Two milestones in the LMS world are fast approaching: the EU’s General Data Protection Regulation (GDPR) is a new set of laws dealing with data privacy and will be strictly enforced as of May 25, 2018 and Moodle 3.5 is set to be released in mid May which will make it GDPR compliant. Is your company ready for GDPR?
With our decades of expertise in the Learning Management space, the team at Lambda Solutions and Zoola Analytics has been busy at work keeping up to date on these new developments. Our hosting options extend to the EU via our hosting partner, Amazon Web Services, and the products we host are GDPR ready, including Totara 11 which already has built-in support for GDPR compliance since March 2018.
Non-Compliance of GDPR = Fines!
It’s one thing to have the proper LMS in place to support these new laws, but what about having to answer to the regulators and demonstrate that your company is in compliance? The GDPR is not to be taken lightly. The enhanced protection measures gives EU citizens ultimate control over their personal data and will force businesses to spell out, in plain language, why they’re collecting a user’s data and if it will be used to create profiles of their actions and habits, in addition to other measures. Depending on the severity of non-compliance, organizations can be fined up to 20 million euros or 4% of their annual global revenue, whichever is highest. Ouch!
Think because your company is not based in the EU that the GDPR doesn’t apply to you? Think again! The new laws apply not only to EU-based businesses, but also to any business that controls or processes data of EU citizens. For example, a company selling online courses internationally will be held accountable to the GDPR regulations if anyone in the EU purchases their courses.
How Moodle 3.5 Supports GDPR
The Moodle team has been working hard to support GDPR compliance for all Moodle sites by building plugins to support these efforts. Moodle HQ has already released two plugins that will help organizations and IT admins comply with key sections of GDPR including:
Data privacy (tool_dataprivacy). This adds a “request workflow” to the Moodle site to ensure users can enforce their rights to request what personal data is hosted by the site and how it has been used in the past. The current version of the plugin retrieves information from selected Moodle activities including Choice, HTML Block, and User Tours.
Policies (tool_policy). This helps administrators create policies around everything from the site including privacy, intellectual property and late assignments. In compliance with the regulation, it keeps a history of policy changes as well as user consent given to each one. It forces users to accept the policies prior to using the Moodle site.
These Moodle GDPR plugins work now in Moodle 3.4 or 3.3, and will come bundled in Moodle 3.5. Remember though, simply having a GDPR-ready LMS doesn’t automatically make your business compliant; there are a number of processes and systems that must be in place also.
Zoola Analytics for GDPR
Zoola Analytics provides insight to ALL data stored in Moodle and Totara Learn and can be used to build reports and dashboards that display GDPR compliance information stored in the LMS database. For example, a report could be built to display if a user has accepted a policy and which version was accepted.
Get Ready—Here’s How We Can Help!
Need help upgrading to Moodle 3.5? Depending on your system, upgrading can be risky, time consuming and expensive for a variety of reasons. For example, is your theme compatible? Are your plugins compatible, do you have custom integration, are you many versions behind, or do you have custom code changes? Eliminate the burden by adopting a fully managed Moodle solutions provider that includes upgrades, support by our team of experts, and unlimited application support. Don’t take any chances with big fines from the GDPR police, let our experts guide you by contacting us today.