Using AI in your NDIS business without triggering a compliance problem
What the law actually requires, where the real risk sits, and the line between safe automation and a notifiable breach.
Most NDIS providers are doing one of two things with AI right now.
Avoiding it completely — because Robodebt taught the whole sector what happens when an automated system meets vulnerable people and nobody can explain the decision.
Or using it quietly, nervously, with a support worker pasting progress notes into ChatGPT at 9pm to save an hour, and hoping nobody ever asks.
Both are a mistake.
The first leaves hours and money on the table for a fear that doesn't apply to most of what you'd automate. The second is a breach of the Privacy Act — and depending on the data, possibly a criminal offence under the NDIS Act — happening right now, on a Tuesday, with no one in the building aware of it.
Here is the part nobody draws clearly: the risk was never “AI.” The risk is a narrow band of specific uses. Almost everything you'd actually want to automate sits on the safe side of a line you can see plainly once someone shows you where it is.
This page shows you where it is.
What actually governs AI in your service
Six bodies of law touch an AI system in an NDIS service at the same time. You don't need to read them. You need to know they exist, because a vendor who hasn't heard of them is about to put your registration at risk.
That's the weather. Now the line.
The safe side of the line
Most of the work you'd hand to AI never touches a participant's clinical detail and never makes a decision about them. That work is safe to automate today:
- —Outreach to support coordinators and plan managers — they're professionals, not participants.
- —Drafting internal documents, reports, and templates from your own material.
- —Scheduling, reminders, and roster checks against award rules.
- —Tracking renewal dates and flagging what's overdue.
- —Turning your own case notes into a marketing post — after a human removes anything identifying.
None of this triggers the heavy obligations, because none of it puts participant sensitive data through a decision an AI makes on its own.
The dangerous side
A short list of things does carry real exposure. Each one is avoidable:
Participant data into a public AI tool(ChatGPT, the consumer Claude or Gemini apps). Their terms permit training on what you paste in. That's the everyday breach. We wrote a whole page on it.
An AI making or finalising a decision about a participant — their supports, their funding, their eligibility — without a human confirming it.
Participant data processed or stored outside Australia, including through an overseas AI API.
An AI you can't explain.If you can't say what data it used and why it produced what it did, you can't defend it to an auditor or to the participant.
What this actually means for you
You can use AI. You should. The providers who don't will be slower and more expensive than the ones who do, and the gap compounds every month.
What you can't do is use it carelessly — and “carelessly” has a precise definition now, not a vague one. An AI system that touches participant data has to meet a specific set of conditions. We turned them into a checklist you can hold any vendor to.
We've spent thirteen years in this sector — Richard scaled a provider from zero to 26 homes — and we build the agents that do these jobs. So we had to map this line before we'd put a single one near a participant record. The map is above. Use it.
Want to know where your operation actually stands? The NDIS AI Readiness assessment scores you in twelve questions. Start it here.
The buyer's checklist. What to demand of any vendor.
The single most common breach, named and fixed.
Eligibility, budgets, autonomous notification, substitute decisions.
APP 1.7–1.9 ADM disclosure. Confirmed, dated, close.