Aptible Comply

Vendor Management

Which vendors should I subject to my vendor management processes?

At a minimum, you should screen and inventory all vendors that will have access to your information or information systems. This includes communication tools like G Suite, CRM tools like Salesforce, and hosting platforms like Aptible and AWS.

Under the GDPR, what do we have to include in our data-processing agreements (DPAs)?

Again, make sure to consult your counsel before entering into any regulated agreements. The GDPR includes a number of requirements related to DPAs. For more information, review GDPR Article 28.

While Aptible has not published a template DPA, there are plenty available online. See, for example, Proton Technologies’ template DPA, or one from the International Association of Privacy Professionals (IAPP).

Under HIPAA, what do we have to include in our BAAs?

Make sure you consult your counsel before entering into any regulated agreements, including BAAs. For background on BAAs, check out our article, What is a HIPAA BAA?

Updated about a month ago


Vendor Management


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.