes. If the medication meets the definition of chemical restraint under the NDIS (Restrictive Practices and Behaviour Support) Rules 2018, it requires state or territory authorisation, a positive behaviour support plan, and timely reporting to the NDIS Commission.

What are the NDIS Commission's reportable incident timeframes for medication errors?

Under the NDIS (Incident Management and Reportable Incidents) Rules 2018, providers must lodge reportable incidents via the NDIS Commission Provider Portal within five business days of the incident being identified. Certain serious incidents may require a 24-hour notification. Not all medication errors are automatically reportable — your policy must define which error types meet the reporting threshold and how workers escalate them to the person responsible for lodging.

How often should a medication management policy be reviewed?

The NDIS Practice Standards require providers to maintain current, evidence-based policies. While there is no single mandated review frequency stated for medication policy specifically, best practice — and what auditors expect to see — is at minimum an annual review, plus a triggered review whenever there is a significant medication incident, a change in relevant legislation or Practice Standards, or a change in the organisation's scope of support delivery.

Can a Support Worker who has completed a Certificate III in Individual Support administer medications?

A Certificate III in Individual Support alone does not automatically confer medication administration competency for NDIS High Intensity purposes. The NDIS Practice Standards Evidence Guide specifies particular units of competency and/or employer-verified competency assessments for workers delivering high intensity supports including medication administration. Providers must confirm that each worker's training and competency verification meets the specific evidence requirements, not just a general qualification level.

NDIS medication management policy: what auditors look for

Why medication management is a high-risk audit focus area

Medication management sits at the intersection of participant safety, human rights, and provider governance — which is exactly why approved quality auditors treat it as a non-negotiable, evidence-heavy focus during NDIS registration and renewal audits. For SIL and disability support providers, a weak or missing medication management policy is one of the most common paths to a non-conformance finding under the NDIS Practice Standards.

The strengthened NDIS Practice Standards — progressively coming into effect under the reforms flowing from the Independent Review and the strengthened framework — increase the scrutiny on how providers demonstrate safe practice, not merely whether a policy document exists on a shelf. Auditors are now explicitly trained to distinguish between a policy that is genuinely embedded in day-to-day operations and one that was drafted only to pass the audit.

The exact Practice Standards modules auditors apply

Auditors assess medication management primarily against:

Module 1 — High Intensity Daily Activities (for registered providers delivering complex support needs including medication administration)
Core Module — Provision of Supports (participant outcomes, rights, dignity of risk)
Core Module — Support Provision Environment (governance, risk management, safe delivery systems)
Module 3 — Early Childhood Supports where relevant

Not every SIL provider must be registered under Module 1 High Intensity. However, if your workers administer medications — as opposed to merely prompting a participant to self-administer — Module 1 registration and the associated competency requirements apply. Auditors will check this distinction carefully and flag it as a non-conformance if you are administering without the correct registration scope.

What auditors examine: a step-by-step breakdown

1. Policy document completeness

The auditor will first call for your written medication management policy and cross-check it against a structured assessment framework. At minimum, a compliant policy must address:

Scope — which participant groups and support types it covers
Roles and responsibilities — who can prompt, who can administer, and who cannot
Consent processes — how informed consent is obtained and documented, including where a participant has a guardian or administrator
Prescriber authority — processes for confirming current, valid prescriptions before any medication is administered
Safe storage — requirements for temperature, security, and segregation of controlled substances
Medication Administration Records (MARs) — how they are completed, reviewed, and retained
Self-administration support — how staff support a participant's right to manage their own medications with dignity and without coercion
Competency requirements — minimum qualifications or training for staff who administer medication
Medication errors — definition, reporting pathway, and corrective action process
Refusal of medication — participant rights and documentation requirements
Review cycle — how often the policy is reviewed and who approves changes

2. Evidence of implementation

A written policy is not sufficient on its own. Auditors will request evidence records — typically a sample across multiple participants and multiple staff — to verify the policy is actually followed. Common evidence requests include:

Completed and signed MARs for recent months
Consent forms linked to the participant's current support plan
Copies of current prescriptions or medication authority documents on file
Staff training records confirming competency assessments for any worker who administers medication
Incident reports for any medication errors, including evidence of root cause analysis and corrective action
Records of medication audits or internal quality checks

3. Restrictive practice links

If any psychotropic medication is used in a way that meets the definition of a restrictive practice under the NDIS (Restrictive Practices and Behaviour Support) Rules 2018, the auditor will check that:

A positive behaviour support plan is in place
The practice is authorised under the relevant state or territory law
Reporting to the NDIS Commission via the provider portal has occurred within required timeframes
The medication is not being used as a chemical restraint without lawful authority

This is a critical non-conformance risk. Providers often underestimate how many medication scenarios cross into restrictive practice territory, particularly the use of PRN (as-needed) sedating medications.

