The Importance of the Ohio Data Protection Act (ODPA)

May 14, 2019

Compliance, cyber security, Cybersecurity, FedRAMP, Healthcare, Lunarline, NIST

State governments have increased their focus on cybersecurity legislation over the past year, attempting to take on the alarming (and highly publicized) tide of large data breaches that have struck businesses in recent years. All 50 states now have data breach laws in place, and many of the bills being passed follow a similar vein, addressing the need for documented security programs and breach notification practices.

A few states have blazed their own path in cybersecurity law (e.g., California and its focus on IoT security). But among these idiosyncratic efforts, the Ohio Data Protection Act (ODPA) stands out for its novel, incentive-focused approach to reinforcing regulation-compliant data protection.

In short, companies meeting ODPA qualifications will be given legal “safe harbor” in the event that litigation is brought against them as the result of a data breach.

To meet the standards for this first-of-its-kind legal protection, organizations must have a written cybersecurity program that is capable of protecting information security and confidentiality. This program must follow the guidelines of a recognized security framework. Those regulated by the state of Ohio or the federal government under HIPAA, HITECH or FISMA are eligible as long as they stay in compliance. For other organizations, a number of regulatory frameworks would allow them to qualify: NIST Cybersecurity Framework, NIST SP 800-53, 53A, or 800-171; FedRAMP, CIS CSC or ISO/IEC 27000.

While the ODPA model might be unique right now, other states may begin to adopt similar approaches. The more the state legislative documents pour through, the more likely that ideas will take hold across state lines. Regardless of whether the carrot or the stick rules the day, organizations should see that the incentives for implementing compliant cybersecurity programs is a must.

Lunarline supports organizations of all types in their quest to achieve and maintain compliance with the regulatory standards that are pertinent to their industry. Our educators and consultants cover areas of expertise ranging from FedRAMP, for cloud-based service providers, to HIPAA and HITECH, for those in healthcare.

For more information on our services, contact the Lunarline team online today.

The Importance of the Ohio Data Protection Act (ODPA)

The Importance of the Ohio Data Protection Act (ODPA)

Related Posts

10 Things You Probably Don’t Know About FedRAMP

Learn From Facebook’s Cybersecurity Faceplants

Lunarline Addresses Healthcare Organizations’ Critical Need for Better Cyber Security

We monitor, protect, and secure your data.

Company

Services

News/Headlines

Connect With Us

What We’re Saying…

Major Security Vulnerability Exposes Millions of IoT Devices

Artificial Intelligence: AI Hype vs. Reality

Telecommuting Cybersecurity: How to Stay Safe With Remote Workers

6 Ways to Fight Back Against Modern Cyber Threats

10 Things You Probably Don’t Know About FedRAMP

Veterans: Maximize Your Skills on a New Battlefield

How to Increase Gender Diversity in Cybersecurity

Learn From Facebook’s Cybersecurity Faceplants

Your IoT Devices are Not to Be Trusted

Hackers Are Grounding Flights

Founded/Incorporated since 2004