Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CX Guidelines | Updates stemming from 2024 Consent Review changes #674

Open
CDR-CX-Stream opened this issue Oct 2, 2024 · 4 comments
Open

CX Guidelines | Updates stemming from 2024 Consent Review changes #674

CDR-CX-Stream opened this issue Oct 2, 2024 · 4 comments
Assignees
@CDR-CX-Stream
Labels
CX guideline Issues or requests related to CX guidelines.

Comments

@CDR-CX-Stream
Copy link
Member

CDR-CX-Stream commented Oct 2, 2024
edited
Loading

Description

In August 2024, the Treasury conducted a consultation on proposed consent and operational enhancement amendments to the CDR Rules. The DSB simultaneously consulted on Decision Proposal 350 to outline the expected changes to the standards to support the proposed rules.

This issue outlines the anticipated updates to the CX Guidelines that will be required to reflect the expected rules and standards changes.

The community are invited to provide feedback on these draft CX guideline changes ahead of any final rules or standards changes to expedite their release. Additional requests for guidance to support the proposed rules and standards can also be made in this thread.

The final CX guidelines will necessarily adjust to the final rules or standards, and as such these draft artefacts are subject to change and should not be interpreted as finalised guidance.

N.B. the draft CX guidelines only outline where a proposed rule and standards change has an associated user interface or consumer experience component. As noted in DP350, CDR agencies will not provide guidance on the proposed nominated representative changes until any relevant rules are made.

Intention and Value of Change

The DSB publishes CX guidelines to assist participants with implementation of the CDR. The publication of draft CX Guidelines will allow the community to provide feedback on proposed changes and seek further clarifications where necessary.

Consulting on these draft guidelines before the associated rules and standards are finalised will allow their release to be expedited to facilitate implementation. The final artefacts will be published on the CX Guidelines website pending this consultation and the making of any final rules and standards.

These draft guidelines will be discussed with CDR agencies in conjunction with this consultation to ensure alignment before publishing.

N.B. The CX guidelines shared in this issue are in draft state and represent proposed rules and standards that have not been made. These wireframes should not be taken as definitive guidance of compliance with the rules and should not be considered as legal or compliance references for the purposes of implementation.

Areas affected

Changes are expected to impact all variants in the following areas of the CX guidelines:

New item or change proposed

Many changes will be mirrored across multiple flows. For example, many of the draft changes to the default data recipient dashboard will be also reflected in the other data recipient dashboard guidance, such as for amended consents, disclosure consents and withdrawals. As such, we intend to consult on the following subset of flows:

Feedback

The DSB invites community feedback on these artefacts and any other CX guidelines seen as necessary to support the proposed August 2024 rules and associated data standards. This issue will be progressed in MI21.

⚠️ Disclaimer ⚠️
The CX Guidelines provide optional implementation examples for key rules, standards, and best practice recommendations.

They demonstrate key aspects of the consent model, but certain areas may be considered out of scope. This may include, for example, where the rules and/or standards are silent or non-prescriptive to provide CDR participants with flexibility or discretion according to their own systems or protocols.

❗The CX Guidelines span policy, rules, standards, and best practice, so requests will be considered on a case by case basis and timings may not fall within a Maintenance Iteration cycle.

Importantly, the CX Guidelines are optional to follow, but the CDR rules require CDR participants to have regard to them. The CX Standards differ in that they are binding data standards that must be followed.

Edited 17.10.2024 to add consultation links and details for CDR Receipts and 90-day notification guidance
Edited 22.11.2024 to add a consultation link and details for Consent Management (Data recipient): Collection and use - Default example
Edited 10.12.2024 to add consultation links and details for Collection and use consent: Default example and Collection and use consent: Using outsourced service providers
@CDR-CX-Stream CDR-CX-Stream self-assigned this Oct 2, 2024
@CDR-CX-Stream CDR-CX-Stream added the CX guideline Issues or requests related to CX guidelines. label Oct 2, 2024
@CDR-CX-Stream CDR-CX-Stream changed the title [CX Guidelines | Updates stemming from 2024 Consent Review changes CX Guidelines | Updates stemming from 2024 Consent Review changes Oct 2, 2024
@CDR-CX-Stream
Copy link
Member Author

We’re pleased to share for consultation the following draft guidance:

  • [NEW] Notifications: CDR Receipts
    • New CX artefacts and requirements relating to CDR Receipts. These artefacts provide implementation examples to reflect the proposed updated rules and new standards relating to CDR Receipts, including Notification Standards, CDR Receipts: Delivery and Notification Standards, CDR Receipts: Content.
  • [NEW] Notifications: 90 day notifications
    • New CX artefacts and requirements relating to 90-day notifications. These artefacts provide implementation examples to reflect the proposed updated rules and new standards relating to 90-day notifications, including Notification Standards, 90-day notifications: Delivery and Notification Standards, 90-day notifications: Content.

