Overview

Insight disclosure consents allow consumers to consent to share CDR insights outside the CDR system with specified persons for a range of prescribed purposes. This increases consumers’ ability to engage with unaccredited parties in a way that limits the data they share to only what is necessary for the prescribed purpose.

As per the CDR rules, insight disclosure consents permit accredited data recipients, or CDR representatives that hold the CDR data as service data, to disclose data to a specified person for one or more of the following purposes:

verifying the consumer’s identity;
verifying the consumer’s account balance;
verifying the details of credits to or debits from the consumer’s accounts; but
where the CDR data relates to more than one transaction - does not authorise the accredited data recipient to disclose an amount or date in relation to any individual transaction

An insight disclosure consent is not a permitted use or disclosure if the CDR insight includes or reveals sensitive information within the meaning of the Privacy Act 1988.

A high level example of the potential relationship between the initial collect and use consent between the data recipient and a data holder, and a disclosure consent for data recipient to share insights to a non-accredited person for a specified purpose.

For further guidance, see OAIC's CDR insights.

Wireframes and guidelines

<aside> <img src="/icons/info-alternate_gray.svg" alt="/icons/info-alternate_gray.svg" width="40px" /> Note: The wireframes shown are examples of how to implement key rules, standards, and guidelines. Use the on-screen functions to adjust zoom level or expand the wireframes to be viewed at full screen.

</aside>