In May 2018, all European people or organizations that stores or processes personal information have to comply the European Union’s General Data Protection Regulation (GDPR). GDPR becomes enforceable on 25 May 2018 and it will replace the data protection directive from 1995.
As per Dr. Martin Dougiamas – CEO & Founder of Moodle, “These laws are a great thing for Privacy online and Europe is leading the world in this.” Moodle is already working over the GDPR compliance and will make sure that Moodle based companies/institutes are fully compliant by the time GDPR is enforced.
Moodle HQ development team is already working on the compliance process. Damyon Weise shared an update on what HQ is doing with regards to GDPR compliance. Damyon has created “GDPR for Administrators” to focus on the obligations of a Moodle administrator under the new regulations.
The document also has a 12 point checklist which has to be complied by every Moodle site administrator to make sure they are doing the right things. This includes specific questions like:
- Do you require your site users to accept a site policy document before using your site?
- Is it possible that your site is used by minors?
- Do you use any of the collected personal information for the purposes of research?
- Do you use any of the collected personal information for the purposes of marketing?
- Do you share any of the collected data with any third parties?
- Do you have defined policies and procedures for disclosing data breaches?
The page is also having a sample site policy ready in place for GDPR’s compliance.
Important discussion is also going on about EU General Data Protection Regulation (GDPR) compliance in Moodle Forums here.
From the discussions, it is understood that Moodle is not going to be complying with GDPR with Moodle 3.4, which is currently under the QA testing cycle. (due to be released in Second week of November). However, it may become a reality with Moodle 3.5 only, which will be released in May 2018.
For more information about European Union’s GDPR, check out the official website here – https://edps.europa.eu/