Moodle 3.5 is a really important release and includes GDPR as standard…
Released last month (May 2018) Moodle 3.5 is an important release for many reasons. Over the coming months we will review various key features, and encourage everyone to update to this version wherever possible.
GDPR came into effect on 25th May 2018, and applies protection to all EU citizens.
So if your Moodle site has EU users, you are potentially affected.
(There is a lack of clarity around how an EU law can actually be enforced outside of the EU of course!)
The changes within Moodle focus on functionality to:
- Provide additional privacy information during user sign up, as well as more extensive recording and logging of user consents.
- Provide additional means for users to obtain a copy or their data, invoke their right to data erasure, and keeping track of all types of data within Moodle in a data registry.
Whilst recent earlier versions of Moodle can comply with GDPR via use of plugins, this is only for Moodle 3.4 and Moodle 3.3. So if you are using Moodle 3.2 or earlier it’s quite possible you are breaking the GDPR law regarding user data on your site !
The GDPR serves as a really good reminder for Moodle administrators, and indeed any organisation using Moodle, that keeping your Moodle site up-to-date, or at least quite up-to-date, is extremely important these days.