Procurement

Data Processing Agreement

Most universities can sign our standard DPA as-is. Read the full terms inline or download a copy. Custom redlines and state- specific exhibits available on request.

Standard Agreement

What the DPA Covers

FERPA school official designation under 34 CFR § 99.31(a)(1)(i)(B)
Scope of processing: data categories, purposes, duration
Subprocessor list with regions and notification commitments
Reasonable security measures and personnel confidentiality
72-hour personal data breach notification
Student record inspection routed through your institution
Audit rights once per contract year
30-day deletion of records on contract termination
US-only data residency
Governing law: California; venue: Los Angeles County

Read the full agreement

The complete DPA text is published inline so your procurement office can review without downloading anything. Print to PDF from the inline page if you need a copy for routing.

Read Full DPA

Alternative Forms

NDPA and State Exhibits

If your institution prefers to use the National Data Privacy Agreement (NDPA) maintained by the Student Data Privacy Consortium, we are willing to sign it. We also maintain prepared exhibits for the most common state student-data privacy regimes:

New York Education Law 2-d (Parents' Bill of Rights and supplemental data security plan)
Illinois SOPPA (already met by our default posture)
California SOPIPA / CCPA / CPRA

Custom Requirements

Need Modifications?

If your procurement office requires changes to the standard template, or if your institution uses its own DPA, email us at privacy@thehomehealthpro.com and we will review it. We aim to respond within five business days.

View Full FERPA Compliance Page