Governance,
Compliance & Policy
Framework
Governance, Compliance & Policy Framework
Amrita Sinha Occupational Therapy Pty Ltd (ASOT)
Version 2.0 – February 2026
At Amrita Sinha Occupational Therapy, we are committed to delivering safe, ethical, and high-quality services in full compliance with Australian regulatory and professional standards.
This Governance, Compliance & Policy Framework outlines our operational principles, professional obligations, and safeguards to ensure client wellbeing, data protection, and regulatory alignment.
1. Regulatory & Professional Compliance
Our practice operates in accordance with applicable Australian legislation, professional standards, and regulatory frameworks, including:
- The Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)
- The Privacy and Other Legislation Amendment Act 2024 (Cth)
- The Australian Health Practitioner Regulation Agency (AHPRA) standards
- The Occupational Therapy Board of Australia codes and guidelines
- The NDIS Practice Standards and Quality & Safeguards Commission requirements
- Applicable Commonwealth and State health legislation and WHS Policy
All registered practitioners within the practice adhere to the AHPRA Shared Code of Conduct and maintain professional registration requirements including continuing professional development (CPD) obligations.
The practice monitors regulatory developments to ensure policies and operational procedures remain aligned with evolving legislative and professional standards.
2. Client Care & Professional Standards
We are committed to delivering services that prioritize client wellbeing, safety, and professional integrity.
Our practice upholds:
- Practitioner-led, evidence-informed clinical decision-making
- Respect for client autonomy, dignity, and cultural safety
- Clear informed consent processes
- Transparent communication and documentation
- Scope-of-practice adherence
All clinical recommendations are made by qualified occupational therapy practitioners. Any technological tools used within the practice are assistive in nature and do not replace professional clinical judgment or practitioner accountability.
3. Privacy, Confidentiality & Data Protection
We take the protection of personal and health information seriously and manage information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and obligations introduced under the Privacy and Other Legislation Amendment Act 2024 (Cth).
We:
- Collect only information reasonably necessary for service delivery or operational requirements
- Store records securely using appropriate administrative, technical, and organisational safeguards
- Maintain strict role-based access controls to protect sensitive information
- Encrypt data in transit and at rest where applicable
- Do not disclose personal information without lawful authority or client consent (except where required by law)
- Maintain audit trails for clinical documentation where applicable
- Take reasonable steps to protect personal information from misuse, interference, loss, unauthorized access, modification, or disclosure
We do not use client health information to train external artificial intelligence systems or shared machine learning models.
Clients may request access to their records and request corrections where appropriate in accordance with privacy legislation.
Where a data breach is likely to result in serious harm, the practice will comply with obligations under the Notifiable Data Breaches scheme under the Privacy Act.
4. Record Keeping & Documentation
Health records are maintained in accordance with:
- AHPRA guidance
- Professional record-keeping standards
- NDIS documentation requirements
Records are maintained to ensure professional accountability and continuity of care. All records are:
- Accurate and contemporaneous
- Stored securely
- Accessible only to authorized personnel
- Retained and disposed of in accordance with legal retention obligations and applicable professional guidelines.
5. Telehealth & Digital Service Delivery
Where telehealth services are provided, we ensure that service delivery maintains the same professional standards as in-person consultations.
We ensure:
- Informed consent specific to telehealth services
- Secure and appropriate platforms are used for digital consultations
- Confidentiality safeguards are maintained
- Documentation standards remain consistent with in-person services
- Practitioners assess the suitability of telehealth on a case-by-case basis to ensure safe and effective care.
6. NDIS Compliance & Safeguards
As an NDIS-aligned service provider, we operate in accordance with the NDIS Practice Standards and associated Quality Indicators.
We:
- Operate in accordance with NDIS Practice Standards
- Maintain incident management procedures
- Support participant rights and choice
- Maintain complaint handling mechanisms
- Ensure quality assurance and service review processes
Our practice aims to support participant safety, transparency, and accountability in service delivery.
7. Ethical Practice & Professional Conduct
All staff and practitioners are required to maintain high standards of ethical conduct in accordance with professional and regulatory obligations.
Staff and practitioners are expected to:
- Adhere to the AHPRA Shared Code of Conduct
- Maintain professional boundaries
- Act in the best interests of clients
- Provide services within their professional competence
- Report concerns relating to public safety in accordance with mandatory notification requirements
Professional integrity and ethical practice are central to our organisational culture.
8. Risk Management & Incident Reporting
We maintain structured processes for identifying and managing operational and clinical risks.
This includes procedures for:
- Identifying and managing clinical risks
- Reporting and documenting incidents
- Responding to data breaches
- Continuous quality improvement
Where required, notifiable events are reported to relevant authorities in accordance with applicable legal and regulatory obligations, including the Notifiable Data Breaches scheme under the Privacy Act.
9. Governance & Continuous Improvement
Our governance framework supports accountability, quality improvement, and regulatory compliance.
This includes:
- Regular policy review and updates
- Ongoing professional development
- Internal quality checks
- Risk assessments
- Regulatory monitoring
Policies are reviewed periodically to ensure continued compliance with legislative changes, including updates arising from amendments to the Privacy Act and other applicable regulatory requirements.
10. Contact & Complaints
We welcome feedback and concerns regarding our services or organizational practices.
Clients may raise complaints directly with our practice. Where appropriate, matters may also be referred to relevant regulatory bodies, including:
- AHPRA
- NDIS Quality & Safeguards Commission
- Office of the Australian Information Commissioner (OAIC)
Contact details for these bodies are publicly available through their respective websites.
Statement of Commitment
We are committed to maintaining the highest standards of professional conduct, client safety, privacy protection, and regulatory compliance.
This framework reflects our dedication to ethical occupational therapy practice, responsible governance, and continuous improvement.
Policy Register Summary
| Policy | Version | Responsible Person |
|---|---|---|
| Privacy & Confidentiality Policy | 2.1 | Founder / Senior OT – Amrita Sinha |
| WHS Policy | 1.0 | Founder / Senior OT – Amrita Sinha |
| NDIS Compliance | 1.0 | Founder / Senior OT – Amrita Sinha |
| AHPRA Compliance | 1.0 | Founder / Senior OT – Amrita Sinha |