Healthcare Compliance Policy Templates for Australian Practices
Pre-written, customisable policy templates aligned to Australian healthcare standards. Download in Word format, add your practice details, and use as accreditation evidence.
63
Policy templates
6
Frameworks
Word
Editable format
RACGP 5th Edition Templates
25 templatesPrivacy Policy
A comprehensive privacy policy covering the 13 Australian Privacy Principles (APPs), patient data collection, use, disclosure, and storage. Includes state-specific Health Records Act references.
Infection Prevention & Control Policy
Practice-specific infection prevention and control policy covering hand hygiene, PPE, environmental cleaning, sterilisation, outbreak management, and staff immunisation requirements.
Emergency Response Plan
Emergency preparedness and response plan covering medical emergencies, natural disasters, fire, power failure, IT outage, pandemic response, and staff absence contingencies.
Computer & Information Security Policy
Information security policy covering access control, password management, backup procedures, malware protection, mobile device security, and incident response. Based on the RACGP CISS framework.
Clinical Handover Policy
Structured clinical handover policy using the ISBAR framework for safe transfer of patient information between practitioners, including shift changes, referrals, and after-hours handover.
Cold Chain Management Policy
Vaccine storage and cold chain management policy covering temperature monitoring, equipment maintenance, breach protocols, ordering procedures, and annual audit requirements.
Complaints Handling Policy
Patient feedback and complaints management policy covering complaint receipt, investigation, resolution, escalation pathways, and documentation requirements for accreditation evidence.
Clinical Risk Management Policy
Clinical risk management and incident reporting policy covering risk identification, incident classification, investigation procedures, open disclosure, and corrective actions.
Work Health & Safety Policy
Workplace health and safety policy covering hazard identification, risk assessment, incident reporting, manual handling, emergency procedures, and staff responsibilities under WHS legislation.
Chaperone Policy
Policy for the use of chaperones and observers during clinical examinations, covering patient rights, staff responsibilities, documentation, and sensitive examination procedures.
Business Continuity Plan
Business continuity and disaster recovery plan covering IT system failure, data loss, key personnel absence, natural disaster, and practice relocation scenarios with recovery procedures.
Staff Training & Orientation Policy
Staff induction, training, and ongoing education policy covering orientation checklists, mandatory training requirements, CPD tracking, and performance review procedures.
Health Records Management Policy
Health records management policy covering record creation, access, storage, retention periods, disposal, transfer, and electronic health record standards.
After-Hours Care Policy
After-hours care arrangements policy covering patient communication, voicemail messaging, deputising service agreements, emergency department referrals, and clinical handover for after-hours providers.
Informed Consent Procedures
Informed consent policy and procedures covering consent requirements, capacity assessment, minor consent, interpreter use, documentation standards, and refusal of treatment.
Recall and Reminder System Policy
Recall and reminder system policy aligned to RACGP Standards 5th edition criterion GP2.2 and Privacy Act / APP 7. Defines recall vs reminder, urgency tiers (critical, urgent, routine, reminder), contact methods, escalation, NCSR and AIR coordination, failure-to-respond handling, audit cadence and clinical software workflow.
Follow-up of Tests, Results and Referrals Policy
Follow-up of tests, results and referrals policy aligned to RACGP Standards 5th edition criterion GP2.2 and the ACSQHC Communicating for Safety Standard. Covers receipt and routing, clinician urgency categorisation, critical results, communication of results, specialist correspondence and closing the loop, coverage during absence, documentation and audit. Pairs with the Recall and Reminder System Policy.
Patient Identification Policy
Patient identification policy aligned to the ACSQHC three approved identifiers framework and RACGP Standards 5th edition. Covers identification at registration, reception, consultation, procedures, sampling, prescribing and My Health Record access; duplicate record management; pathology and imaging sample labelling; phone identification; special populations (children, cognitive impairment, ATSI, trans and gender-diverse, custody); incident reporting and audit.
