GDPR for administrators (Moodle 3.4.2+)
Two GDPR plugins are available on the plugin database for adding GDPR functionality to Moodle 3.4.3 or 3.3.6 sites.
The Policies plugin provides a new user sign on process, with ability to define multiple policies (site, privacy, third party), track user consents, and manage updates and versioning of the policies.
The Data privacy plugin provides the workflow for users to submit subject access requests, erasure requests and for site administrators and privacy officers to process these requests, as well as a data registry to define a purpose and retention period for data stored in a Moodle site.
User documentation for both the Policy and Data Privacy plugins will be further updated soon.
Moodle 3.4.3 and 3.3.6 include the following core API changes that are required to support the GDPR plugins:
- An age and location check to identify minors
- The API to request personal data from all plugins
- Implementation of the API for a subset of Moodle core plugins so far
Those wanting to explore and use the new plugins should therefore upgrade to either Moodle 3.4.3 or 3.3.6. All GDPR functionality has been integrated in the Moodle 3.5 release.
More information coming soon...