Data processing agreement

Data processing agreement (DPA) is a legally binding document. It’s signed between two key data processing actors under GDPR – the data controller and the data processor.

It regulates the details of data processing, such as the scope and purpose, as well as the relationship between those actors. In addition, it assigns certain obligations required by the new EU law.

Read more about this topic on the Piwik PRO blog: Check out the 7 elements every DPA should have.


  • What is protected health information (PHI)? A guide for healthcare marketers

    Quick summary What PHI is: Any individually identifiable health information created, received, maintained, or transmitted by a covered entity or its business associates Who it applies to: Healthcare providers, health plans, healthcare clearinghouses, and their business associates Why it matters for marketing: Marketing tools that collect or transmit PHI without a BAA create HIPAA compliance…

  • We checked 59 hospital websites. 73% kept tracking visitors after opt-out.

    A new study by Piwik PRO and Verified Data scanned 59 major US hospital and clinic websites for tracking and data compliance. The findings show just how common it is for major US healthcare websites to run marketing tools that weren’t built for a regulated environment. What we actually found Across the 59 scanned sites,…