I would like to have some discussion / comparison about how people ended up implementing the GDPR plugins at their sites, and maybe have some questions answered in the process.
Our implementation
School: Austrian university with around 6000 active students
Moodle: 3.4.3
Current Data policy / purposes:
- Users will be deleted after 1 year of inactivity
- No current policy on course content
Problems / Experiences
- Since implementing the GDPR plugins and site policy on May 25th, we only had 2 data requests and no deletion requests from users
- We now have over 6000 inactive user accounts waiting for deletion, but I havent gotten around to actually deleting them, because I was hoping that the deletion lists get improved, or maybe get around improving them myself (see https://tracker.moodle.org/browse/MDL-62590). I don't want to delete such a massive amount of data without re-checking it, but the current list makes it impossible (cant export, sort, or display all on one page) - how have others handled this? Is there a good way to pull this data out of the database directly?
- We discussed setting a retention period for course content, but it seemed impractical to start deleting information from old courses that students can still access before they even finish their degrees - how have others handled this? what policies are you using?
Questions
- Is there any exhaustive documentation on the GDPR plugins? I find the current documentation in the moodle docs severely lacking in depth, I couldnt find any answers to any of the questions below
- What happens if a user or course gets flagged for deletion, but afterwards the criteria changes, for example
- A user is flagged for deletion because he is inactive for >1 year, but then logs on again before he is actually deleted - does he get removed from the deletion list?
- Course content is flagged for deletion, but then the teacher changes the course end date so it is within the retention period - does the course content get removed from the deletion list?
- How exactly does course content deletion work?
- Does it really only delete personal data from activities? What exactly gets deleted? Is there any documentation or list out there that shows exactly what gets deleted?
- What happens if all the personal data gets deleted from a course, the course is removed from the data deletion list, but then new personal data is added - for example, after a retention period of 1 year, all forum posts are deleted, but then a student goes back to that course and adds another forum post - will the course immediately show up on the deletion list again?
- What process actually deletes content after I press delete in the data deletion list? Does it get deleted immediately, or by the next cron job? Is deletion logged anywhere?
- It seems to me, that the whole implementation of GDPR right now is pretty bare and rushed, which is understandable, since everyone was in a hurry to meet the 05-25 deadline. Are further features planned or already requested or even needed by other persons, such as
- A usable data deletion list (see above)
- The possibility in the data registry to assign purposes / data retention periods to specific types of modules, for example assign a specific purpose to all quizzes in all courses?
Thanks in advance for any input, I hope to get a good discussion going that benefits everyone, now that some time has passed after the general rush to implement the GDPR plugins.