Data Processing Agreement.
Methodology IT's data processing addendum covering HIPAA Business Associate terms, CCPA/CPRA, GLBA, NY SHIELD, and GDPR. Defines roles, lawful bases, subprocessor obligations, breach notification, and data subject rights handling.
Effective May 22, 2026 · v2026-05
Quick takeaways.
A quick look at what this document covers.
HIPAA Business Associate Agreement terms baked in
Covers CCPA/CPRA, GLBA, NY SHIELD, and GDPR in one document
Subprocessor obligations and breach notification timelines
Skim inline or download.
Skim it inline below, or download a copy to read later.
Explore Methodology IT.
The rest of our framework, plus a few places to go from here.
Get a free IT assessment
A no-pressure look at where your environment stands today and what to fix first.
Start assessmentSee our services
Managed IT, cybersecurity, cloud, AI productivity, and professional services — all under one roof.
View servicesTalk to our team
Have a specific question about this document? Book a 30-minute intro and get straight answers.
Contact usHave a specific question?
Our team is available to walk through any of our policies, terms, or agreements with you.