CCPA Service Provider Addendum
The combination of security and privacy lead to a strong ecosystem that keeps your information safe. For clients who are subject to the requirements of the California Consumer Privacy Act, we offer a CCPA Service Provider Addendum to the Medallia Agile Research Data Processing Agreement.
Our clients can enter into these terms via the opt in process described below. You must be signed in as account administrator or legal representative for this task.
Clients are responsible for determining if a CCPA Service Provider agreement with Medallia Agile Research is required and for ensuring that they use Medallia Agile Research services in compliance with CCPA. Clients are responsible for fulfilling an individual's right of access, amendment, and accounting in accordance with the requirements under CCPA.
As an enterprise level platform serving government, health care financial clients, privacy and security compliance is a must. Because of the markets that serve, we have put a lot of effort over the last 18 years into our compliance with the major privacy and security regulations.
These efforts are built upon three pillars:
- Administrative SafeguardsThese have to do with the policies and procedures we have in place to ensure the proper employee management, training and oversight for staff that come into contact or manage personally identifiable information (PII). It includes providing tools to our clients to manage and limit the access to PII and PHI to certains user roles and specific users within their own accounts. It also includes having agreements in place with service providers that perform covered functions. These agreements, called sub-processor agreements ensure that service providers use and safeguard PII.
- Technical SafeguardsThey include things like encryption at rest and in transit, firewalls, logging, encrypted file storage, business continuity, fine-grained data retention rules controlled by our clients and more.
- Physical SafeguardsThese include the use of multiple class A data centers, data redundancy, data region isolation, limited access to servers and more.
These pillars are covered extensively in our Data Processing Agreement which you must agree to before you can agree to this addendum.
Opt in to the CCPA Service Provider Addendum
-
Select Account > Legal & compliance.
-
Under CCPA Service Provider Addendum, click Review and Accept.
-
Click I Accept.
Not authorized?
Are you not legally authorized to approve the Medallia Agile Research CCPA Service Provider Addendum? You can instead add your legal contact as a user to your Agile Research account by going to Account > Users and clicking New user. When adding the user, be sure to select Legal representative under Roles so they have access to review and manage legal documents. Once they've been granted access and have set a password through the user activation email they will receive, they can follow the instructions above to access and accept the CCPA Service Provider Addendum.