We invite community feedback via this thread. Your input, questions and comments will help us refine the guidance, allowing us to expedite their release following the finalisation of the rules and standards.

Please remember that this guidance is shared in draft state, representing proposed rules and standards that have not been made. This should not be taken as definitive guidance of compliance, and should not be considered as legal or compliance references for the purpose of implementation.

The original post has been updated to include these links.

@CDR-CX-Stream CDR-CX-Stream mentioned this issue Oct 23, 2024
Closed
This was referenced Nov 12, 2024
Open
Open
@CDR-CX-Stream
Copy link
Member Author

Following the making of the amended rules and new standards, the DSB has prepared additional draft guidance for community feedback.

In response to past requests for more descriptive information on what has changed in each release, we have provided draft Change Log wording below. We have also used symbols and markup in the annotations frame in Figma to help clarify what type of change has been made to the annotation. Please refer to the key at the top of the annotations frame for more details. Note that this format will only be used during this consultation window. Finalised and published guidance on the cx.cds.gov.au website will not include this level of detail. We seek feedback on the Change Log and marked up annotations, and whether participants find these valuable.

Consent Management (Data recipient): Collection and use - Default example

Updated CX artefacts and requirements relating to Consent Management (Data recipient): Collection and use - Default example. This includes:

  • Visual, UI and Experiential updates to reflect the new rules and standards requirements, including updates to the dashboard information architecture to account for bundled consents, which may include both "incoming" and "outgoing" data requests
  • Rules changes
    • new and updated rule references to reflect renumbered and reworded rules for ADR dashboards, including that the dashboard be readily accessible (new checklist item: 4CM1.00.43; updated checklist items: 4CM1.00.09, 4CM1.00.10, 4CM1.00.34).
    • the retirement of an existing rules requirement relating to CDR receipts due to its removal from the rules package (retired checklist item: 4CM1.00.08)
  • Standards changes
    • new CX standard relating to CDR Receipt delivery (new checklist reference 4CM1.00.44)
  • Guidelines changes
    • updates to existing CX guidelines to reflect updated rules references and minor wording and formatting changes (updated checklist items: 4CM1.00.40, 4CM1.00.41)
    • the proposed retirement of an existing CX guideline to help streamline the dashboard, removing detail previously recommended—but not required—to be included. This is intended to align with the government’s objectives of increasing CDR uptake and reducing obligations for CDR participants (proposed to be retired checklist reference 4CM1.00.39)

We invite community feedback via this thread.

Please remember that this guidance is shared in draft state. This should not be taken as definitive guidance of compliance, and should not be considered as legal or compliance references for the purpose of implementation.

The original post has been updated to include these links.

The CX team are working to finalise additional draft CX guidelines to reflect the published rules. These will be posted here in the coming weeks for community input.

@CDR-CX-Stream
Copy link
Member Author

The DSB has prepared additional draft guidance for community feedback.

As outlined in the previous comment, we are providing draft Change Log, as well as using symbols and markup in the annotations frame in Figma to help clarify what type of change has been made to the annotation. We seek feedback on whether participants find these artefacts valuable for consultation.

Collection and Use: Default example

Updated CX artefacts and requirements relating to Collection and Use Consent: Default example. This includes:

  • Visual, UI and Experiential updates to reflect the new rule and standard requirements
  • Rules changes
    • new annotations relating to:
      • information that must be given to a consumer during the consent process (new checklist reference 1CO.02.51)
      • CDR Receipts (new checklist reference 1CO.02.52)
    • updates to existing rules requirements relating to requirements for:
      • seeking consent including bundling (updated checklist references 1CO.00.03, 1CO.00.04, 1CO.02.08 and 1CO.02.22)
      • allowing data recipients to seek agreement to certain consent elements as presented to the consumer (updated checklist references 1CO.02.06, 1CO.02.09, 1CO.02.10 and 1CO.02.12)
      • information that must be given to the consumer during consent (updated checklist references 1CO.02.07 and 1CO.02.15)
      • CDR Receipts (updated checklist reference 1CO.02.23)
    • the retirement of existing rules requirements due to their removal from the rules (retired checklist references 1CO.02.14, 1CO.02.24 and 1CO.02.25)
    • the proposed retirement of rules annotations that — while not removed from the rules package — have been removed from this artefact for simplicity, or because they are no longer relevant to the flow (proposed to be retired checklist references 1CO.01.01, 1CO.02.16, 1CO.02.17, 1CO.02.20 and 1CO.02.21)
  • Standards changes
    • new CX standard relating to CDR Receipt delivery (new checklist reference 1CO.02.53)
    • the proposed retirement of standards annotations that — while not removed from the standards — have been removed from this artefact to simplify the consent flow (proposed to be retired checklist references 1CO.02.44 and 1CO.02.45)
  • Guidelines changes
    • new CX guidelines relating to CDR Receipt delivery and the transitional provisions for CDR Receipts (new checklist references 1CO.02.54 and 1CO.02.55)
    • proposed updates to existing CX guidelines to better clarify expectations (proposed to be updated checklist references 1CO.02.35, 1CO.02.36, 1CO.02.40)
    • the proposed retirement of CX guidelines and standards to help streamline the consent flow by removing detail previously recommended, but not required, to be included in the consent flow, to align with the government’s objectives of increasing CDR uptake and reducing obligations for CDR participants (proposed to be retired checklist references 1CO.02.38, 1CO.02.39, 1CO.02.42, 1CO.02.43, 1CO.02.44 and 1CO.02.46)

Collection and Use: Using outsourced service providers

Updated CX artefacts and requirements relating to Collection and Use Consent: Using outsourced service providers. This includes:

  • Visual, UI and Experiential updates to reflect the new rule and standard requirements
  • Rules changes
    • new rule requirement relating to the transitional provision for information about OSPs that must be given during consent (new checklist reference 1CO.03a.07)
    • updates to existing rules requirements relating to information that must be given during the consent flow about OSPs (updated checklist reference 1CO.03a.02)
  • Guidelines changes
    • new CX guidelines to:
      • recommend appropriate interventions to mitigate cognitive load in relation to information about OSPs (new checklist reference 1CO.03a.08)
      • clarify the transitional provision relating to the amended rules for information that must be given during the consent flow about OSPs (new checklist reference 1CO.03a.09)
    • updates to existing CX guidelines to better align to the updated rules requirements (updated checklist reference 1CO.03a.03)
    • retirement of existing CX guidelines which were made redundant by the updated rules requirements, which now require this information to be shown (retired checklist references 1CO.03a.04 and 1CO.03a.05)

We invite community feedback via this thread.

Please remember that this guidance is shared in draft state. This should not be taken as definitive guidance of compliance, and should not be considered as legal or compliance references for the purpose of implementation.

The original post has been updated to include these links.

@CDR-CX-Stream
Copy link
Member Author

We have made minor amendments to annotations in the following flows, primarily to clarify transitional provisions and effective dates.

[NEW] Notifications: CDR Receipts

  • added new CDR Rule annotation (02) for the transitional provisions for CDR Receipts
  • updated 2 Standards annotations (03 and 04) to include a statement outlining the effective date of the new CDR Receipt standards
  • added new CX Guideline annotation (06) clarifying the transitional provisions dates
  • added new CX Guideline annotation (08) outlining that data recipients should send CDR Receipts via the consumer’s preferred delivery channels.
  • updated annotation numbering for all other annotations

[NEW] Notifications: 90 day notifications

  • added new CDR Rule annotation (02) for the transitional provisions for 90-day notifications
  • updated 2 Standards annotations (03 and 04) to include a statement outlining the effective date of the new 90-day notification standards
  • added new CX Guideline annotation (05) clarifying the transitional provision dates
  • updated annotation numbering for all other annotations

Collection and Use: Using outsourced service providers

  • updated CDR Rule annotation (07) and CX Guideline annotation (09) to include Competition and Consumer (Consumer Data Right) Amendment (2024 Measures No. 1) Rules 2024 in the rules reference

@CDR-CX-Stream CDR-CX-Stream mentioned this issue Dec 20, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@CDR-CX-Stream CDR-CX-Stream

Labels
CX guideline Issues or requests related to CX guidelines.
Projects
Data Standards Maintenance
Status: Iteration Candidates
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CDR-CX-Stream