Telehealth Policy
Telehealth policy aligned to RACGP Standards 5th edition, RACGP telehealth guidance, MBS telehealth item rules, AHPRA Telehealth Guidance and the Privacy Act. Covers MBS eligibility and the 12-month relationship rule, AHPRA jurisdictional considerations, clinical appropriateness for telehealth vs face-to-face, consent and identification, healthcare-grade platform selection, mental health safety checks, prescribing (including Schedule 8), documentation and audit.
Open Disclosure Policy
Open disclosure policy aligned to the ACSQHC Australian Open Disclosure Framework and RACGP Standards 5th edition. Distinguishes open disclosure (provider-initiated, after adverse event) from complaints handling (patient-initiated). Covers the eight ACSQHC principles, two-level (clinician-led informal and formal) process, apology law protection across all Australian States and Territories, supporting patients and second-victim staff, notifications to the indemnity insurer, AHPRA and Coroner, and the open disclosure register.
Practice Information Sheet
Patient-facing practice information sheet aligned to RACGP Standards 5th edition criterion GP1.3. Covers practice identity, clinician team, hours and contact, appointment booking, fees and billing, telehealth, results and follow-up, after-hours arrangements and emergency contacts, repeat prescriptions and referrals, communicating with the clinician, privacy summary with APP/OAIC contact, feedback and complaints with every State and Territory health complaints commission, cultural safety and accessibility, and new patient information.
Quality Improvement Policy and Activity Log
Quality improvement policy and activity log aligned to RACGP Standards 5th edition criterion QI1.1 and the Practice Incentives Program Quality Improvement Incentive (PIP QI). Covers the PDSA framework with worked example, the 10 PIP QI Measures, roles and responsibilities, identification of QI activities from incidents, complaints, audits and data, the quarterly QI meeting, the Activity Log structure (the primary evidence at accreditation), data quality and ethics, training and culture.
Practice Equipment Register and Maintenance Log
Practice equipment register and maintenance log aligned to RACGP Standards 5th edition practice equipment indicators, AS 1851 (fire), AS 2293 (emergency lighting), AS/NZS 3760 (test and tag), AS/NZS 3551 (biomedical equipment), AS/NZS 4815 (autoclave) and AS 2030 (gas cylinders). Covers clinical, emergency and safety equipment with service and calibration intervals, electrical testing, routine pre-use checks, fault handling and decommissioning. Excludes the vaccine fridge (see Cold Chain Management).
Conflict of Interest, Gifts and Benefits Policy
Combined conflict of interest, gifts and benefits policy aligned to AHPRA Good Medical Practice / Code of Conduct, the Medicines Australia Code of Conduct and RACGP governance expectations. Covers actual, potential and perceived conflicts; the three-step DISCLOSE-DOCUMENT-MANAGE principle; gifts from patients, suppliers and pharma with thresholds; high-risk areas (prescribing, referrals, procurement); registers for COI and gifts; breach handling with AHPRA mandatory notification consideration; patient disclosure where relevant.
Policy and Document Control Procedure
Policy and document control procedure aligned to RACGP Standards 5th edition governance and document management indicators. Covers controlled-document scope, versioning rules (minor/substantive/major), creation and approval workflow, storage and access controls, the 2-year default review cycle with annual cadence for fast-changing topics, retirement and archive with 7+ year retention, the Document Register, and how externally-sourced templates enter the practice's controlled document set. Distinct from Health Records Management (clinical records).
NDIS Practice Standards Templates
12 templatesComplaints Management and Resolution Policy
NDIS-aligned complaints management policy covering participant complaints, investigation procedures, resolution timeframes, escalation to the NDIS Commission, and continuous improvement. Mapped to Core Module 1 quality indicators.
Incident Management Policy and Procedure
NDIS-aligned incident management policy covering reportable incidents, NDIS Commission notification requirements, investigation procedures, corrective actions, and integration with risk management. Mapped to Core Module 1 quality indicators.
Risk Management Policy
NDIS-aligned risk management policy covering risk identification, assessment, treatment, monitoring, participant-specific risk assessments, and integration with AS/NZS ISO 31000. Mapped to Core Module 1 quality indicators.
