GDPR - Competency Assessment Task Data Deletion and Anonymization
When a user leaves a Legal Entity organizational unit (OU) and requests to be forgotten OR that user’s data is outside of the data retention period, competency assessment tasks are impacted in the following ways:
- Assessee - If the user is an assessee, the user's competency assessment is deleted.
- Assessor - If the user is an assessor, the user's core data such as First Name and Last Name are anonymized. That is, the assessor's scores and comments remain intact, but any references to the assessor's core data are anonymized.
- Administrator - If the user is an administrator, the user's core data such as First Name and Last Name are anonymized throughout Competency Task Administration.
When a data deletion request is made based on time, then the competency assessment task end date is used to determine when the task data is deleted or anonymized. The last modified date is used to determine when competency ratings are deleted.