Have you heard of General Data Protection Regulation (GDPR)?
It’s the regulation in data protection and privacy for people within the European Union. GDPR will also affect personal data exported outside of the European Union.
Last year we shared Moodle’s approach and plan to help our users ensure their sites are GDPR compliant.
Today we’re pleased to announce that Moodle 3.5 offers essential features to help organisations using Moodle be GDPR compliant.
A new site administration area in the Users tab – Privacy and policies – now presents a Moodle administrator with a number of options.
In privacy settings, an administrator can request an age check before a new user can access the site, and can provide a link to contact the organisation’s Data Protection Officer.
In Policy settings, the administrator can specify how to handle user agreements to site and privacy policies.
Further privacy functionality available under Privacy settings and Policy settings includes features to handle data requests, define and maintain a data registry, review data scheduled for deletion and define, manage and track policies and user agreements.
Please remember that upgrading to Moodle 3.5 or installing the plugins alone is not going to be enough to meet the GDPR requirements. Correct configuration and implementation of the required processes and procedures is also required and you should engage with your IT and legal department on what is required.