The Importance of the Ohio Data Protection Act (ODPA)

May 14, 2019

Compliance, cyber security, Cybersecurity, FedRAMP, Healthcare, Lunarline, NIST

State governments have increased their focus on cybersecurity legislation over the past year, attempting to take on the alarming (and highly publicized) tide of large data breaches that have struck businesses in recent years. All 50 states now have data breach laws in place, and many of the bills being passed follow a similar vein, addressing the need for documented security programs and breach notification practices.

A few states have blazed their own path in cybersecurity law (e.g., California and its focus on IoT security). But among these idiosyncratic efforts, the Ohio Data Protection Act (ODPA) stands out for its novel, incentive-focused approach to reinforcing regulation-compliant data protection.

In short, companies meeting ODPA qualifications will be given legal “safe harbor” in the event that litigation is brought against them as the result of a data breach.

To meet the standards for this first-of-its-kind legal protection, organizations must have a written cybersecurity program that is capable of protecting information security and confidentiality. This program must follow the guidelines of a recognized security framework. Those regulated by the state of Ohio or the federal government under HIPAA, HITECH or FISMA are eligible as long as they stay in compliance. For other organizations, a number of regulatory frameworks would allow them to qualify: NIST Cybersecurity Framework, NIST SP 800-53, 53A, or 800-171; FedRAMP, CIS CSC or ISO/IEC 27000.

While the ODPA model might be unique right now, other states may begin to adopt similar approaches. The more the state legislative documents pour through, the more likely that ideas will take hold across state lines. Regardless of whether the carrot or the stick rules the day, organizations should see that the incentives for implementing compliant cybersecurity programs is a must.

Lunarline supports organizations of all types in their quest to achieve and maintain compliance with the regulatory standards that are pertinent to their industry. Our educators and consultants cover areas of expertise ranging from FedRAMP, for cloud-based service providers, to HIPAA and HITECH, for those in healthcare.

For more information on our services, contact the Lunarline team online today.

The Importance of the Ohio Data Protection Act (ODPA)

The Importance of the Ohio Data Protection Act (ODPA)

Related Posts

Hackers Are Grounding Flights

Do You Speak Security? 10 Cybersecurity Terms You Need to Know

Knowledge is Power: Increasing Your Team’s Cyber Security Proficiency

Combating the Latest Advanced Malware Attacks

We Monitor, Protect, and Secure your Data.

Company

Services

News/Headlines

Connect With Us

What We’re Saying…

Healthcare Patient Record Breaches Already Top 2018 Total

Lunarline’s Top 10 Mobile Security Tips

Insider Threats: Old Risks, New Challenges

Hackers Love the Back-to-School Season

800-171 for Organizations of All Sizes

Smartphones: A Weak Link in Corporate Cybersecurity

Popular Personal Data Protection Method Isn’t Hacking It

Small Businesses Are Big Targets for Cybersecurity Breaches

CEOs View Cybersecurity as Top Threat to Global Economy. Be Prepared.

Cybersecurity Issues Put M&A Deals in Jeopardy

Founded/Incorporated Since 2004