A data processing agreement (DPA) is a legally binding document to be entered into between the controller and the processor in writing or in electronic form. It regulates the particularities of data processing- such as its scope and purpose- as well as the relationship between the controller and the processor.
The following document is being used- in conjunction with the Data breach event response framework- to report the specific details of the data breach, as well as the remedial measures that are taken to minimize the risk to data subjects.