Plain language law

New Zealand law explained for everyone

Customer and Product Data Act 2025

Administrative matters - Regulations, standards, and exemptions - Standards

139: Chief executive must comply with requirements before making standard

You could also call this:

“Boss must follow rules before making new rules”

Before the chief executive can make a standard, they need to do a few important things. First, they must follow any rules set out in the regulations. They also need to make sure the standards fit within any limits or restrictions that the regulations mention.

When making standards, the chief executive needs to think about several things. They must consider what’s best for customers, including Māori customers. They need to think about how much it might cost data holders and what benefits they might get. The standards should help make regulated data services secure, standardised, and work well.

The chief executive also needs to make sure the standards work well with other designated areas, if that’s relevant. Lastly, they need to think about how the standards might help or cause risks when it comes to keeping customer and product data safe, private, and confidential.

This text is automatically generated. It might be out of date or be missing some parts. Find out more about how we do this.

This page was last updated on

View the original legislation for this page at https://legislation.govt.nz/act/public/1986/0120/latest/link.aspx?id=LMS938975.

Topics:
Money and consumer rights > Consumer protection Business > Industry rules Business > Fair trading Rights and equality > Privacy
Previous

138: Standards, or

"Rules that explain how to follow the Customer and Product Data Act 2025"

Next

140: Chief executive’s consultation on proposed standards, or

"The boss must talk to important people before making new rules"

Part 5 Administrative matters
Regulations, standards, and exemptions: Standards

139Chief executive must comply with requirements before making standard

  1. Before making a standard, the chief executive must—

  2. comply with any requirements prescribed by the regulations under section 131(1)(f); and
    1. be satisfied that the standards are consistent with any limits or restrictions prescribed by the regulations (see section 131(1)(g)); and
      1. have regard to the following:
        1. the interests of customers, including Māori customers:
          1. any likely costs and benefits for data holders:
            1. whether the standards facilitate secure, standardised, and efficient regulated data services:
              1. whether the standards support consistency and interoperability (where relevant) across designated areas:
                1. the likely benefits and risks associated with the proposed standards in relation to the security, privacy, confidentiality, or other sensitivity of customer data and product data.