What is the difference between a reportable incident and an internal incident under the NDIS?

A reportable incident is one that falls into the specific categories defined in the NDIS (Incident Management and Reportable Incidents) Rules 2018 — such as participant death, serious injury, abuse, unlawful contact, or unauthorised restrictive practices. These must be notified to the NDIS Commission. An internal incident is any other unplanned event the provider manages within its own system without a mandatory Commission notification.

How long must NDIS providers keep reportable incident records?

NDIS providers must retain reportable incident records for a minimum of five years. Records must be stored in a format that is accessible and can be produced to the NDIS Commission on request. For SIL providers, this means ensuring records survive staff changeovers and system migrations.

Do I need to notify the participant's family when a reportable incident occurs in a SIL setting?

Yes, in most cases. Providers have a duty of care and an obligation under the NDIS Code of Conduct to be open and transparent with participants and, where relevant, their families or decision-makers. The timing and method of notification should be guided by the participant's communication needs and any relevant advance planning in their support plan.

What happens if my organisation misses the notification timeframe for a reportable incident?

Late notification is a breach of the NDIS (Incident Management and Reportable Incidents) Rules 2018 and may result in regulatory action by the NDIS Commission, including compliance notices, conditions on registration, or financial penalties. The Commission considers timeliness of notification as a key indicator of a provider's commitment to participant safety.

Does an unauthorised restrictive practice always need to be reported as a reportable incident?

Yes. The use of a regulated restrictive practice that is not authorised under the relevant state or territory law, or that is not consistent with the participant's behaviour support plan, is a reportable incident under the Rules. This applies regardless of whether any physical harm resulted.

Can a support worker complete a reportable incident record, or does it need to be a manager?

A support worker can and should record the initial factual account of what occurred. However, the investigation, determination of corrective actions, and Commission notification should involve a person with appropriate authority — typically a service manager or compliance lead. The final record must be reviewed and closed off by a designated manager.

Reportable Incident Record Example for NDIS

What Is a Reportable Incident Record?

Under the National Disability Insurance Scheme Act 2013 and the associated NDIS (Incident Management and Reportable Incidents) Rules 2018, registered NDIS providers are legally required to maintain an incident management system. Within that system, every reportable incident must be documented in a structured record that demonstrates the provider identified the incident, notified the NDIS Quality and Safeguards Commission within the required timeframes, and followed through with an appropriate investigation and response.

For SIL and other disability-support providers, these records are among the highest-scrutiny documents examined during an NDIS audit. A poorly completed record — or one that is missing entirely — is a straightforward non-conformance against the NDIS Practice Standards, Core Module 2 (Incident Management).

What Counts as a Reportable Incident?

Not every untoward event is a reportable incident. The NDIS Commission defines the following as reportable incidents when they occur in connection with the delivery of NDIS supports:

The death of an NDIS participant
Serious injury of a participant
Abuse or neglect of a participant
Unlawful sexual or physical contact with, or assault of, a participant
Sexual misconduct by a person carrying out work for the provider
The use of a restrictive practice that is not in accordance with a behaviour support plan or that is used without authorisation

SIL providers in particular should note that the use of an unauthorised restrictive practice is itself a reportable incident, even when no physical harm occurs. This is one of the most commonly missed triggers at audit.

Notification Timeframes

Providers must notify the NDIS Commission as soon as practicable, and no later than:

24 hours — for incidents involving the death of a participant or incidents that are currently under police investigation
5 days — for all other reportable incidents

Initial notification can be made through the myNDIS provider portal or by telephone. A follow-up written report must then be submitted within the required window.

Mandatory Fields in a Compliant Record

A compliant reportable incident record must capture, at minimum, the following information. Missing any of these fields is grounds for an auditor finding:

Unique incident reference number
Date and time the incident occurred
Date and time the incident was identified or reported to management
Location of the incident (address or site name)
Category of reportable incident (from the list defined in the Rules)
Full name of the participant(s) involved
NDIS participant number
Name(s) of support worker(s) or other persons involved or present
Factual description of what occurred — written in plain, objective language
Immediate actions taken (first aid, emergency services contacted, participant removed from risk)
Who was notified and when (participant, substitute decision-maker, family/guardian where applicable, NDIS Commission, police)
NDIS Commission notification reference number and date submitted
Investigation status and assigned investigator
Outcome of investigation and findings
Corrective or preventive actions implemented
Date record was closed and approved by designated manager

Realistic Filled-In Example

The following is a realistic sample record. All names, dates, and details are illustrative only and do not represent real individuals or events.

