Researching GDPR rules and proper compliance

[Neecolaa]

Overview

I think we need to look up GDPR rules and try to think ahead to make our people depot and its clients (vrms, civic tech jobs, etc.) that take in and allow for editing of data to meet those standards. I think that will end up dictating how we structure the whole thing. Please talk to @Neecolaa about this.

Originally posted by @ExperimentsInHonesty in #89 (comment)

The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018.

Action Items

Loosely, the research should accomplish the following:

• Find out what the GDPR entails
• Find out how this affects the database's structure

Resources

https://gdpr.eu/what-is-gdpr/
https://gdpr-info.eu/

[shmonks]

@Neecolaa and @ExperimentsInHonesty: if this is something that still needs work, I am trained in GDPR... and just finished a big CCPA-compliance project for my current employer.

[shmonks]

Hi @Neecolaa - please consider the following questions and add an update below:

1. Progress: "What is the current status of your project? What have you completed and what is left to do?"
2. Blockers: "Difficulties or errors encountered."
3. Availability: "How much time will you have this week to work on this issue?"
4. ETA: "When do you expect this issue to be completed?"
5. Pictures (if necessary): "Add any pictures that will help illustrate what you are working on."