Wireframe ref | Type | Requirement level | Statement | Reference | Checklist ref | Focus area |
---|---|---|---|---|---|---|
01 | CDR Rule | MUST | (1) Subject to subrule (5), an accredited person must provide each eligible CDR consumer on whose behalf the accredited person makes a consumer data request with an online service that: (a) can be used by the CDR consumer to manage: (i) such requests; and (ii) associated consents; and (b) contains the details of each consent specified in subrule (3) and the information specified in subrule (3A); | CDR Rule 1.14(1)(a)(b) | 4CM1.00.01 | |
02 | CDR Rule | MUST | (2) Such a service is the accredited person’s consumer dashboard for that consumer. | CDR Rule 1.14(2) | 4CM1.00.02 | |
03 | CDR Rule | MUST | (1) An accredited person must update a CDR consumer’s consumer dashboard as soon as practicable after the information required to be contained on the dashboard changes. | CDR Rule 4.19 | 4CM1.00.03 | |
04 | CDR Rule | MUST | (3) For paragraph (1)(b), the information is the following for each consent: (g) if the consent is not current—when it expired; | CDR Rule 1.14(3)(g) | 4CM1.00.04 | |
05 | CDR Rule | MUST | (3) For paragraph (1)(b), the information is the following for each consent: (b) for a use consent―details of the specific use or uses for which the CDR consumer has given their consent; | CDR Rule 1.14(3)(b) | OAIC Chapter C: Consent (Data minimisation principle) | 4CM1.00.05 | |
06 | CDR Rule | MUST | (3) For paragraph (1)(b), the information is the following for each consent: (c) when the CDR consumer gave the consent; | CDR Rule 1.14(3)(c) | 4CM1.00.06 | |
07 | CDR Rule | MUST | 3) For paragraph (1)(b), the information is the following for each consent: (f) if the consent is current—when it is scheduled to expire; Note 1: For paragraph (f), consents expire at the latest 12 months (or 7 years for certain consents by a CDR business consumer) after they are given or, in some circumstances, amended: see paragraph 4.14(1)(c). | CDR Rule 1.14(3)(f) | 4CM1.00.07 | |
08 | CDR Rule | MAY | (5) A copy of the CDR receipt may be included in the CDR consumer’s consumer dashboard. | CDR Rule 4.18(5) | 4CM1.00.08 | |
09 | CDR Rule | MUST | (1) Subject to subrule (5), an accredited person must provide each eligible CDR consumer on whose behalf the accredited person makes a consumer data request with an online service that: (c) has a functionality that: (i) allows a CDR consumer, at any time, to: (A) withdraw current consents; and (ii) is simple and straightforward to use; and (iii) is prominently displayed. | CDR Rule 1.14(1)(c)(i)(A),(ii),(iii) | 4CM1.00.09 | |
10 | CDR Rule | MAY | (2A) The consumer dashboard may also include a functionality that allows a CDR consumer to amend a current consent. | CDR Rule 1.14(2A) | 4CM1.00.10 | |
11 | CDR Rule | MUST | (3) For paragraph (1)(b), the information is the following for each consent: (a) details of the CDR data to which the consent relates; | CDR Rule 1.14(3)(a) | 4CM1.00.11 | |
12 | CDR Rule | MUST | (3) For paragraph (1)(b), the information is the following for each consent: (h) information relating to CDR data that was collected or disclosed pursuant to the consent (see rules 7.4 and 7.9); | CDR Rule 1.14(3)(h) | 4CM1.00.12 | |
13 | CDR Rule | MUST | (1) For section 56EH of the Act, and subject to subrule (2), an accredited data recipient that collected the CDR data in accordance with section 56EF of the Act as a result of a collection consent must update the person’s consumer dashboard as soon as practicable to indicate: (a) what CDR data was collected; and (b) when the CDR data was collected; and (c) the CDR participant for the CDR data from which the CDR data was collected. | CDR Rule 7.4(1) | CDR Privacy Safeguard Guidelines: Privacy Safeguard 5 | 4CM1.00.13 | |
14 | CDR Rule | MUST | (3) For paragraph (1)(b), the information is the following for each consent: (d) whether the consent applies: (i) on a single occasion; or (ii) over a period of time; | CDR Rule 1.14(3)(d) | 4CM1.00.14 | |
15 | CDR Rule | MUST | (3) For paragraph (1)(b), the information is the following for each consent: (e) if a collection consent or disclosure consent applies over a period of time: (i) what that period is; and (ii) how often data has been, and is expected to be, collected or disclosed over that period; | CDR Rule 1.14(3)(e) | 4CM1.00.15 | |
16 | CDR Rule | MUST | (8) For paragraph 56ED(7)(b) of the Act, a CDR participant must make its CDR policy readily available through each online service by means of which the CDR participant ordinarily deals with CDR consumers. (9) For subsection 56ED(8) of the Act, if a copy of a the CDR participant’s policy is requested by a CDR consumer, the participant must give the CDR consumer a copy: (a) electronically; or (b) in hard copy; as directed by the consumer. | CDR Rule 7.2(8), (9) | 4CM1.00.16 | |
