Do new NDIS providers need a restrictive practices policy even if they don't plan to use restraints?

Yes. If you support participants who may have behaviour support plans or if there is any possibility of a restrictive practice being used — including in an emergency — you must have a compliant policy in place before you deliver supports. The NDIS Commission expects this policy to be implemented, not just written.

What is the difference between an authorised and an unauthorised use of a restrictive practice?

An authorised use is one that has been approved by the relevant state or territory authority and is documented in the participant's Behaviour Support Plan. An unauthorised use occurs when a restrictive practice is applied without that approval — for example, in an emergency. Both must be reported as NDIS reportable incidents, but an unauthorised use requires urgent reporting and immediate internal review.

Who can develop a Behaviour Support Plan under the NDIS?

Only a provider registered with the NDIS Commission specifically for the Specialist Behaviour Support registration group can develop a Behaviour Support Plan. Your organisation as a SIL or disability support provider implements the plan — you cannot write it yourself unless you hold that specific registration.

How often does a restrictive practices policy need to be reviewed?

At minimum, annually. Your policy should also be reviewed following any critical incident involving a restrictive practice, following changes to state or territory authorisation requirements, and whenever the NDIS Commission updates relevant Practice Standards or Rules.

What happens if the NDIS Commission finds my restrictive practices policy non-compliant at audit?

Non-conformances can result in a corrective action plan with a defined timeframe for rectification, conditions placed on your registration, or — for serious or repeated failures — compliance notices or enforceable undertakings. New providers may have their registration refused or granted with conditions until non-conformances are resolved.

Does environmental restraint include locking doors in a SIL home?

It can. If a door is locked in a way that restricts a participant's freedom of movement for reasons related to managing their behaviour (rather than a legitimate safety reason applying equally to all residents), it is likely to be classified as environmental restraint and require authorisation. This is one of the most commonly misunderstood categories for SIL providers and should be explicitly addressed in your policy.

NDIS Restrictive Practices Policy Checklist for New Providers

Why New Providers Must Get This Right From Day One

If your organisation intends to use regulated restrictive practices — or if you support people who already have behaviour support plans in place — you are legally required to have compliant policies and procedures before you begin delivering supports. The NDIS Commission can issue compliance notices, impose conditions on registration, or take enforceable undertakings against providers who fail to meet these obligations. For new providers entering the 2026 mandatory registration cohort, getting your restrictive practices framework right at the start is far less costly than remediating it after an audit.

This checklist covers every element an approved quality auditor will look for when reviewing your restrictive practices policy. Work through it systematically before your initial audit.

The Five Regulated Restrictive Practices

Your policy must explicitly address all five categories of regulated restrictive practices as defined under the NDIS (Restrictive Practices and Behaviour Support) Rules 2018:

Seclusion — confining a person alone in a space they cannot freely leave
Chemical restraint — using medication to influence behaviour (excluding medication prescribed for a diagnosed condition for therapeutic purposes)
Mechanical restraint — using a device to restrict movement
Physical restraint — using bodily force to restrict movement or mobility
Environmental restraint — restricting access to parts of an environment or to items or activities

A policy that covers only some of these categories will not satisfy audit requirements. Even if you do not currently use a particular type, your policy must state your approach to each one, including that it will not be used without proper authorisation.

Complete Restrictive Practices Policy Checklist

1. Policy Framework and Purpose

Policy statement affirming commitment to eliminating, or at minimum reducing, the use of restrictive practices
Statement of the provider's obligation to act consistently with the NDIS Practice Standards (particularly the Behaviour Support Standard)
Reference to the NDIS (Restrictive Practices and Behaviour Support) Rules 2018
Scope — specifying which service types, settings, and worker roles the policy applies to
Review cycle (minimum annual, or following a critical incident involving a restrictive practice)

2. Positive Behaviour Support as the Foundation

Statement that restrictive practices are only considered after positive behaviour support strategies have been assessed and, where applicable, implemented
Reference to the requirement for a Behaviour Support Plan (BSP) developed by an NDIS-registered Specialist Behaviour Support provider
Procedure for engaging a Specialist Behaviour Support provider when a participant requires a BSP or when a plan needs review
Process for reviewing and implementing the strategies in an existing BSP before applying any restriction

