Data Protection Act

Ohio Senate Bill 220

The Data Protection Act (first introduced as the "Safe Harbor" Act)

The Data Protection Act, formerly known as “Safe Harbor”, is designed to incentivize businesses, particularly small businesses and small government agencies, in defending themselves against a lawsuit alleging that a data breach was caused by the entity’s failure to implement reasonable information security controls.

This Act, to be signed into law November of 2018, outlines strategies to comply with reasonable cyber security defenses relevant to the size and scope of a business. Not a one-size-fits-all cyber defense but instead a cyber defense that associates with each unique business.

The result is that both business and government can protect their reputation, their files, electronic data and their computer networks using a proven cyber security program and do so at a minimum cost to the organization.

XLN can guide you into compliance by performing a Security Review based upon the NIST 800-171 standards. For more information and XLN's service fees, Click Here.


The aforementioned cyber security defenses will comply with:
NIST 800-171, NIST 800-53 & 800-53A, HIPAA, GLBA and/or FISMA.