17 | CX Guideline | MAY | Data recipients and data holders should provide the consumer with a contextual 'walkthrough’ or ‘tutorial' to introduce them to the concept of the dashboard if they are not familiar with it. | 4CM1.00.17 | ||
18 | CX Guideline | MAY | Data recipients should prioritise information that is important to consumers. This may include using tabs (e.g. active, pending, archived), or presenting key details up front, such as when consent was granted. | 4CM1.00.18 | ||
19 | CX Guideline | MAY | Data recipients should allow consumers to search, sort, and filter their data sharing arrangements in a way that is aligned to the outcomes consumers are seeking. For example, a consumer may want to sort by data recipient, data cluster, or by a user-defined tag. | 10 Usability Heuristics for User Interface Design: Flexibility and efficiency of use (Nielsen) | 4CM1.00.19 | |
20 | CX Guideline | MAY | Data recipients should organise consents by data holder brand names in a way that is consistent with how data holders are referenced in the provider/data holder selection step when consent is first being sought. | 4CM1.00.20 | ||
21 | CX Guideline | MAY | Data recipients should allow consumers to create user-defined tags, names, and/or descriptions (e.g. home deposit) for each data sharing arrangement. | 4CM1.00.21 | ||
22 | CX Guideline | MAY | Data recipients should include a link to the data holder's specific page on www.cdr.gov.au/find-a-provider for verification purposes. | 4CM1.00.22 | ||
23 | CX Guideline | MAY | Data recipients should organise consents by referring to the use case/purpose, the brand name, and software product name to aid consent and authorisation recognitions and management across dashboards. | 4CM1.00.23 | ||
24 | CX Guideline | MAY | Data recipients should show the status of the consent, which may refer to it being 'active', 'cancelled', 'expired', or relating to a 'once-off’ instance of sharing. | 4CM1.00.24 | ||
25 | CX Guideline | MAY | Data recipients should prioritise information that is important to consumers and structure the presentation in a way that reduces cognitive overload. This may include progressive disclosure design patterns (e.g. accordion menus), UX writing (e.g. microcopy), and visual aids (e.g. to display time-based qualities of consent). | 4CM1.00.25 | ||
26 | CX Guideline | MAY | Data recipient dashboards should display which accounts they are collecting data from to facilitate consumer comprehension and consent management. | 4CM1.00.26 | ||
27 | CX Guideline | MAY | Data recipients should allow consumers to download and/or request a copy of their CDR Receipt(s). | 4CM1.00.27 | ||
28 | CX Guideline | MAY | Consumers may be allowing a data recipient to collect, use, and disclosure their data according to the varying types of consents. This means 'sharing' may not always be the most appropriate or flexible language to use. Data recipients should tailor language to the consent type, but may consider using generic terms such as 'access' to apply to the range of consent types. CX research suggested this language was comprehensible. If a generic term is used to apply to an array of consent types or actions, data recipients should provide additional explanations to clarify what the precise consent types or actions mean in the context of that term. | 4CM1.00.28 | ||
29 | CX Guideline | MAY | Data recipients may allow consumers to add or remove accounts from an existing consent. This process may be initiated by the ADR, such as by inviting them to add new account types to an existing consent, or by allowing the consumer to trigger this process on their ADR consumer dashboard. The account amendment process should trigger the consent flow and DH authentication/authorisation process to add or remove the account(s) from the associated authorisation. Data recipients should supply the relevant cdr_arrangement_id to the DH when seeking to have a current authorisation amended. | 4CM1.00.29 | ||
30 | CX Guideline | MAY | Data recipients should explain how the time period complies with the data minimisation principle (DMP) for data that is yet to be generated (e.g. for an ongoing consent) as well as historical data (e.g. for a collection on a 'single occasion'). Example DMP statement for data that is yet to be generated: We're accessing your data for 12 months so [we can update your financial position in real-time] to [deliver accurate and tailored personal financial management]. Example DMP statement for historical data: We're accessing data that dates back to [earliest date of record] so [we can assess seasonal changes] to [provide an accurate energy comparison]. | 4CM1.00.30 | ||
