|Document||Version||Date released||Change log|
The Data Standards Body (DSB) recognises that the consumer experience is critical to success for the CDR regime. To help provider CDR consumers with simple, informed, and trustworthy data sharing experiences, the DSB has developed Consumer Experience (CX) Standards and Guidelines that identify a number of key elements to be aligned to across the regime.
The latest version of the CX Standards and CX Guidelines can be found on this page and have also been incorporated into the general technical standards on GitHub.
The CDR Rules (8.11) require data standards to be made for:
- obtaining authorisations and consents, and withdrawal of authorisations and consents;
- the collection and use of CDR data, including requirements to be met by CDR participants in relation to seeking consent from CDR consumers;
- authentication of CDR consumers
- the types of CDR data and descriptions of those types to be used by CDR participants in making and responding to requests
The CX Guidelines contain guidance and examples for putting key standards and CDR Rules into effect. As stated in the CDR Rules Explanatory Statement, ‘at a minimum, accredited persons will be guided by the language and processes of guidelines produced by the DSB.’ The CX Workstream emphasises that aligning to the non-mandatory items in the CX Guidelines will help achieve consistency, familiarity and, in turn, facilitate consumer trust and adoption.
The obligations on CDR participants to apply the published standards commence on the commencement of the Consumer Data Right rules:
- where the rules require compliance with the standards, non-compliance with the standards may constitute a breach of the rules.
- where the standards are specified as binding standards as required by the Consumer Data Right rules for the purposes of s56FA of the legislation, they apply as under contract between a data holder and an accredited data recipient. The legal effect of binding standards as between data holders and accredited data recipients is fully set out in s56FD and s56FE of the legislation.
Feedback will also be accepted via email to email@example.com. In accordance with the regular practice of the Data Standards Body, email submissions will be posted on GitHub and the CX consultation page to ensure transparency of the consultation process.
Where participants believe they have sensitive information to convey we will consider those discussions and give guidance on our preferred disclosure approach prior to meeting to discuss such issues. To discuss, please email us at firstname.lastname@example.org.