When conducting business with Ohio consumers all licensees must make safeguarding nonpublic information a top priority. The Ohio Department of Insurance has long required licensees follow reporting and mitigation procedures when data loss does occur. (R.C. 3904.13, Bulletin 2009-12 - Loss of Control of Policyholder Information). Recently enacted Ohio Revised Code, Chapter 3965 bolsters data loss reporting requirements and adds a requirement for some licensees to develop and maintain an information security program.
Guidance for Safeguarding Nonpublic Data
- Statement of Compliance with HIPAA Privacy & Security Rules Guidance Document
- Frequently Asked Questions
- HIPAA Compliance Statement
- Information Security Program Certification/Exemption
- Reporting a Loss of Nonpublic Information