Ohio Lawmakers Propose Legislation To Provide Businesses Data Breach Defense In Court

By Marilia Wyatt

Proposed legislation in Ohio seeks to incentivize businesses to voluntarily adopt a cybersecurity framework in return for an affirmative defense or “safe harbor” in court should a data breach still occur.

Senate Bill 220, the Data Protection Act was introduced Oct 17th by State Sens. Bob Hackett (R-London) and Kevin Bacon (R-Minerva Park).

The point is for Ohio businesses to be proactive in instituting certain defenses to guard against data breaches.

Importantly, the bill does not create a minimum cybersecurity standard for businesses to achieve or impose liability for not obtaining or maintaining one; instead, it intends to provide an evolutionary standard for business risk.

To meet the safe harbor requirements, businesses must create, maintain, and comply with administrative, technical, and physical safeguards for the protection of personal data by using one of eight industry-specific frameworks developed by the National Institute of Standards and Technology, or other industry recognized information security framework.

Further, a judge would be responsible for determining whether a business qualifies or not for a safe harbor provision, states data protection attorney Brian H. Lam, in The National Law Review.

The legislation is part of state Attorney General DeWine’s CyberOhio Initiative. Launched in 2016, its objective is to provide Ohio businesses with support on cybersecurity issues to enhance their success, according to the website.

“As businesses beef up their cybersecurity, consumers will benefit from the additional protection as well,” explained DeWine, who endorsed the legislation in a statement.

CyberPrivacy will continue to monitor this pending legislation and give our readers an update as it unfolds.

Further Reading:

Proposed Ohio Law May Encourage Businesses to Adopt Cyber Standards

Data Protection Act Will Incentivize Cybersecurity to Protect Consumer Data

Lawmakers Offer Legal Carrot to Defeat Data Breaches

Please leave us a comment

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s