Switch from DocuSignSee how it works →
For Australian allied health & NDIS providers

Consent, captured the right way.

Service agreements, treatment consent, and information-sharing consent signed by participants on their own device — retained for the NDIS Practice Standards and APP 11.

Australian-regulated health data only. KoalaDoc is not a HIPAA Business Associate and a BAA is not available today. Do not upload US Protected Health Information. See our security page for the full position.

Australian physiotherapist working with an older client in a clinic
Use cases

The paperwork your team sends every week.

NDIS participant service agreements

Standard NDIS service agreements with schedules of supports, signed by participant or nominee.

Consent to treatment

Treatment-specific consent forms with capacity, risks, and revocation language built in.

Telehealth consent

Pre-appointment consent with recording, identification, and emergency contact fields.

Information sharing between providers

Signed consent for AU-to-AU clinical information sharing, retained per participant.

Plan management & plan nominee forms

Plan management service agreements and nominee declarations.

Practice intake & onboarding

New-client intake bundles: agreement, consent, privacy notice, and direct debit in one envelope.

How it works

From draft to signed PDF in minutes.

  1. 1

    Template once

    Build your intake or consent template per service type.

  2. 2

    Send via SMS

    Participants sign on their own phone before the appointment.

  3. 3

    Capture capacity

    Add nominee fields, witness fields, or capacity declarations.

  4. 4

    File per participant

    Sealed PDF retained for the NDIS Practice Standards period.

Regulatory & security requirements in Australia

What your regulator expects — and how KoalaDoc maps to it.

We describe how our features support each obligation. We don't claim certifications we haven't earned — see the security page for the full picture.

Privacy Act 1988 — APPs (incl. APP 11) + sensitive-info rules

OAIC

Explicit consent captured with timestamp and audit trail. Sensitive health information stored AES-256 encrypted in Sydney with row-level and role-based access control.

My Health Records Act 2012

Australian Digital Health Agency

KoalaDoc does not integrate with the My Health Record system. We host service agreements and consent forms only; we do not transmit or receive MHR data.

NDIS Practice Standards + NDIS Code of Conduct

NDIS Quality and Safeguards Commission

Documented participant consent and service agreements with the long-term retention the Practice Standards expect, exportable per participant for audits.

State Health Records Acts

HRA VIC · HRIPA NSW · HRA ACT

AU-only data residency (ap-southeast-2), AES-256 at rest, and an NDB-aligned incident response process to support state breach notification obligations.

AHPRA / National Law professional record-keeping

AHPRA

Per-client envelope grouping and an immutable audit trail support the record-keeping standards for AHPRA-registered practitioners.

FAQ

The questions we hear most.

Can we use KoalaDoc for US patient PHI?

No. KoalaDoc is not HIPAA-eligible today and we are not a Business Associate. Do not upload US Protected Health Information. HIPAA-eligible deployment is on our longer-term roadmap — see our security page for the honest current status.

What about AU clinical records?

Storing service agreements, consent forms, and clinical communications for Australian patients is supported. Data stays in Sydney and is handled under APP 11.

Can a participant's nominee sign on their behalf?

Yes. Add a nominee role to the envelope with capacity and authority fields. The signed record captures who signed in what capacity.

Built for Australia

Compliance isn't a tick-box. It's the foundation.

ETA 1999

Every envelope satisfies the Electronic Transactions Act 1999, with tamper-evident PDFs and trusted UTC timestamps.

Sydney data residency

Your documents never leave Australia. Encrypted at rest with AES-256, hosted in ap-southeast-2.

Privacy Act 1988

APP-aligned data handling. Export and deletion workflows for end-to-end Australian privacy compliance.

Breach notifications

Built-in incident response with the Notifiable Data Breaches scheme — owners and admins are alerted immediately.

Try KoalaDoc free for seven days.

No credit card. No subscription. Send your first envelopes on us and decide afterwards.

Get started for free