Have just posted in a forum and adding here too. There was a good discussion at the London Moodle user group meeting this week about GDPR, Moodle and other technologies that capture user data / profiling. There seems to be ‘creative tension’ as one of my former managers called it between reviewing and improving student contracts vs development of online web add-ins to systems to meet the 25th May 2018 deadline. Many higher education or learning specialists want to continue an open source journey but are well aware that developers may not necessarily have the priority, time, budget and resource to redevelop something that could need adapting for multiple browsers and systems within short timescales which then need continuous updating as the technological and political climates change.
These are links I’ve compiled before and after the session, some with guidance and templates for anyone wanting to get started:
Other useful links
- JISC: https://www.jisc.ac.uk/gdpr
- Moodle guide for GDPR and site policy templates
- ICO 12 steps to take now https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf
- ICO Self assessments: https://ico.org.uk/for-organisations/resources-and-support/data-protection-self-assessment/data-controllers/
As previously mentioned re political party IG – case study (not higher education but many processes similar)