Self-Managed NDIS Plans: What Providers Need To Know

Working with self-managed NDIS participants can be rewarding for providers - you often have more flexibility around pricing and service delivery, and you can build long-term relationships directly with clients and families.

At the same time, self-managed arrangements shift more admin to the participant. That means you’ll need clear, compliant processes and strong contracts so everyone understands how services will be delivered and paid - and what to do if something changes.

In this guide, we’ll unpack how self-managed plans work from a provider’s perspective, what your legal and compliance obligations look like in Australia, and the essential documents and practical steps to set you up for success.

What Is A Self-Managed NDIS Plan?

Under the National Disability Insurance Scheme (NDIS), participants can choose how their funding is managed. In a self-managed plan, the participant (or their nominee) controls their budget, chooses their providers, and pays invoices directly.

From your perspective as a provider, this typically means:

• You contract directly with the participant (not the NDIA or a plan manager).
• You issue invoices to the participant, who then pays you and claims from their plan.
• You may have more flexibility on rates, timing, and service design (within NDIS rules and the participant’s goals).

This flexibility is a big plus - but it also makes the quality of your agreements, privacy practices and record-keeping even more important.

How Do Providers Work With Self-Managed Participants?

The core workflow is simple: agree on services and price, deliver the service, and invoice the participant. To keep things smooth and compliant, build these basics into your process.

Agree The Scope In Writing

Before starting, confirm what you’ll deliver, how often, the price, and any cancellation terms. A clear, plain-English agreement reduces misunderstandings and helps you stay aligned with the participant’s goals.

Invoice Correctly

Self-managed participants need invoices with enough detail to claim reimbursement. Include your ABN, dates of service, a description of supports, unit price and total. If you charge GST, show it separately and ensure your ABN and tax status are correct.

Be Transparent About Pricing

Many participants use NDIS pricing as a guide even when self-managed. Be upfront about your rates, any travel or consumables charges, and the notice period for price changes. Transparency builds trust and prevents disputes.

Handle Changes And Cancellations Fairly

Life happens. Have a fair cancellation policy and a simple process for rescheduling. If your policy includes fees for late cancellations, make sure it’s clearly set out in your service agreement and applied consistently.

What Legal And Compliance Obligations Should You Consider?

Even if you’re not a registered NDIS provider, the same core laws apply when you sell services in Australia. Below are the key areas to get right from day one.

Australian Consumer Law (ACL)

As a provider, you must comply with the Australian Consumer Law. This covers things like not making misleading claims, providing services with due care and skill, and being clear about pricing. Your service descriptions and marketing should be accurate and your terms should be fair.

Privacy And Confidentiality

You’ll likely handle sensitive health and personal information. Having an appropriate NDIS Privacy Policy and robust internal processes for collection, storage, sharing and retention is essential. Only collect what you need, keep data secure, and get valid consent before sharing information with third parties (for example, a support coordinator or allied health professional).

Consent And Information Sharing

Obtain clear, informed consent when you need to share information or coordinate with others. A simple, accessible Participant Consent Form helps you document that consent and respect the participant’s preferences.

Record-Keeping

Keep accurate records of service delivery, invoices and communications. Good records support claims, help resolve complaints, and demonstrate that your services align with the participant’s goals.

Safeguarding And Incident Response

Have a practical process for raising and handling incidents or concerns, and know when you must escalate or report issues. Clear internal guidance helps staff act quickly and appropriately.

Data Breach Readiness

Data breaches can happen to any business. A documented and tested Data Breach Response Plan ensures you can respond swiftly - contain the issue, notify affected individuals where required and minimise harm.

Employment Law (If You Have Staff)

If you engage staff or contractors, you’ll need the right agreements, fair work compliance and workplace policies. Use a tailored Employment Contract and ensure rosters, pay and entitlements meet Australian employment laws. Policies around safety, conduct, privacy and complaints are also important in a care environment.

What Legal Documents Do Providers Typically Need?

