0003592: Updated guidance in legals tutorial - Composr CMS feature tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0003592	Composr	core	public	2018-04-27 15:40	2019-07-05 21:38

Reporter	Chris Graham	Assigned To	Chris Graham
Severity	Feature-request
Status	resolved	Resolution	fixed
Product Version
Fixed in Version

Summary	0003592: Updated guidance in legals tutorial
Description	For GDPR compliance organisations may need to: - Encrypt their filesystem - Encrypt their database - Encrypt their backups - Choose a webhost that is compliant with the 'EU-US privacy shield' - Delete old backups on a schedule - Use SSL for everything - your own site, and others you connect to This depends on the nature of personal data held, and the size of the organisation. The law is pretty vague on exactly who needs to do what and how. It unlikely applies to basic user accounts and analytics, it was more written to deal with companies such as Facebook who hold large amounts of cross-connected personal data.
Tags	Roadmap: v11, Type: Legal compliance / Privacy

Time estimation (hours)	1
Sponsorship open

Date Modified	Username	Field	Change
2018-04-27 15:40	Chris Graham	New Issue
2018-04-27 16:02	Chris Graham	Tag Attached: Type: Legal compliance
2018-04-27 17:20	Chris Graham	Note Added: 0005681
2018-04-27 17:24	Chris Graham	Sponsorship open	0 =>
2018-04-27 17:24	Chris Graham	Description Updated	View Revisions
2018-04-27 17:47	Chris Graham	Description Updated	View Revisions
2019-06-27 18:58	Chris Graham	Tag Attached: Roadmap: v11
2019-07-05 21:38	Chris Graham	Assigned To	=> Chris Graham
2019-07-05 21:38	Chris Graham	Status	non-assigned => resolved
2019-07-05 21:38	Chris Graham	Resolution	open => fixed
2022-09-01 02:23	Chris Graham	Tag Renamed	Type: Legal compliance => Type: Legal compliance / Privacy

Chris Graham 2018-04-27 17:20 administrator ~0005681	GDPR: “shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk"