A
Align NetworkPBS & Plan Management

Privacy Policy

Last updated: March 2026

1. Introduction

Align Network ("we", "us", "our") is committed to protecting the privacy of personal information collected from NDIS participants, families, carers, support coordinators, and allied health professionals. This policy outlines how we collect, use, store, and disclose personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

2. Information We Collect

We may collect the following types of personal information:

  • Name, contact details (email, phone, address)
  • NDIS participant number and plan details
  • Health and disability information (sensitive information)
  • Service provider details and qualifications
  • Financial information for plan management purposes
  • Website usage data (analytics, cookies)

3. How We Use Your Information

We use personal information to:

  • Provide NDIS plan management, behaviour support, and allied health services
  • Process referrals and service agreements
  • Manage invoicing and provider payments
  • Comply with NDIS Quality and Safeguards Commission requirements
  • Communicate with you about our services
  • Improve our services and website

4. Sensitive Information

We collect sensitive information (including health and disability information) only with your consent and only where it is reasonably necessary for the provision of NDIS services. Sensitive information is handled with additional security measures.

5. Data Storage and Security

All personal information is stored on Australian-hosted servers with enterprise-grade encryption. We implement appropriate technical and organisational measures to protect against unauthorised access, alteration, disclosure, or destruction of personal information.

Our security measures include:

  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Role-based access controls
  • Regular security audits and penetration testing
  • Staff training on privacy and data handling

6. AI and Clinical Decision Support

Where we use AI-assisted tools to support clinical decision-making, all data is de-identified before processing. AI outputs are always reviewed by a qualified practitioner before being included in any clinical document. No personal information is used to train AI models.

7. Disclosure of Information

We may disclose personal information to:

  • The NDIA and NDIS Quality and Safeguards Commission (as required)
  • Service providers involved in your care (with consent)
  • Government agencies where required by law
  • Our professional advisors (accountants, lawyers)

We do not sell personal information to third parties.

8. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your information (subject to legal obligations)
  • Withdraw consent for marketing communications
  • Make a complaint about our handling of your information

9. Cookies and Website Analytics

Our website uses analytics tools to understand how visitors use the site. This data is anonymised and used only to improve the website experience. You can disable cookies in your browser settings.

10. Contact Us

For privacy enquiries, access requests, or complaints, contact us at:

If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC).