Decorative illustration

How to Audit-proof Your NDIS Business

minute READ

If the word ‘audit’ brings a shiver down your spine, you’re not alone. NDIS audits can cost NDIS providers thousands of dollars and distract from your daily operation. 

Though inevitable, it’s an all-too common scenario that NDIS providers find themselves unprepared for audits. Staff are pulled from their regular duties to dig out NDIS invoicing and compliance information, eating up hours you can’t bill for. 

With the frequency of audits, there has to be a more sustainable alternative. 

Imagine how many hours you would save if your records never fell out of date? If compliance was baked into every action within your operation, so that vital data came from a single source and was traceable to every customer? If you could get the full history of incidents and reports, even long after an employee has moved on? 

Your business would become audit-proof. 

Download The NDIS Audit Checklist to take the first steps.

Even careful organisations can get tripped up by NDIS audits 

There’s a myriad of documentation that needs to be collected daily to maintain compliance on the NDIS. Audits need regular evidence of compliance across everything from NDIS invoicing and billing to incident reports, team member qualifications and proof of service delivery. 

You can’t pass or fail an audit per se, but there are consequences for not being able to produce the right evidence that appropriate procedures have been followed. Each audit assigns a rating between 3 - 0, as follows:

NDIS Audit Rating 3: You’ve demonstrated that your organisation goes above and beyond, not only delivering services to the minimum requirements under NDIS compliance standards, but also implementing innovations for timely and beneficial service delivery. 

NDIS Audit Rating 2: You can clearly demonstrate evidence of undertaking proper NDIS compliance procedures. 

NDIS Audit Rating 1: You can produce some evidence of correct NDIS policy and procedure implementation, but lack the appropriate documentation to back it up. You will need to take action to rectify a rating of 1. 

NDIS Audit Rating 0: While this looks like a ‘fail’ rating, what it means is that you weren’t able to show the appropriate preparation, quality assurance or implementation of NDIS policies and procedures. You will need to take urgent action to rectify this as multiple 0 ratings can lead to de-registration. 

The important thing to note is that even careful and compliant NDIS providers can still get a 0 rating. Not because of any wrongdoing, but because you couldn’t provide the evidence required to show that things were done correctly. 

An example of non-compliance: Incident reporting

Imagine this scenario: An accident has occurred on-site at a day program resulting in an injury to both team member and customer. This is a stressful event for the person delivering services and as a result, they don’t record any information about the incident in the moments following. When they finally complete the report at the end of the day, they sift through their end of day documents to find their generic incident form and finish it in the 30 mins of time allocated for all their admin after a shift ends. 

Ultimately it is rushed, subjective and not detailed enough. Months later, come audit time, the customer has a demonstrated record of similar incidents that are flagged during an audit. Staff are now scrambling to piece together information and your organisation receives a non-conformity score. Despite your procedures and process, lack of time, too much admin burden and lack of focus means that you aren’t able to provide evidence that you are able to implement best practice processes.

How then, do you turn a scenario like this around? To become truly audit-proof, acing reviews with scores of 2-3 every time, compliance can’t be an afterthought. It needs to be second nature for everyone to record the data you need, no matter what the situation. The key to making this happen is for the process to be so simple that it fits seamlessly into your day — better than any existing manual processes ever could.

How to become an audit-proof organisation 

To end the stress of audits, you need to be bullet-proof in your preparation. That doesn’t mean spending hours or weeks getting ready either — just the opposite. It’s about having the right tools and documentation at your disposal. When you can call up all the necessary information (that is both accurate and traceable) in an instant, compliance is a piece of cake. 

Unfortunately, the burden of proof for NDIS compliance often falls to casual frontline support workers. They’re time-poor and out of the office for the majority of the time. Without the right tools, they have to record notes after their shifts or spend hours at the end of the week playing catch-up, leaving huge gaps in your data. When staff members leave, this information is often lost too, with other team members unsure where documents have been saved (if at all). 

Where you need to get organised ahead of time is putting the right NDIS software and processes in place, so that your data never falls out of sync. 

This means:

  • Making it simple for frontline workers to record information. From customer notes to incident reports, this should be done in the moment, not taking hours on top of their day job.
  • Always-accurate invoicing that is informed by the most recent NDIS Pricing Arrangements and Price Limits, as well as approved customer plans, to ensure every line item is accounted for.
  • Privacy for customer information, protecting all-important health data. It should also ensure that support coordination services are impartial and the rest of your business is not accessing any records they shouldn't.
  • Staying on top of team member qualifications to ensure no one has expired certificates or is assigned to a job without the necessary checks in place (e.g. First Aid Certificate, Working With Children Check). 

Do you have a complete picture?

The disconnection of data is what makes auditing stressful. Trying to piece together information like a puzzle is time consuming and laborious. This is where having a single, all-in-one platform for your entire operation makes a world of difference. 

GoodHuman’s platform puts the customer profile at the centre of every action within your operation. This provides a complete picture of every customer, making it easy for anyone within an organisation to trace information and provide evidence of the services delivered. 

  • You can see which staff members have delivered services, including when and where bookings took place. 
  • With the customer’s approved NDIS plan connected into every workflow, you can easily provide proof of the services delivered, with evidence that what has been delivered is approved and billed to the correct line item for price and complexity of care. 
  • With team member profiles in the same place as your service delivery and customer management, you can show evidence of qualifications and necessary checks. 
  • You can also pull up incident reports, export customer progress notes and track against goals. All within the one system. 

This not only makes compliance incredibly simple, it also makes it easier for your staff to deliver the highest quality service and keep customers on track toward their goals. 

An example of audit-proof compliance

Let’s revisit the incident report scenario we mentioned earlier, but this time with GoodHuman in place to manage the data. With GoodHuman, the team members would have checked into their shift and logged all customer notes and interactions on their phone, including an incident report. The incident report would be recorded on-site in an instant, using a simple, custom-built workflow pre-filled with prompts depending on the type of incident that occurred. Team members recorded what mattered most and didn’t need to worry about trying to recall details later or while stressed. It wouldn’t have taken weeks for information to filter through to the office, with the right managers alerted immediately so they could take action and ensure the ongoing safety of both team members and the customer. A notification would have alerted the right person for each process, and appropriate action could be taken and followed up with the customer and/or their family members.

As you can see, with the right workflow and process, this is already a better outcome for everyone involved — before an audit is even mentioned. Of course, when these details are audited, the same system that handled the report would also show traceable data on any team member who has worked with this customer and the services delivered. No guesswork. 

Download The NDIS Audit Checklist

How vulnerable is your operation to gaps in information?

Download a copy of The NDIS Audit Checklist to find out. 

Before your next audit, gather your key stakeholders and use this checklist to review your information systems. 

This handy checklist will help guide your team through the process of reviewing compliance data, unearthing how time-consuming it will be to gather evidence for an audit. This will allow you to review processes, procedures and technology and security to set your organisation up for bullet-proof preparedness.

No items found.

About GoodHuman

GoodHuman creates technology to amplify the good that already exists in the world.

We help human services organisations better connect to their frontline team and customers with purpose-built workforce, customer and billing management — all in one platform.

Learn more