If you’re like most business professionals, you’ve heard of the General Data Protection Regulation (GDPR). Most companies are prepared for the new regulation but if you haven’t put plans in place, time is running out. Heavy fines will start to be levied in May—and if your company isn’t prepared, you could get hit with steep repercussions.
Even if you’re not in the EU.
What Is GDPR?
The General Data Protection Regulation is designed to protect individuals’ personal data and give people in the European Union more control over how their personal information is used. Organizations must get explicit permission to collect and use an individual’s data, and it must be just as easy to withdraw consent as it is to give it.
The GDPR goes into effect very soon—on May 25, 2018. Companies must ensure personal data is processed lawfully, transparently, and for a specific purpose. Once that purpose is fulfilled and the information is no longer required, it must be deleted.
The GDPR imposes steeper fines for companies that are non-compliant and for data breaches. Companies can be fined up to 4% of their annual global revenue or €20 million.
Want more details on the GDPR? Check out the official GDPR FAQ page.
The GDPR Applies to YOU
You might be surprised to learn that the regulation applies to companies everywhere around the world—not just in the EU. If you collect or store personal information about anyone who lives in the European Union, you must be compliant with the GDPR.
What Is “Personal Data?”
The GDPR defines personal data as any information about a person that can be used to identify them—either directly or indirectly. That includes a name, an email address, account information, a photo, an IP address, and more. It even includes pseudonymous information, if it can be easily deciphered to discover a person’s identity.
GDPR and Learning Management Systems
Learning management systems collect users’ personal data. If any of your users are in the European Union, you’ll need to be sure your LMS is compliant with the GDPR. At Lambda Solutions, we’re taking this topic seriously, and we’re here to help you stay compliant. If you’re a Moodle or Zoola Analytics customer, you’re in good hands.
For Moodle Customers
Moodle announced in December a set of features currently in development that will meet the following GDPR compliance needs:
- Onboarding of new users
- Privacy statements
- Tracking of consent
- Handling of subject access requests
The features will be available as two plugins in March 2018. These plugins provide the capability to meet compliance. To download the plugins, you will need to have Moodle 3.3 or 3.4.
NOTE: Installing the plugins doesn’t make you GDPR-compliant. You’ll still need to set them up properly and make sure your practices and policies are in line with the regulation. Get the details at our upcoming GDPR webinar.
Zoola is already fully compliant with GDPR. There’s nothing you need to do! All of Lambda’s products adhere to all applicable privacy legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA), the BC Personal Information Protection Act (PIPA), and General Data Protection Regulation (GDPR).
Data Storage Through Lambda
Lambda’s products adhere to the GDPR, but what about our data servers? To ensure our data storage providers are fully compliant with the regulation, we are finalizing putting a data server in place in Europe to meet the GDPR’s May 25 deadline.
The Bottom Line on GDPR
The long and the short of it is this: if you’re a Lambda Solutions customer, you’ll have all the tools you need to be compliant with the GDPR. But simply having the tools doesn’t make you compliant. You’ll still need to use the tools properly and make sure your own practices are in line with the regulation.
Don’t take any chances! Get all the information you need about GDPR compliance—sign up for our upcoming GDPR webinar, How to Make Compliance Simple Yet Effective. You’ll learn everything you need to know about how the GDPR affects LMS processes.