Human Resource Management Policy
NDIS-aligned human resource management policy covering recruitment, worker screening, orientation, supervision, training, performance management, worker wellbeing, and separation. Mapped to Core Module 1 quality indicators.
Continuity of Supports Policy
NDIS-aligned continuity of supports policy covering workforce planning, planned transitions, unplanned disruptions, business continuity, and communication protocols. Mapped to Core Module 1 quality indicators.
Governance and Operational Management Policy
NDIS-aligned governance and operational management policy covering governance structure, key personnel, quality management, continuous improvement, compliance, and financial management. Mapped to Core Module 1 quality indicators.
Information Management and Privacy Policy
NDIS-aligned information management and privacy policy covering data collection, storage, security, access, disclosure, breach response, retention, and disposal. Mapped to Core Module 1 quality indicators and the Privacy Act 1988.
Participant Rights and Responsibilities Policy
NDIS-aligned participant rights and responsibilities policy covering choice and control, dignity of risk, cultural safety, advocacy access, and complaint mechanisms. Mapped to Core Module 1 quality indicators and the UNCRPD.
Service Delivery and Access Policy
NDIS-aligned service delivery and access policy covering intake, service agreements, support planning, delivery, monitoring, cancellations, service exit, and accessibility. Mapped to Core Module 1 quality indicators.
Worker Orientation and Induction Procedure
NDIS-aligned worker orientation and induction procedure covering pre-commencement checks, Day 1 orientation, mandatory training, role-specific training, supervised practice, and competency sign-off. Mapped to Core Module 1 quality indicators.
Behaviour Support Policy
NDIS-aligned behaviour support policy covering positive behaviour support framework, functional assessment, behaviour support plans, restrictive practices governance, NDIS Commission reporting, and reduction strategies. Mapped to Supplementary Module quality indicators.
Restrictive Practices Policy
NDIS-aligned restrictive practices policy covering the five regulated restrictive practices, authorisation requirements, safeguards, reporting, record keeping, and reduction and elimination strategies. Mapped to Supplementary Module quality indicators.
My Health Records Act Templates
3 templatesMy Health Record Security and Access Policy
The Rule 42 policy required of every registered My Health Record provider organisation. Covers responsible officer duties, authorisation of users, identification and authentication, physical and technical security, breach response, audit and review.
My Health Record Staff Training and Awareness Procedure
Procedure that satisfies Rule 42(2)(a) by setting out how staff are trained before being granted My Health Record access, the topics covered, the knowledge check, refresher cadence, and a printable training register for audit evidence.
My Health Record Emergency Access Procedure
Procedure for using emergency access to a patient's My Health Record under section 64 of the Act. Defines the four-part legal test, step-by-step procedure, documentation expectations, audit review, and a printable emergency access log.
Privacy Act / APPs Templates
7 templatesPrivacy Management Plan
The internal governance plan required by APP 1.2. Sets out the Privacy Officer's role, the practices, procedures and systems implemented to comply with the APPs, training, risk management, and the privacy register that tracks complaints, requests and breaches.
Data Breach Response Plan
Operational response plan for the Notifiable Data Breaches scheme in Part IIIC of the Privacy Act. Covers the four-step response (Contain, Assess, Notify, Review), 30-day assessment timeline, OAIC notification statement under section 26WK, individual notification options, and a 7-year breach register.
Privacy Impact Assessment Template
Structured PIA template aligned to the OAIC's Guide to undertaking privacy impact assessments. Includes APP-by-APP analysis, information flow mapping, risk register, health-specific considerations (My Health Record, state HRIPA/HRA/HRPPA) and decision sign-off. Used before any new system, vendor or AI tool that handles patient data.
Patient Data Collection Notice
Short, plain-English notice given to patients at the point of collection in line with APP 5. Covers identity, purpose, consequences of not providing information, recipients of disclosure, overseas storage, access and correction rights, and complaints. Designed for registration forms, online booking, patient portal sign-up and telehealth intake.
