GDPR: 4 Implications for Learning Management Systems in your Organisation

In today’s organisation, just as the opportunity to access richer data for internal employees has increased for the leading LMS providers, so too has the concern for how securely this personal data is managed.

In light of the new GDPR guidelines that will take effect as of 25th May 2018, many organisations are seeking to ensure that their choice of LMS provider is managing their employee data responsibly.

Furthermore, although some organisations may take the time to impose similar procedures on their provider of choice — for many organisations — this shift in regulation not only indicates the value of a provider that is already prepared for these policy changes, but also the consequences when these precautions are left behind.

When selecting an LMS provider, consider the following four factors and how these are now not only important for the effective management of sensitive data; but also a mandate from this new GDPR regulation:

Staying Informed: Assess the Data Format

Due to this updated GDPR regulation, bodies defined as ‘collectors’ of the sensitive data within your organisation are no longer just required to ensure management of the data collected, but are now also required to ensure the data itself is presented in a transparent and intelligible manner.

For your choice of LMS provider, this means that the original requirement of being able to ensure protection of your data is now extended to the format for data presentation.

Whether generating updated charts on employee compliance or providing detailed activity logs following each session, the proposed format by your potential provider is more important than ever before.

Right-to-Access: Formalising User Feedback

When considering your LMS provider, just as this regulation extends data transparency to the format of data presentation to you as the client, the new requirements on ‘right-of-access’ also formalise how performance feedback should be delivered to your employees.

In turn, as a by-product of this new regulation, this means more active feedback to your employees engaging with the training system.

More feedback means more interaction, and more interaction means a higher level of engagement with the educational resources delivered to them.

Portability made Policy

Although the required clarity in data representation to both clients and employees engaging with a GDPR-compliant LMS system will mean a higher and more frequent access to data on compliance and user activity, this also has implications for data portability.

Under this updated GDPR regulation, users engaging with an LMS platform are not only guaranteed transparency and frequent access, but also the ability to access the data on both mobile and desktop devices.

For the organisation seeking a high-quality provider, the feature of cross-platform access is therefore not only an important indicator of GDPR compliance, but also key in ensuring that their LMS is prepared for an increasingly mobile office environment.

Profiling & Automated Data Management

As well as this importance of ensuring data transparency and portability, another subtle yet significant change highlighted by the updated GDPR legislation is the profiling of individual user attributes.

This can span from work performance, behaviour to perceived reliability by their upper manager.

Therefore, when selecting a choice of LMS provider, a GDPR-compliant provider will need to maintain careful balance between sourcing rich information from users and safeguarding against errors and misrepresentation.

Overall, when considering the choices made by the organisation seeking to leverage its human resources through an LMS platform, it appears that this updated legislation not only has implications for ensuring that their current provider is GDPR-compliant- but also that their employees engaging with their platform of choice are given the better experience that this new legislation reflects.

References

“Overview of the General Data Protection Regulation (GDPR)”, ICO, 2017. [Online]. Available: https://ico.org.uk/media/for-organisations/data-protection-reform/overview-of-the-gdpr-1-13.pdf.