(A) Each authorized user of the single validated risk assessment tool described in section 5120.114 of the Revised Code shall have access to all reports generated by the risk assessment tool and all data stored in the risk assessment tool. An authorized user may disclose any report generated by the risk assessment tool to law enforcement agencies, halfway houses, and medical, mental health, and substance abuse treatment providers for penological and rehabilitative purposes. An authorized user may also disclose any report generated by the risk assessment tool to qualified persons and research organizations for research, evaluative, and statistical purposes under the terms of written agreements between the authorized user and the recipients of the report. Reports generated by the risk assessment tool shall be disclosed in a manner that ensures the security and confidentiality of information in the reports.

(B) All reports generated by or data collected in the risk assessment tool are confidential information and are not a public record. No person shall disclose any report generated by or data collected in the risk assessment tool except as provided in division (A) of this section.

(C) As used in this section, “public record” has the same meaning as in section 149.43 of the Revised Code.