Article originally published in a different format
The Office of the Chief Information Officer (OCIO) has updated its existing "Disclosure or Exposure of Personal Information" policy. The status of this policy was approved and changed from interim to regular status as of April 28.
Ohio’s law for a data security breach, set forth in Ohio Revised Code §1347, established requirements for notification of Ohio residents in the event that certain personal information is disclosed or reasonably believed to be disclosed to unauthorized persons. This policy helps to ensure protection of the specified personal information and the responsive notification.
At Ohio State, any proven or suspected disclosure or exposure of personal information must be immediately reported to the OCIO Information Security director at email@example.com.
For a complete listing of university policies for Information Technology, check out www.osu.edu/policies/cont#InformationTechnology.