Draft updates to the CDR Privacy Safeguard Guidelines

1 September 2022

Below are the chapters of the Privacy Safeguard Guidelines, each containing marked updates for consultation.

If you need assistance because the document you need is not available in a format you can access, please contact us at website@oaic.gov.au.

CDR Privacy Safeguard Guidelines with marked updates

Chapters:

Chapter A: Introductory matters

Chapter B: Key concepts

Chapter C: Consent – The basis for collecting and using CDR data

Chapter 1: Open and transparent management of CDR data

Chapter 2: Anonymity and pseudonymity

Chapter 3: Seeking to collect CDR data from CDR participants

Chapter 4: Dealing with unsolicited CDR data from CDR participants

Chapter 5: Notifying of the collection of CDR data

Chapter 6: Use or disclosure of CDR data by accredited data recipients or designated gateways

Chapter 7: Use or disclosure of CDR data for direct marketing by accredited data recipients or designated gateways

Chapter 8: Overseas disclosure of CDR data by accredited data recipients

Chapter 9: Adoption or disclosure of government related identifiers by accredited data recipients

Chapter 10: Notifying of the disclosure of CDR data

Chapter 11: Quality of CDR data

Chapter 12: Security of CDR data and destruction or de-identification of redundant CDR data

Chapter 13: Correction of CDR data

Diagrams:

Diagram 1: CDR consent and collection process for accredited persons (Chapters C and 3)

Diagram 2: CDR consent and collection process for collection by sponsors (Chapters C and 3)

Diagram 3: CDR consent and collection process for CDR representative arrangements (Chapters C and 3)

Diagram 4: Key information flow in the CDR system (Chapters C and 3)

Diagram 5: Key information flow for collection by sponsors (Chapters C and 3)

Diagram 6: Key information flow for CDR representative arrangements (Chapters C and 3)

Diagram 7: Permitted uses or disclosures of CDR data (Chapter 6)

Diagram 8: When can an accredited data recipient disclose CDR data to an overseas recipient (Chapter 8)

Diagram 9: How to respond to a correction request (CDR data that is not AEMO data) (Chapter 13)

Diagram 10: How to respond to a correction request (AEMO data) (Chapter 13)