The GDPR (General Data Protection Regulation) will take effect on 25th May 2018.
If you are unfamiliar with GDPR, the guide at the Information Commissioner’s Office website is a good starting point: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
The GDPR extends current Data Protection legislation and penalties for non-compliance can be severe (potentially the higher of €20M or 4% of global turnover).
There are numerous areas to be addressed to achieve GDPR compliance. One of them is to consider how software used in your organisation supports Data Controllers and Data processors meet the compliance requirements.
Totara Learn software developments will assist with GDPR compliance:
Totara HQ have a set of features now in development which will assist in meeting compliance needs for:
- New Site Policy component
- New User Status component
- User Data Output
The features will be introduced in a special release: Totara Learn 11, currently expected to be available from the end of February 2018.
Note that the new functionality is a supplement to implementing to the broader set of requirements to achieve compliance
What you need to do now:
1. Familiarise yourself with your GDPR obligations - Your compliance with GDPR is your responsibility.
2. Upgrade to Totara Learn 10 (or Totara Learn 11 when available) - We anticipate that an upgrade from Totara Learn 10 to 11 will be straightforward and an early upgrade to Totara Learn 10 is desirable
3. Plan ahead - If upgrading from an earlier version it’s prudent to set aside time and resources to check your site during the test phase of the upgrade process. Book your upgrade as soon as possible. We have hundreds of sites to manage and may not be able to upgrade you to the latest version in time for you to comply woth GDPR if you leave it too late.
4. 3rd party plugins - If you have previously asked your LMS provider to install 3rd party plugins to add functionality to your site, review if you still need them. Some plugins may not have been kept up to date by their developer and may not be compatible with Totara Learn 10 or 11.
3rd party developers may not be able to update their plugins to assist with GDPR compliance until Totara HQ release developer documentation. In some cases, the plugin will be unaffected by GDPR. In others, a developer may decide not to update a plugin or delay making GDPR related updates until after 25th May 2018.
If you are using a 3rd party plugin developed for Moodle, please note that Moodle are adopting a different approach to support GDPR compliance. A plugin updated for Moodle only is unlikely to support the new GDPR functionality in Totara Learn.
5. Bespoke Themes - If you have a bespoke theme it may need some attention during the upgrade process. If your site is hosted with HowToMoodle, we include 2 hours of theme development time to address issues arising from the upgrade. Themes developed for earlier versions of Totara Learn may not work entirely successfully with version 10 and require substantial work or replacement.
6. Integrations with other systems - We do not anticipate issues with integrations that use methods included in standard Totara Learn.
How to check your current version of Totara Learn:
You can do this by logging in using an administrator account and follow the below steps to check your current version.
Not using Totara Learn?
Moodle HQ are also now developing a set of features, which will assist in meeting your GDPR compliance needs. These new features will be initially implemented as plugins. Learn more and check if your Moodle site will be compatible with Moodle's plugins by checking your current version: http://blog.howtomoodle.com/moodle-and-gdpr-check-if-you-can-comply.