The right documents can prevent disputes, protect personal information and set professional boundaries. Most providers working with self-managed participants will consider:

• NDIS Service Agreement: Sets out the services, pricing, cancellations, changes to supports, confidentiality, invoicing and termination. This is the foundation of your provider-participant relationship.
• NDIS Privacy Policy: Explains how you collect and handle personal and sensitive information in line with Australian privacy requirements.
• Participant Consent Form: Records informed consent for sharing information with support coordinators, clinicians or other providers.
• Data Breach Response Plan: A step-by-step playbook if personal data is lost, accessed or disclosed without authorisation.
• Employment Contract (and workplace policies): Confirms roles, responsibilities, confidentiality and conduct if you hire staff.
• Non-Disclosure Agreement (NDA): Useful when collaborating with third parties or contractors and you need to protect confidential information.
• Privacy Policy (for your website): If you collect any personal information online (enquiries, bookings, mailing lists), this is a must-have.

Not every provider needs the exact same suite. The right mix depends on your business model, services and whether you employ staff or subcontract. If you want a coordinated set of documents tailored to NDIS work, an NDIS Service Provider Package can be a practical way to cover the essentials.

Step-By-Step: Getting Set Up To Serve Self-Managed Clients

Here’s a simple, practical roadmap you can follow.

1) Define Your Services And Pricing

List the supports you’ll offer, where and how you’ll deliver them (in-home, community, telehealth), and your rates. Note any travel, preparation, or consumables charges, and set a fair cancellation policy.

2) Choose A Structure And Sort Your Admin

Register for an ABN and ensure your business details are clear on invoices and contracts. If your growth plans or risk profile justify it, consider operating through a company structure for liability protection and brand credibility. Speak to your accountant about GST and tax obligations.

3) Put Your Core Documents In Place

Prepare your service agreement, privacy policy, consent form and internal procedures. Keep them short, plain-English and consistent with your day-to-day processes, so they’re actually used.

4) Set Up Simple Intake And Invoicing

Create a streamlined intake (collect contact details, goals, consent and any risks to be aware of). Standardise your invoicing template so every invoice has the required details for self-managed claims.

5) Train Your Team

Even if you’re a solo provider now, plan for growth. Train anyone who assists you on privacy, record-keeping, incident response and communication standards. Use your Employment Contract and policies to set clear expectations.

6) Review Regularly

Check your documents and processes every 6-12 months. Laws, pricing arrangements and your service model evolve - your paperwork should too.

Common Pitfalls (And How To Avoid Them)

Scope Creep Without Price Alignment

It’s easy for supports to expand informally. Keep a habit of confirming changes in writing and updating the service agreement when scope or rates change.

Unclear Cancellations

Disputes often arise around late notice. Set a reasonable cancellation policy, communicate it clearly at onboarding, and apply it consistently.

Privacy Gaps

Sharing progress notes or schedules over unsecured channels can create risk. Limit sharing to what’s necessary, store records securely, and use your NDIS Privacy Policy and consent framework to guide decisions.

Inconsistent Invoicing

Missing details cause delays and confusion for self-managed clients. Standardise your invoice format, and ensure your descriptions of supports are clear and accurate.

No Plan For Incidents Or Data Breaches

Have a simple incident and complaints process, and document how you’ll respond to a data breach. A working Data Breach Response Plan saves time when it counts.

Overlooking Staff Compliance

If you bring on employees, put proper contracts and policies in place. This protects your business and maintains a safe, professional service environment for participants.

Do I Need To Be A Registered NDIS Provider To Work With Self-Managed Plans?

Not necessarily. Many self-managed participants choose unregistered providers. However, registration may be required for certain high-risk supports or if you want to work with plan-managed or agency-managed participants too.

Registration has its own standards and audit requirements, so weigh up your service mix, target clients and growth plans. If you’re unsure, it’s worth speaking with an NDIS lawyer about your specific services and risk profile.

Key Takeaways

• Self-managed NDIS participants pay you directly, so clear agreements, transparent pricing and correct invoicing are essential.
• The Australian Consumer Law applies to your services - be accurate in your marketing and deliver with due care and skill.
• Protect participant information with a tailored NDIS Privacy Policy, informed consent processes and a tested Data Breach Response Plan.
• Core documents for providers include an NDIS Service Agreement, privacy and consent documents, and proper Employment Contracts if you hire staff.
• Standardise your intake, record-keeping and invoice templates to make life easier for self-managed clients and reduce disputes.
• If you’re weighing up NDIS registration or refining your documents, tailored support through an NDIS Service Provider Package can set you up the right way.

If you’d like a consultation on working with self-managed NDIS participants, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.