4. Incident reporting alignment

Under the NDIS (Incident Management and Reportable Incidents) Rules 2018, certain medication errors are reportable incidents. Auditors check that your incident management system captures medication events, that staff know their reporting obligations, and that incidents have been lodged with the NDIS Commission where required. Missing or late incident reports are among the most frequently cited non-conformances during SIL audits.

5. Worker competency verification

For providers registered under Module 1 High Intensity supports, auditors will check that workers delivering medication administration hold the competencies specified in the NDIS Practice Standards Evidence Guide. Certificates of currency, employer-verified competency assessments, or evidence of completion of the relevant units of competency from the CHC Community Services training package may all be required depending on the support type. Generic "medication awareness" induction training does not satisfy this requirement for administration tasks.

Common non-conformances and how to close them

Non-conformance	Why it fails	The fix
Policy has no version date or review cycle	Auditors cannot confirm currency; policy may be years out of date	Add version control, an annual review clause, and a named review owner
MARs incomplete or unsigned	No evidence of actual administration or monitoring	Implement a monthly MAR audit and spot-check process; supervisor sign-off on completion
Consent forms missing or generic	Cannot demonstrate participant-specific informed consent	Use participant-specific consent linked to the support plan; update on prescription change
PRN medication administered without documented authority	Potential chemical restraint without lawful basis	Add a PRN authority section to your policy; require prescriber-written instructions on file
No medication error register	Cannot demonstrate systematic learning from errors	Create a dedicated medication error log; require root cause analysis for all errors
Worker training records absent or expired	Cannot verify competency for High Intensity supports	Maintain a training matrix with expiry dates; block shifts where currency has lapsed

What a compliant medication management policy looks like in practice

Below is a realistic excerpt illustrating the structure and language auditors expect. This is an example of the type of content a compliant policy should contain — not legal advice.

Policy excerpt — Medication Error Reporting

Any medication error — including administration of an incorrect dose, incorrect medication, incorrect route, incorrect time, or omission — must be reported to the Shift Supervisor immediately. The Supervisor is responsible for notifying the participant's prescriber and/or GP within [defined timeframe] and documenting the error in the Medication Administration Record. Where the error meets the definition of a reportable incident under the NDIS (Incident Management and Reportable Incidents) Rules 2018, the Operations Manager must lodge a report via the NDIS Commission Provider Portal within five business days of the incident being identified. A root cause analysis using the organisation's standard template must be completed within ten business days. Corrective actions are recorded in the Quality Register and reviewed at the next monthly governance meeting.

The key features auditors look for in an excerpt like this are: a clear trigger definition, named roles, specified timeframes, links to regulatory obligations, and a documented improvement loop.

Preparing your policy package before the audit

The most efficient way to prepare is to conduct your own internal pre-audit check against the Practice Standards Evidence Guide before an approved quality auditor arrives. Walk through each indicator in the medication management section and ask: can I produce documented evidence for this right now?

Providers who struggle most during audits are those who have a single-document policy without supporting procedures, forms, training records, and governance logs. Auditors are looking for a system, not a statement of intent.

If you are building or overhauling your documentation suite, the 74-document audit-ready SIL compliance kit available at ndiscompliant.com.au includes a pre-built medication management policy, MAR templates, consent forms, a medication error register, and the staff competency matrix — designed specifically to meet NDIS Commission audit expectations for SIL providers.

Key takeaway for 2026 and beyond

As the strengthened Practice Standards continue to embed more prescriptive evidence requirements, the bar for medication management documentation will only rise. Providers who treat their policy as a living governance document — reviewed regularly, supported by training records and quality audits, and deeply familiar to all staff — will be far better positioned than those who treat it as a compliance checkbox. Start closing your gaps now, before your next audit window opens.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.