Diferencia entre revisiones de «Manteniendo privacidad de datos»

Saltar a: navegación, buscar
({{Frequently updated doc page)
(update as per English 3.5)
Línea 33: Línea 33:
  
 
Regulations and institutional policies can change over time, and this should be reflected in a site's user policies. If a change is made to a policy, a new version will be created. Users will need to agree to the new version before their next login. Policies can be disabled, but if at least one user has agreed to a policy, it cannot be not deleted. For more information, see [[admin/tool/policy/managedocs|Manage policies]].
 
Regulations and institutional policies can change over time, and this should be reflected in a site's user policies. If a change is made to a policy, a new version will be created. Users will need to agree to the new version before their next login. Policies can be disabled, but if at least one user has agreed to a policy, it cannot be not deleted. For more information, see [[admin/tool/policy/managedocs|Manage policies]].
 +
 +
=Notificación de violación=
 +
 +
The GDPR also requires organizations to implement appropriate policies, protect personal data by using security protocols, conduct privacy impact assessments, and keep detailed records on data activities. The EU GDPR places strict control on where personal data is stored and how it is used.
 +
 +
Under the GDPR, organizations are required to report data breaches to the appropriate authorities if it will “result in a risk for the rights and freedoms of individuals”. The breach notice must be done within 72 hours of first having become aware of the problem. If there is a high risk of harm, organizations must notify any affected data subject as soon as possible.
 +
  
  
 
[[en:Maintaining data privacy]]
 
[[en:Maintaining data privacy]]

Revisión del 13:42 11 jul 2018

Nota: Esta es una traducción de una página de la documentación en idioma Inglés (Docs), que se considera particularmente importante, y que en su versión original se actualiza frecuentemente. Por ello, se le recomienda que revise la página original en idioma inglés: Maintaining data privacy.


Vista general

El cumplir con as regulaciones sobre privacidad de datos no es un trabajo de una sola ocasión. Una vez que un sitio Moodle haya sido configurado para implementar políticas de privacidad de datos, el sitio debe ser monitoreado regularmente para responder a solicitudes de datos y otros eventos relacionados con privacidad.

Respondiendo a solicitudes de datos

Nota: Urgente de Traducir. ¡ Anímese a traducir esta muy importante página !.     ( y otras páginas muy importantes que urge traducir)

Users may request a copy of all data related to the user that is held on the site. Users may also request that all data related to them is deleted from the site. An email will be sent to the address designated in the Data Privacy Offer setup, and the request will be placed in a queue for approval.

The Data Privacy Officer or a designate should monitor the queue of such requests to approve them in a timely manner. The Privacy Officer can respond to data requests as follows:

  • Go to 'Data requests' in the Site administration (or follow the link in the data request notification).
  • In the Actions dropdown, select View, Approve, or Deny as appropriate.

For more information, see Data requests.

Acordar a las políticas a nombre y representación de usuarios (por ejemplo, menores)

An admin or any user with the capability Agree to the policies on someone else's behalf can give consent on behalf of minors or when a written consent was obtained offline. For more information, see User agreements.

Revisar aceptaciones de acuerdos de política del usuario

It may be necessary to monitor a site to determine who has agreed to a policy and who has not, especially if a policy has been changed. Failure to agree to a policy will prevent the user from logging in. The capability to check policy agreements may be necessary for technical support personnel responsible for troubleshooting login problems. For more information, see User agreements.

Revisar y eliminar contenido después de su fecha de retención

As part of configuring the Moodle site for data privacy, retention periods have been set for each "purpose" of data. As these retention periods come to an end, data is queued for deletion after approval by the site Data Privacy Officer. See Data deletion for more information.

Manteniendo actualizadas las políticas

Regulations and institutional policies can change over time, and this should be reflected in a site's user policies. If a change is made to a policy, a new version will be created. Users will need to agree to the new version before their next login. Policies can be disabled, but if at least one user has agreed to a policy, it cannot be not deleted. For more information, see Manage policies.

Notificación de violación

The GDPR also requires organizations to implement appropriate policies, protect personal data by using security protocols, conduct privacy impact assessments, and keep detailed records on data activities. The EU GDPR places strict control on where personal data is stored and how it is used.

Under the GDPR, organizations are required to report data breaches to the appropriate authorities if it will “result in a risk for the rights and freedoms of individuals”. The breach notice must be done within 72 hours of first having become aware of the problem. If there is a high risk of harm, organizations must notify any affected data subject as soon as possible.