Hi All, Greetings from the University of Cambridge (where the sun is shining today)!
We are starting a Housekeeping project to strip redundant data out of our instances of Moodle at the university. We envisage that this will help us to make efficiencies (e.g., reduce backup time), and ensure that the service remains GDPR compliant, amongst other performance, security and business benefits.
As part of this, we are reviewing existing policies and guidelines, as well as establishing data dependencies and a data retention framework. If your institution has also gone down this route (for Moodle or another VLE), is there any knowledge/learning you would share?
For example, do you:
* have a framework for data retention for each type of data (e.g., activity log, course, user records and files …)?
* involve users in proactively and dynamically performing their own housekeeping (i.e. reporting to them content that has not been viewed or accessed over a given time period so that they can take their own housekeeping measures)?
* do you have custom SQL or scripts to automatically delete target content (e.g. logs, etc.), and if so, over what length of time for each content type?
* as part of this, have you become aware of any developments in sector policy/guidelines/practice over the last 8 months?
If so, and you willing to share details of the mechanisms you designed or policies you’ve implemented, we’d love to hear how you’ve tackled it.
Many thanks for your time and interest! I look forward to hearing from you.
Very best wishes,
Business Specialist (Moodle), UIS, University of Cambridge.
We have a legislative requirement to keep student results for a period of time, but anything else is redundant after about five years. Local policy is that we archive courses every year, and delete the archive in the sixth year. If staff want to retain a course, they import it to a new course, and their previous course is kept in the archive. We have found though that most courses change every year, sometimes slightly, sometimes significantly, as requirements change or as school priorities change. Results though are posted to a central location on the Server and retained for the required period. Anything else is deleted, unless it has some level of significance. Admin journals are never deleted as these contain information about the Moodle itself, and go back through previous versions. I expect though that sooner or later Moodle will change so much in that 5 year period that the older courses will no longer be accessible. Also, proposed structural changes to Education will impact on current practice but how that is going to happen is anyone's guess at the moment. Policy is aimed at meeting legislative requirements, anything else is redundant.
At The Open University, we're looking at Moodle Tool_Lifecycle to help automate some of our housekeeping. It'll still be very people- and process-driven, of course. We plan to auto-remove module presentation websites to a 'recycle bin' category about three years after they became read-only to students, but have our Moodle administrators confirm the final deletion of the website from our servers (possibly as a weekly check task). Nearly all module presentation website content is downloadable as EPUBs/PDFs for students, and all Moodle collaborative tools have export functions, so we feel that this 3.5-4.25 year life gives students adequate time to refer to or download anything they need. It also gives our library archiving services a good time window to archive any study content. Obviously all data the university is legally required to retain (assessment scores etc) is stored in our central systems as long as necessary.
Non-website-presentation-specific content, such as 'public' or general resource websites, user profiles, and personal blogs... we're still working out the details around those, as their 'start using' and 'end using' dates are far less clear.
Digital Assessment (and GDPR) Development Manager, The Open University (UK).