Data Protection Act and Safe Harbor for Ohio Businesses

September 17, 2018

As a business, data breach and cybersecurity issues are an ongoing and daily concern. Even if your company has implemented comprehensive policies and security protections, data breaches can still occur. The good news is, Ohio passed a new law to protect businesses who have taken appropriate steps to safeguard data.

On August 3, 2018, Governor Kasich signed the Data Protection Act (R.C. 1354.01, et seq.). The Data Protection Act provides an affirmative defense to businesses facing a civil lawsuit over data breach claims. The defense applies, if a business shows it creates and maintains a written cybersecurity program in compliance with reasonable security measures at the time of the breach. Whether the security measures are reasonable will depend on the company’s size, nature and scope of activities, sensitivity of the information, costs, and resources available to the company. One industry standard set forth in the statute is compliance with the National Institute of Standards and Technology (NIST) Cybersecurity Framework. If a business is already subject to various Federal regulatory standards, such as HIPPA, compliance with those Acts will also provide protection.

The law becomes effective November 2, 2018. This new law is not a requirement of data security standards that Ohio companies must satisfy. Instead, the Data Protection Act offers complying companies a defense to a civil lawsuit for damages from a data breach. With the threat of class action lawsuits related to data breaches, the new law provides a strong defense to protect proactive businesses from costly and expensive lawsuits.

Now is the time to evaluate your data security procedures, manuals, and technical safeguards. The cybersecurity attorneys at Isaac Wiles can assist in determining whether your company’s security measures are in compliance with the new safe harbor provisions.

What Does the Ohio Equine Immunity Statute Mean?

Isaac Wiles Author

August 4, 2021

People are required to accept some inherent risk when riding a horse. In Ohio, there are specialized legal rules and […]

What Does the Ohio Equine Immunity Statute Mean?

Exploring the DORA: A Growing Economic Development Tool in Ohio Communities

Can I require my employees to get the COVID-19 vaccine?

School District Unions and COVID-19 Safety Regulations

Law Enforcement Training Is No Laughing Matter

Can “Wedding Barns” and Local Zoning Co-Exist? Ohio Supreme Court Takes a Closer Look

Supreme Court Grants Federal Job Protection to LBGTQ Workers, How the Ruling Affects Ohio Employers and Employees

Trademark Scam Alert

The U.S Supreme Court Clarifies That Willfulness is Not a Predicate Finding for Lost Profits in Trademark Infringement Claim

Paying Tipped Employees for Non-Tipped Activities

Trending Now – The Importance of Social Media Policies for Local Governments

When Employees Refuse to Return to Work Due to COVID-19

Get Off My Bus!

A Kinder Gentler OSHA?

Department of Labor Issues Temporary Rule Clarifying Small Business Exemption from the Requirements to Pay “Paid Sick Leave & Expanded FMLA Leave”

Employer Liability for COVID-19

Beyond the Basics of Special Needs Planning Part 2: Recent Updates

“Navigating the Waze Craze” Sheriff & Deputy magazine

Legal Update: New Overtime Exemption Rules

Negotiable Lease Terms for Restaurant Tenants

“Paying the Piper – Best Practices for Playing Music in Restaurants,” Modern Restaurant Management

“The Role of Home Devices in Police Investigations”

“Ohio’s Payday Lending Regs May Inform Other State Efforts”

Ohio body-worn camera law strikes balance between privacy and transparency

“Witness for the Prosecution: A Smart Speaker?”

“The Supreme Court of Ohio Clarifies The Construction Statute of Repose”

“Commercial Leases: How State Laws Can Vary and Affect Your Lease”

“Beyond the Basics of Special Needs Planning – Part I”

“Ohio police body cam provides a well balanced approach”

“Supreme Court Shortlister’s Dissent Could Help Christian School,” Bloomberg Law

Police “Body Cam” Law Balances Privacy & Transparency

“Everything You Need to Know About Intellectual Property,” CO by U.S. Chamber of Commerce

“Letter: Register communication disability with the state,” The Columbus Dispatch

“Will ID Cards and First Responder Training Protect People with Autism?,” Avvo Stories

Letter: Register Communication Disability With the State

Sixth Circuit Reverses District Court in Case Based on 1975 Murder

Ohio Bill Creates Communication-Disability Registry for Police

Found in Translation – Sheriff & Deputy Magazine

“NLRB Update: What Every Employer Needs to Know,” Employee Relations Law Journal

Urgent! ADA Applies to Your Website

Foster Care Placements and Adoptions Raise Issues Under the FMLA – Employee Benefit Plan Review

Nothing to LOL About: Cincinnati Case Puts New Focus on Text Messages as Public Records

Are Ohio’s Employers Prepared for Medical Marijuana

Companies Could Sidestep Data Breach Claims Under Ohio Law

Data Protection Act and Safe Harbor for Ohio Businesses

Promotion Criteria Should Be the Same for Men and Women – Society for Human Resource Management

LEADS Update Helps Bridge Communication Gap

The Case Against the Billable Hour – Columbus CEO

Introducing the Legal Industry to Millennial Business Owners – Law360

Marsy’s Law: Friend or Foe to Ohio’s Public Employees?

Ohio Employers Could See Large Rebates This Summer

Double Your Business – Tips to successfully open a second location – Ohio Restaurant Association

A Mixed Bag: Medical Marijuana & Commercial Real Estate

Lease Agreements: Protecting Your Downside

Real Estate Resolutions: Trust Versus LLC

Former Delaware County Deputy Loses Wrongful Termination Lawsuit – Columbus Dispatch

Consequences of the Failure to Disclose Assets

Medicaid Planning for Your Future

Employee vs. Independent Contractor Classifications: What Can the Employer Control?

Workers’ Compensation Statute of Limitations Reduced to One Year

Recent Changes to Transferring Ownership of Deceased’s Automobile

Recent “Buzz” Regarding Medical Marijuana

Proposed Legislation Could Mean Big Changes for the Workers’ Compensation System

The One Financing Risk Never to Take When Starting a Business: $50-Million-A-Year Restaurant Mogul

Closing a Dental Practice: The Devil is in the Details

Company’s Nondisclosure Policy OK Despite Broad Language

Police Prioritize Autism Training

“Before Pitching, Startups Should Get Their Legal House in Order,” Columbus CEO

Social Media – What a public employer can and can’t control

Wearable Technology—helpful employee monitoring tool or lawsuit evidence?

Trust Restored: European Commission adopts the EU-U.S. Privacy Shield, but does it provide stronger protection of personal data than the recently-ruled invalid Safe Harbor framework?

Defend Trade Secrets Act signed into federal law–Why it’s a bigger deal than many may think…

Sub SB321 – Legislative Change for Public Records Disputes

BuckHigh State: Medical marijuana bill passes in Ohio, but there is a catch. What does it all mean for users and employers?

Don’t Look a Gift Horse in the Mouth–correcting employee misclassifications

Overtime Extended to Millions

The Anti-Growth Movement Surges But Offers Few Solutions

NLRB Snares Franchisors as Joint Employers of Franchisee Employees

Ohio ABLE Act: Fund the Needs of Disabled Persons

Big Changes to the Settlement Process are on the Horizon