3. Authorisation Obligations

Clear statement that no regulated restrictive practice may be used without prior authorisation from the relevant state or territory authority (authorisation requirements vary by jurisdiction — your policy must name the correct authority for each state or territory in which you operate)
Procedure for obtaining and maintaining evidence of authorisation (copies of approvals, expiry dates, conditions)
Process for ensuring the BSP includes the authorised practice before it is implemented by support workers
Statement that emergency use of a restrictive practice (where no authorisation exists) must be reported as an NDIS reportable incident and must trigger an immediate review

4. Prohibited Practices

Explicit list of practices that are strictly prohibited under any circumstances, consistent with the NDIS Code of Conduct and Practice Standards — for example, practices involving aversive stimulation, deliberate pain, or withholding food or water
Statement that chemical restraint for the purpose of behaviour management cannot be initiated by the provider and must not be administered without valid prescription and authorisation

5. Incident Reporting Requirements

Procedure for reporting every use of a regulated restrictive practice as an NDIS reportable incident to the NDIS Commission within the required timeframe
Distinction between use of an authorised practice (still a reportable incident) and use of an unauthorised or unanticipated practice (which requires urgent reporting)
Internal escalation pathway — who is notified within the organisation and within what timeframe
Requirement to notify the participant and, where appropriate, their authorised representative following any use of a restrictive practice
Process for conducting a post-incident review and feeding outcomes back into the BSP or support plan

6. Record-Keeping Requirements

Requirement to document every instance of a regulated restrictive practice, including: the type used, the duration, the behaviour that prompted the response, the worker(s) involved, and the participant's response
Storage of authorisation documents, BSPs, and incident records in a secure, accessible system
Retention period consistent with NDIS Commission requirements and applicable state laws
Process for making records available to the NDIS Commission upon request

7. Staff Training and Competency

Requirement that all workers who may be present when a regulated restrictive practice is used have completed approved training prior to commencing this role
Reference to the NDIS Commission's requirements for training in positive behaviour support and restrictive practices
A training register recording completion dates, provider, and expiry for each worker
Requirement for refresher training at a defined frequency (at a minimum aligned with any conditions in state/territory authorisation)
Procedure for workers new to a role — ensuring they are not placed in situations requiring restrictive practice use before completing required training

8. Participant Rights and Dignity

Statement that the use of restrictive practices must always uphold the participant's dignity and be the least restrictive option available given the circumstances
Procedure for obtaining and documenting the participant's (and/or their decision-maker's) input into behaviour support planning
Process for supporting a participant to make a complaint if they believe a restrictive practice has been used inappropriately

9. Governance and Oversight

Named role(s) with responsibility for overseeing compliance with this policy (typically a Quality and Safeguarding lead or equivalent)
Schedule for internal audits of restrictive practice records against authorisations and BSPs
Process for reporting aggregate restrictive practice data to the NDIS Commission as required under the Rules
Board or executive-level review mechanism — confirmation that leadership receives regular updates on restrictive practice use and trends

Common Gaps Auditors Find in New Provider Policies

Common Gap	What Auditors Expect Instead
Policy covers only physical restraint	All five regulated types addressed individually
No reference to state/territory authorisation bodies	Named authority for each operating jurisdiction
Training requirements listed but no training register	Live register with worker names, dates, and evidence
Incident reporting procedure vague ("report to management")	Specific timeframes and NDIS Commission portal reporting steps
No process for emergency use without authorisation	Explicit procedure including mandatory immediate reporting

Linking Your Policy to Your Broader Document Suite

Your restrictive practices policy does not stand alone. Auditors will cross-reference it against your Behaviour Support policy, your Incident Management policy, your Complaints Management policy, and your individual participant records. Inconsistencies between documents — for example, a policy promising a 24-hour internal notification timeframe but incident records showing a 72-hour delay — will generate a non-conformance finding even if each individual document looks sound.

New providers often underestimate the volume of interdependent documentation required to pass an initial registration audit. If you are building your compliance framework from scratch, the 74-document audit-ready SIL compliance kit available at ndiscompliant.com.au includes a pre-built restrictive practices policy, aligned incident and complaints templates, and a behaviour support procedure that cross-references correctly across the full document suite — reducing the time needed to achieve audit-ready status significantly.

Keeping Your Policy Current Under the Strengthened Framework

The strengthened NDIS Practice Standards, which apply to new registrations from 2026, place additional emphasis on participant outcomes, evidence of genuine implementation, and worker competency verification. A policy document that has not been reviewed since initial registration will not satisfy these requirements. Build your review cycle into your quality management calendar, and ensure that any changes to state or territory authorisation requirements are reflected in your policy within a defined timeframe after those changes take effect.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.