FREQUENTLY ASKED QUESTIONS
If I was not a NDIS registered Provider, or did not receive NDIS funding in 2017/18 am I still able to participate in the Survey process?
Yes you can still participate. We understand the staged nature of the NDIS roll-out and some Providers may not yet be NDIS-registered. The focus of the Survey is on the cost of services, it does not matter if you were NDIS funded or not.
How strong is the anonymisation process?
Peer Groups used in the reports are very conservatively selected to minimise re-identification risks while still providing a meaningful point of comparison against providers.
Anonymisation processes are independently verified in combination with data suppression rules by expert advisor, Professor Louisa Jorm from the University of NSW.
Data suppression prevents readers of the Sector Summary Report and the Provider Reports from re-identifying individual providers from Sector and Peer Group results. Suppression works across the reports so that it is not possible to gain additional information through cross- referencing. Where the reports present Sector or Peer Group metrics for a small group of fewer than five providers then the population number will show “<5”, and the Sector population number will display “np” (short for not published).
What happens if the NDIA asks AbleInsight for our Survey?
AbleInsight is contractually obliged to maintain the anonymity of provider-level information collected via the Survey. Consequently, individual Survey submissions and Provider Reports are not subject to NDIA review.
If the NDIA makes a request to see specific provider data, AbleInsight will contact those providers seeking express written permission to release the requested data. You are not obliged to grant permission, no provider level data will be released to the NDIA or any other third party such as peak bodies without your express written permission.
How secure is the data we send you?
AbleInsight retains control over the Benchmarking Survey data and applications within a secure Amazon Web Services (AWS) environment. We also retain responsibilities relating to the security of that content as part of the AWS ‘shared responsibility’ model. Broadly the shared responsibility roles are:
AWS manages the security ‘of the cloud’ things like data centre security and physical access
AbleInsight manages security ‘in the cloud’, things like password policy, firewalls and disclosure control for providers’ data.
The Benchmarking Survey applications and Data Storage is built on top of some of the most secure computing infrastructure in the world, compliance with IT security standards, includes: SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70); SOC 2; SOC 3; FISMA, DIACAP, and FedRAMP; DOD CSM Levels 1-5; PCI DSS Level 1; ISO 9001 / ISO 27001; ITAR; FIPS 140-2; and MTCS Level 3.
AWS environment security controls can be validated through AWS certifications and reports, including the AWS Service Organization Control (SOC) 1, 22 and 33 reports, ISO 270014, 270175 and 270186 certifications and PCI DSS7 compliance reports. These reports and certifications are produced by independent third party auditors and attest to the design and operating effectiveness of AWS security controls.
What will be on the individual report I receive?
You can see a sample report from Collection 2 here. (Links to C2 mocked up provider report). The Collection 3 report is expected at this stage to be very similar in structure. Reports for Providers participating in their second or third Collection will see an accumulation of results over time in their Reports.
What do I do if I have problems filling out the survey?
If you have any questions or issues filling out the survey, please contact Therese Flood at AbleInsight on firstname.lastname@example.org or ring 02 9264 6050
What if I require additional support filling out the survey?
AbleInsight can provide an in person site visit or video conference to assist you with completing the survey. We are also here to answer any questions you might have via phone or e-mail.
How should we treat trainees who are not on our payroll, but perform support worker functions?
The trainees should be included as volunteers. This way they will not distort the ratios in your report.
How should ‘shared management services’ be treated? i.e. our organisation holds funds on behalf of our clients and make payments to other providers on the instructions of our clients.
These services are outside the scope of the Survey, they should be excluded.
What postcode should I use for the Organisation when I complete the survey?
This should be the postcode that the business is registered in, or if the organisation has multiple sites, where the head office is located.
What if I don’t have exact figures for the 2017/18 financial year?
It is fine for providers to use their best judgement to estimate figures. We understand that some staff may work across multiple service lines and that the uniqueness of clients may fall outside the categories listed in the survey tool.
What if the fortnight including the week beginning Monday the 21/05/18 is not a typical fortnight?
We suggest that you choose another fortnight that represents a ‘normal’ two week period. Please make a note of this in the comments box at the bottom of both Section 4 and 6 when completing the survey.