This section provide examples for how to implement Trusted Adviser disclosure consents.

<aside>

• On this page </aside>

Overview

Trusted adviser disclosure consents allow consumers to consent to an accredited data recipient, or CDR representative who holds their CDR data as service data, disclosing their CDR data outside the CDR system with certain professionals. These are professions that are considered to be appropriately regulated to receive CDR data, particularly due to consumer protection mechanisms that form part of their regulatory framework. This model facilitates access to relevant data for those working within these professions while ensuring that disclosure of data can only occur with a consumer’s consent.

In accordance with CDR Rule 1.10C, the accredited data recipient or CDR representative:

• can invite a CDR consumer to nominate one or more trusted advisers.
• has taken reasonable steps to confirm that the trusted adviser is a member of one of the classes outlined in CDR Rule 1.10C(2).
• must not make a trusted advisor disclosure consent a condition for supply of the goods or services requested by the CDR consumer, except where the only good or service that is requested by the CDR consumer is for CDR data to be collected from a data holder and provided to a trusted adviser.

A high level example of the potential relationship between the initial collect and use consent between the data recipient and a data holder, and a disclosure consent for data recipient to share CDR to a Trusted Adviser.

For further guidance, see OAIC's Trusted advisers in the Consumer Data Right system.

Wireframes and guidelines

<aside> <img src="/icons/info-alternate_gray.svg" alt="/icons/info-alternate_gray.svg" width="40px" />

Note: The wireframes shown are examples of how to implement key rules, standards, and guidelines. Use the on-screen functions to adjust zoom level or expand the wireframes to be viewed at full screen.

</aside>

Detached flow - default example

The following wireframes show a basic example of a Trusted Adviser disclosure consent requested by an accredited data recipient. In this example,

• the consumer has selected their preferred trusted adviser during pre-consent;
• the collection/use consent has already been separately established, allowing a disclosure consent to be requested in a separate consent flow.

This pattern could, for example, apply when an ADR provides a ‘data wallet’ service to a CDR consumer. In this hypothetical scenario, the consumer provides a collection and use consent to the ADR to locate and offer goods and services on an ongoing basis. For example, the ADR might identify a need for an accountant and offer this service to the consumer. If the consumer wants to proceed, they are first invited to select an accountant as a TA, and then provide a TA disclosure consent.

Equivalent rules for CDR representatives can be found in the CDR rules Division 4.3A.