With the increase in cybercrime, and level of sophistication hackers are using, states are looking to new legislation to protect consumers and businesses. Last week, state representatives introduced a bill that would give Ohioans more control over their personal data and protect Ohio businesses from litigation. The Ohio Personal Privacy Act would be the first in the country to provide a safe harbor for businesses who can prove they have nationally recognized data protection in place.
The bill is focused on businesses with a gross revenue over $25 million and businesses who control or process the personal data of over 100,000 Ohio residents in a calendar year. The bill would also apply to smaller businesses if 50% of their revenue comes from the sale of personal data, or they control more than 25,000 residents’ data.
The bill does not cover data already covered by HIPAA, data subject to Children’s Online Privacy Protection, financial data, higher educational institutions, business-to-business transactions, or employee data.
The bill would require businesses to inform consumers of the personal data being collected, and how it would be used. It would give consumers the ability to view the data collected on them, opt out of their data being sold, or delete the personal data altogether.
“In the absence of a comprehensive federal policy on the collection and use of personal information, Ohio has an opportunity to position itself as a technology leader on multiple fronts,” commented Rep. Carfagna. “House Bill 376 will balance reasonable privacy standards to protect Ohioans with less bureaucracy and regulation on businesses. I’m thrilled to work with my joint-sponsor State Rep. Thomas Hall, Lt. Governor Husted and Attorney General Yost to create what we believe will serve as a national model for data privacy.”
The bill also provides a defense for businesses. If a company follows the privacy framework outlined by National Institute of Standards and Technology (NIST), they are protected against legal action through the proposed bill. This is the first bill of its kind that takes the liability off the business if they can prove they were following best practices when they suffer a breach.
Quanexus specializes in helping businesses navigate government regulations for data security. If you have questions about the proposed bill and how it may impact your business reach out to our team for more information.
Quanexus IT Support Services for Dayton and Cincinnati
Request your free network assessment today. There is no hassle, or obligation.
If you would like more information, contact us here or call 937.885.7272.
Follow us on Facebook, Twitter and LinkedIn and stay up to date on by subscribing to our email list.
