Summary
Allowing a user to request the data we hold about them – and, potentially, request that we delete it – is at the core of data privacy best practices. In this chapter, we saw how Moodle can be configured to manage such requests. We saw how we can also configure Moodle to manage data retention consistent with our organization’s data retention policies.
Using Moodle’s roles and permissions framework, we created a dedicated privacy officer role and saw how they can respond to user data requests.
In the next chapter, we’ll carry out a detailed technical audit of the Mathaholics Moodle platform.