Businesses in the US will be interested in a ground-breaking Ohio law that became official on November 2, 2018. The state’s Data Protection Act provides business owners a defensive position when accused of failing to implement adequate cybersecurity protections.
“Importantly, the new law does not create a minimum cybersecurity standard in Ohio or new cybersecurity regulations that businesses must follow,” writes Mary Grob, of McGuireWoods LLP, in the JD Supra article New Cybersecurity Law Offers Safe Harbor Against Tort Claims. “Rather, the law operates by incentivizing businesses to develop and maintain a cybersecurity program that ‘reasonably conforms’ to an already existing, industry-recognized cybersecurity framework.”
via Ohio law creates cybersecurity ‘safe harbor’ for businesses – TechRepublic.