31 | CX Guideline | MAY | Data recipients should present purpose in relation to each data cluster unless this statement applies equally to all datasets. If the statement applies equally to all datasets, data recipients should present this to the consumer clearly in relation to all of the datasets. This information should clearly communicate the purposes and benefits of data sharing to the consumer. | 4CM1.00.31 | ||
32 | CX Guideline | MAY | Privacy Safeguard 5 For ongoing data sharing: Data recipients may include the date range between which CDR data will be collected (dates of initial and final collection), as well as frequency of data collection. For single or ‘once-off’ disclosure: Data recipients may include the date on which the CDR data was collected (date of initial collection). Note: The example provided is context dependent. Please refer to Privacy Safeguard 5 for more guidance. | CDR Rule 7.4 | CDR Privacy Safeguard Guidelines: Privacy Safeguard 5 | 4CM1.00.32 | |
33 | CX Guideline | MAY | Data recipients should use the phrases ‘Granted’, 'Expire' and ‘Sharing period’ to refer to the time-based qualities of the data sharing arrangement. | 4CM1.00.33 | ||
34 | CDR Rule | MUST | (1) Subject to subrule (5), an accredited person must provide each eligible CDR consumer on whose behalf the accredited person makes a consumer data request with an online service that: (c) has a functionality that: (i) allows a CDR consumer, at any time, to: (B) elect that redundant data be deleted in accordance with these rules and withdraw such an election; and (ii) is simple and straightforward to use; and (iii) is prominently displayed. | CDR Rule 1.14(1)(c)(i)(B),(ii),(iii) | 4CM1.00.34 | |
35 | CDR Rule | MUST | (3A) For paragraph (1)(b), the other information is: (a) a statement that the CDR consumer is entitled to request further records in accordance with rule 9.5; and (b) information about how to make such a request. | CDR Rule 1.14(3A) | 4CM1.00.35 | |
36 | CDR Rule | MUST | (2) A CDR consumer may request an accredited data recipient for copies of records relating to the information referred to in: (a) paragraphs 9.3(2)(a), (b), (c), (d), (da), (e), (ea), (eb), (ec), (ed), (ee), (ef), (eg), (f) and (m); and (b) paragraphs 9.3(2A)(d), (e), (f), (g), (ga), (h), (ha), (hb), (hc), (i) and (o); that relates to the CDR consumer. | CDR Rule 9.5(2) | 4CM1.00.36 | |
37 | CX Guideline | MAY | Data recipients are encouraged to surface information on dispute resolution and making a complaint. This may include: • a link to the complaints section of the ADR’s CDR policy; and/or • a summary of the complaint handling process. | CX Research: 2020 Phase 3, Round 4 and 5 report | 4CM1.00.37 | |
38 | CX Guideline | MAY | Data recipients can refer to accounts using recognised nicknames, icons, account numbers, and account type. They can also include any known information on other elements the account may refer to such as any related plans, services, properties, numbers, and products. | 4CM1.00.38 | ||
39 | CX Guideline | MAY | Data recipients are encouraged to surface information about data deletion found in their CDR policy along with a link to read this policy. This may include: • when and how redundant data is deleted; • how a CDR consumer may elect for this to happen. | CDR Rule 7.2(4)(k) | 4CM1.00.39 | |
40 | CX Guideline | MAY | Data recipients should surface information about the data deletion process: • when data will be deleted; • why data may need to be retained (e.g. business or legal reasons); • how the data will be deleted, this may include timeframes. | CDR Rule 7.2(4)(k) | CX Research: Phase 3, Round 3 report; 2021 Disclosure Consent report | 4CM1.00.40 | |
41 | CX Guideline | MAY | These wireframes demonstrate what a consumer might see where an ADR has a policy to delete redundant data by default. As per CDR Rule 1.14(1)(c)(i)(B), where an ADR will de-identify redundant data instead of deleting it, the ADR is required to provide the consumer with the ability to elect that redundant data be deleted instead. ADRs should consider providing this functionality in a way that is consistent with any other data handling information and functionality, and may surface the right to delete election in a location similar to the 'Data handling' component found on this screen. | 4CM1.00.41 | ||
42 | CX Guideline | MAY | CX research suggested that further information on data handling, including from government sources, can aid comprehension and confidence for Sceptics, Assurance Seekers and Sensemakers. Based on these insights, data recipients are encouraged to provide a link to OAIC’s guidance on Privacy Safeguard 12, which outlines information on data security and redundant data handling. | CDR Privacy Safeguard Guidelines: Privacy Safeguard 12 | CX Research: 2021 Disclosure Consent report | 4CM1.00.42 |