This section covers how data holders may ask a consumer to authorise the disclosure of CDR data.
<aside> <img src="/icons/info-alternate_gray.svg" alt="/icons/info-alternate_gray.svg" width="40px" /> New CX Guidelines URL September 21, 2023
The CX guidelines have been re-launched on a new domain: cx.cds.gov.au
For more information, refer to Change log: Consumer Experience (CX) Guidelines
</aside>
<aside>
In accordance with CDR Rule 4.24, the authorisation process must not:
In addition, CDR Rule 4.22 states that a data holder’s processes for asking a CDR consumer to give or amend an authorisation must:
Authorise is the third stage of ‣.
The Authorise stage typically consists of two steps:
Account selection
At this step, the consumer can select the accounts they would like to share data from.
Confirmation
At this step, the consumer can review and confirm what they are allowing the data recipient to access.
The below CX Guidelines cover variations for the authorisation process. Note: The Account selection and Confirmation steps are conflated in this section.
A high level example of the relationship between Account selection and Confirmation, the two main steps in Authorisation.
These guidelines provide examples for how to implement the authorisation flow for common scenarios. Read more about Authorisation to disclose.