Data Retention and Destruction Policy
APP 11.2 retention and destruction policy with state-specific schedules (NSW HRIPA, Vic HRA, ACT HRPPA). Covers minimum retention for adult and minor records, deceased patients, billing records, sterilisation logs and CCTV. Includes destruction methods (paper, electronic, mobile), Certificate of Destruction handling, de-identification, and a destruction register.
Patient Access and Correction Procedure
Step-by-step procedure for handling patient requests under APP 12 (access) and APP 13 (correction). Covers recognising a request, identity verification, treating clinician review, the 30-day response window, refusal grounds, statement-of-correction handling, fee rules, special situations (children, deceased, family violence) and a printable patient request form.
Third-Party Data Sharing Agreement Template
Contract clauses for sharing personal information with a service provider in compliance with APP 6 (use and disclosure) and APP 8 (cross-border disclosure). Covers permitted purpose, AI training prohibition, security, sub-processors, breach notification, audit, retention and destruction on termination, and indemnity. Suitable for clinical software vendors, MSPs, AI scribes, billing services and telehealth platforms.
WHS Templates
8 templatesHazard and Risk Register
The central record required to manage WHS risks under sections 17 to 19 of the WHS Act 2011. Pre-populated with 12 healthcare-specific hazard examples (reception, clinical, sterilisation, manual handling, psychosocial, IPC, lone worker, fire), a 5x5 risk matrix, hierarchy of controls, and a worker consultation log.
Incident and Hazard Report Form
Comprehensive form to record any workplace injury, illness, near miss, dangerous incident or hazard observation. Includes built-in s35 notifiable-incident decision, regulator notification fields for every state and territory, NDIS Commission and Ahpra reporting rows, and a corrective-action register tied to the hierarchy of controls.
Workplace Inspection Checklist
Structured proactive inspection checklist covering 10 zones of a typical healthcare workplace — reception, consult and treatment rooms, sterilisation, drug and vaccine storage, electrical and fire safety, manual handling and ergonomics, amenities, outdoor access, psychosocial environment and records. Pass/Fail/N/A grid plus action capture into the Hazard and Risk Register.
Manual Handling Policy
Manual handling and ergonomics policy aligned to regulation 60 of the WHS Regulations and the Safe Work Australia Hazardous Manual Tasks Code of Practice. Covers risk identification, four-factor assessment, hierarchy of controls, two-person lift rule (16 kg threshold), patient transfer, workstation ergonomics, training and incident response.
Psychosocial Hazards and Workplace Wellbeing Policy
Policy aligned to WHS Regulations 55A–55D and the Safe Work Australia Managing Psychosocial Hazards at Work Code of Practice (2022). Covers all 14 psychosocial hazard categories mapped to healthcare examples, identification through anonymous survey and check-ins, hierarchy of controls including work design, occupational violence response, critical incident debrief, EAP support, and post-Dec 2022 sexual harassment positive duty.
WHS Induction Checklist for New Workers
Structured WHS induction covering pre-commencement, Day 1 (welcome, WHS rights, emergency procedures), Week 1 (role-specific training, policies, psychosocial wellbeing) and 30-day check-in. Evidences the PCBU's discharge of section 19(3)(f) and is signed off by the worker, manager and WHS Officer.
Return to Work and Injury Management Procedure
Five-step procedure for managing work-related injury and illness aligned to state workers compensation legislation in NSW (icare/SIRA), VIC (WorkSafe), QLD (WorkCover), SA (ReturnToWorkSA), WA, TAS, ACT and NT. Covers RTW Coordinator role, 48-hour insurer notification, RTW plan, suitable duties, monitoring, claim closure, psychological injury, and a workers compensation register.
Emergency Evacuation Plan
Emergency evacuation plan aligned to regulation 43 of the WHS Regulations 2011 and AS 3745-2010 Planning for emergencies in facilities. Covers Australian Healthcare Emergency Codes (Red, Blue, Black, Yellow, Brown, Purple, Orange), Emergency Planning Committee and warden roles, RACE evacuation procedure, patient evacuation hierarchy, drills and recovery.
