A practical guide to care compliance documentation
Good compliance documentation is not about generating paper. It is about building a system that captures what actually happened, in a way that proves it to an auditor.
The purpose of compliance documentation
Compliance documentation serves two audiences: the people delivering and coordinating care, who need clear records to do their jobs well, and auditors, inspectors, and regulators, who need those records as evidence that the organisation is meeting its obligations.
Most compliance failures are not failures to do the right thing. They are failures to document that the right thing was done.
What good documentation looks like
Good compliance documentation has four qualities:
Contemporaneous. Written at or close to the time of the event, not reconstructed later. A carer's incident report written the same day is credible. One written a week later, when memories have blurred and there may be legal implications, is not.
Specific. Dates, times, names, locations. "Client appeared distressed" is less useful than "Client was observed to be agitated from approximately 9.15am. She refused to eat breakfast and told the carer she was frightened. Carer remained with client, contacted coordinator at 9.30am."
Signed and attributed. Every record should be linked to the person who created it and the time it was created. This is what gives the record integrity.
Retained appropriately. Documents cannot be corrected by erasure or overwriting. If a record needs to be amended, the amendment should be dated, attributed, and the original should remain visible.
The key document types
Incident reports
Every incident — including near-misses and minor incidents — must be documented. The incident report should record:
- Date and time of the incident
- Location
- Who was present (participant name, carer name, any others)
- What happened (specific, factual description)
- Any immediate actions taken
- Whether a supervisor or coordinator was notified (and when)
- Any follow-up required
For serious incidents, additional NDIS Commission reporting obligations apply. The timeframe for reporting varies by incident type — providers should have a documented process that specifies who is responsible for the Commission notification and by when.
Progress notes
Progress notes are records of support delivered during a shift. They should cover:
- What supports were provided
- How the participant engaged
- Any notable observations (physical, emotional, behavioural)
- Any concerns or issues to follow up
Progress notes do not need to be long. They need to be honest and specific. A note that says "assisted with morning routine, participant in good spirits" tells you very little. A note that says "assisted with shower, dressing, and breakfast preparation. Participant mentioned feeling tired and went to rest at 9.45am. No concerns to escalate" is useful.
Carer qualification records
Every carer's file should hold:
- NDIS Worker Screening clearance (number, issue date, expiry)
- Working With Children Check (where required)
- First aid and CPR (course provider, date, expiry)
- Any role-specific qualifications (manual handling, medication, specific behaviour support training)
- Mandatory training completion records
Qualification records should be actively monitored for expiry — not just stored. An expired first aid certificate is a compliance failure even if the carer's skills are current.
Service agreements and care plans
Service agreements with participants should be signed, dated, and reviewed regularly. They should reference the supports being provided, how they will be delivered, the participant's rights and responsibilities, and the provider's complaints process.
Care plans should be living documents — updated when the participant's circumstances change, not just at annual review. Evidence of review (meeting notes, email correspondence, updated document with a new date) is what auditors look for.
Common documentation failures
The incident that was handled but not written up. A carer manages a difficult situation well, the coordinator is told, everyone moves on. Three months later, there is no record the incident occurred. If a complaint is made or an audit happens, there is nothing to show.
The qualification that expired without anyone noticing. Without a system that tracks expiry dates and sends alerts, the gap between onboarding and audit can be long enough for a first aid certificate to go from "just renewed" to "expired two years ago."
The care plan that has not been touched since intake. Participants' needs change. A care plan that no longer reflects the person's current situation is a compliance risk and, more importantly, a care quality problem.
The retrospective record. Records written after the fact, especially in the context of a complaint or investigation, are viewed with appropriate scepticism. The best defence against this concern is contemporaneous documentation as a standing practice.
Building documentation into the workflow
The most reliable documentation is documentation that happens as part of the work, not as an additional step after the shift is done. Tools that allow carers to write incident reports and progress notes from their phone, immediately after the shift, produce better records than systems that require carers to remember what happened and reconstruct it later at a desktop.
Every step that adds friction to documentation reduces compliance. Removing friction — and making good documentation the path of least resistance — is one of the highest-value investments a care organisation can make.
*Teiro's compliance module tracks qualification expiry, stores documentation against carer and participant records, and generates audit-ready reports. [See the compliance features](/features/compliance).*