Field	Example Entry
Incident reference	INC-2026-0047
Date & time of incident	12 June 2026, 07:45 AM
Date & time identified	12 June 2026, 07:50 AM (by support worker on shift handover)
Location	42 Banksia Street, Reservoir VIC 3073 (SIL residence)
Incident category	Serious injury of a participant
Participant name	Jane S. (name withheld in this example per privacy practice)
NDIS participant number	43XXXXXXX
Staff involved	Support Worker: Michael T. (Employee ID SW-0219)
Description	Participant was found on the bathroom floor at 07:45 AM during morning handover. Support worker Michael T. observed participant sitting on the floor, alert and conscious, holding her right wrist. Participant stated she slipped getting out of the shower. Right wrist appeared swollen. Participant denied loss of consciousness.
Immediate actions	1. First aid applied (ice pack to wrist). 2. Ambulance called at 07:52 AM. 3. Participant transported to Northern Hospital at 08:20 AM. 4. On-call manager Lisa N. notified at 07:55 AM. 5. Participant's emergency contact (sister) notified at 08:10 AM.
NDIS Commission notification	Submitted via myNDIS portal 12 June 2026, 10:30 AM. Reference: NDISQ-2026-XXXXXX. Within 5-day window — serious injury category.
Police notification	Not applicable — incident assessed as accidental fall, no criminal element identified.
Investigation assigned to	Service Manager: Lisa N.
Investigation findings	Completed 19 June 2026. Bath mat in participant's shower was worn and had reduced grip. No non-slip mat was present on the shower floor outside the mat area. Hazard not identified during most recent home safety audit (conducted February 2026).
Corrective actions	1. Non-slip mat replaced same day (12 June). 2. Unannounced safety check of all 4 SIL residences completed by 16 June 2026. 3. Home safety audit checklist updated to include shower floor coverage check. 4. All SIL staff briefed at team meeting 17 June 2026. 5. Next scheduled audit brought forward to August 2026.
Record closed	20 June 2026, approved by Compliance Manager: Rachel W.

What Auditors Check — and Common Non-Conformances

When an approved quality auditor reviews your incident management system against the NDIS Practice Standards, they are looking for evidence that your system is functional, not just documented. Common non-conformances identified at SIL audits include:

Notification timeframes not met — the Commission submission date on the record shows a gap longer than permitted. Even by one day, this is a non-conformance.
No participant reference number recorded — particularly common when incidents are entered by support workers who do not have system access to participant files.
Corrective actions listed but not verified — the record states an action was taken, but there is no evidence of completion (no sign-off date, no photograph, no follow-up check).
Subjective or emotive language in the description — phrases like "the participant was being difficult" or "nothing bad happened" are red flags. Descriptions must be factual and objective.
Unauthorised restrictive practice not recognised as reportable — providers sometimes log a restrictive practice incident as an internal incident only and fail to notify the Commission.
Records not retained in accessible format — paper records in unsorted filing, or records stored in a system the provider can no longer access.

Strengthened Practice Standards — What Changes in 2026

The strengthened NDIS Practice Standards, which the Commission has been progressively implementing, place greater emphasis on a provider's ability to demonstrate systemic learning from incidents — not simply recording that they occurred. For SIL providers, this means your records should show a clear line from incident description through to investigation findings and, most importantly, to measurable corrective actions with verified completion dates. An auditor reviewing your system under the strengthened framework will ask: did this provider learn from this incident, and can they prove it?

Providers preparing for registration or re-registration in 2026 should ensure their incident register can be filtered by incident type, date range, location, and staff member to enable trend analysis. This is now an expected capability, not a bonus feature.

Practical Tips for SIL Providers

Use a digital incident register with mandatory fields — this prevents incomplete records being saved.
Build the NDIS Commission notification step directly into your incident response flowchart so it cannot be skipped.
Review your incident register monthly for patterns — repeated falls at the same address, or incidents involving the same staff member, warrant a deeper review before an auditor finds them first.
Debrief participants (with appropriate communication support) after incidents wherever safe and appropriate to do so — and document that you did.
Store closed records for at least five years and ensure they can be retrieved promptly if requested by the Commission.

If you are building or overhauling your incident management system ahead of a 2026 audit, the 74-document audit-ready SIL compliance kit available at ndiscompliant.com.au includes a pre-formatted reportable incident register, notification templates, investigation checklists, and all other Core and SIL module documentation you will need.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.