HR and Employment Templates
8 templatesStaff Orientation and Induction Checklist
Fair Work-aligned new starter checklist for Australian healthcare practices. Covers the employment-law side of onboarding — Fair Work Information Statement (and Casual or Fixed Term Information Statements where applicable), NES acknowledgement, TFN declaration, super choice form, written employment contract, payroll setup, modern award classification (Health Professionals Award 2020 or SCHADS Award 2010), and policy acknowledgements. Complements clinical, WHS and NDIS induction templates.
Position Description Template
Reusable position description template for healthcare roles. Captures the structural elements an employer should record under Fair Work record-keeping obligations: reporting line, modern award classification (Health Professionals Award 2020 or SCHADS Award 2010), key responsibilities, selection criteria, qualifications, registration and screening requirements, and inherent physical and psychosocial requirements. Pre-filled examples for practice manager, registered nurse, receptionist and support worker.
Probation Review Form
Three-stage probation review form (30, 60, and end-of-probation review) for healthcare employees. Designed to evidence a structured probation decision before the Fair Work Act minimum employment period expires (6 months, or 12 months for small business employers with fewer than 15 employees) — after which unfair dismissal claims become available under section 382. Includes performance ratings, values fit, training gaps, decision options (confirm, extend, end) and signature blocks.
Annual Performance Review Template
Annual performance review template for clinical and non-clinical healthcare staff. Covers goal review against the previous year, role-specific competency assessment, professional development and CPD plan, modern award classification check (for progression points), wellbeing check-in, and forward goals. Includes a structured rating scale and space for two-way feedback. Designed to support general protections compliance and constructive performance management under the Fair Work Act.
Flexible Working Arrangement Request Form
NES section 65 flexible working request form following the Fair Work Ombudsman template structure. Covers eligibility (12 months continuous service, or 12 months as a regular casual), grounds for request (parental, carer, disability, age 55+, family violence, family member experiencing family violence), the change requested, business impact discussion, employer response options, and the post-2023 obligation to genuinely try to reach agreement before refusing. Includes the dispute resolution pathway under FW Act s65B.
Workplace Bullying, Harassment and Sexual Harassment Policy
Employee-relations policy covering the three connected obligations under Australian law: workplace bullying (Fair Work Act Part 6-4B, with Fair Work Commission stop-bullying and stop-sexual-harassment orders under s789FC and s527F), sexual harassment (Sex Discrimination Act 1984 s28A and the positive duty in s47C in force from December 2023), and general workplace harassment. Covers definitions, complaint pathways, investigation procedure, support persons, confidentiality, retaliation protections, and outcomes. Complements the WHS Psychosocial Hazards Policy which covers prevention through work design.
Staff Confidentiality and Privacy Agreement
Individual confidentiality undertaking signed by each worker (employees, contractors, agency staff, volunteers and students on placement) acknowledging their obligations to keep patient health information, business information and My Health Record system data confidential. Designed to operationalise the practice's Privacy Policy at the individual worker level. Covers permitted use, prohibited disclosures, post-employment obligations, social media, breach consequences, and acknowledgement of the My Health Records Act criminal penalties for unauthorised access.
Staff Offboarding and Exit Checklist
Structured checklist for managing departing staff. Covers resignation acknowledgement, notice period calculation under the NES (FW Act s117), final pay obligations (unused annual leave, long service leave, redundancy where applicable), system access revocation aligned to the Computer and Information Security Policy, return of property, patient transition and clinical handover, knowledge transfer, exit interview, and Single Touch Payroll finalisation. Includes references for both employee-initiated resignation and employer-initiated termination.
Why use these templates?
Standards Aligned
Each template is mapped to specific criteria from RACGP, NDIS Practice Standards, or other Australian healthcare frameworks.
Ready to Customise
Pre-written with placeholder fields for your practice name, address, and specific procedures. Just fill in the blanks.
Based on Authoritative Sources
Built from publicly available government guidelines, regulatory standards, and accreditation body recommendations.
Be the practice the assessor compliments.
Set up your frameworks this weekend. Walk into your next visit with every criterion linked to current evidence, and nothing left to chase.