Anyone working with our API and with the ATO will no doubt be familiar with their DSP Operational Framework. This is a framework provided by the ATO for working with data across various networks and providers.
All digital service providers wanting to use the ATO’s digital services will now need to meet specific requirements as defined by the ATO, which can include, but is not limited to:
· Supply chain visibility
· Data hosting
· Personnel security
· Encryption key management
· Security monitoring practices.
The ATO’s website includes the reasons for creating the framework and the related requirements:https://softwaredevelopers.ato.gov.au/operational_framework
MYOB will be making changes to our MYOB APIs to adhere to this framework. The Product and Engineering teams are currently working with the ATO on what is the best approach to this. This will primarily affect the TFN (Tax file number) currently shared with our API users. We will notify users through a blog post, forum update and newsletter before this change goes to production so you can prepare for it.
Are you a product that uses the TFN (or other personal data that might be covered by the DSP Operational Framework) from our API? We’d love to hear from you and understand better how you use this data, and the impact of having it removed or masked might be on your clients. Fill in our quick form here so our product team can be in touch should they want more details.