Ohio Code 1354.01 – Definitions
As used in this chapter:
Terms Used In Ohio Code 1354.01
- Business: means any limited liability company, limited liability partnership, corporation, sole proprietorship, association, state institution of higher education as defined in section 3345. See Ohio Code 1354.01
- Corporation: A legal entity owned by the holders of shares of stock that have been issued, and that can own, receive, and transfer property, and carry on business in its own name.
- Covered entity: means a business that accesses, maintains, communicates, or processes personal information or restricted information in or through one or more systems, networks, or services located in or outside this state. See Ohio Code 1354.01
- Fraud: Intentional deception resulting in injury to another.
- Partnership: A voluntary contract between two or more persons to pool some or all of their assets into a business, with the agreement that there will be a proportional sharing of profits and losses.
- Person: includes an individual, corporation, business trust, estate, trust, partnership, and association. See Ohio Code 1.59
- Property: means real and personal property. See Ohio Code 1.59
- Restricted information: means any information about an individual, other than personal information, that, alone or in combination with other information, including personal information, can be used to distinguish or trace the individual's identity or that is linked or linkable to an individual, if the information is not encrypted, redacted, or altered by any method or technology in such a manner that the information is unreadable, and the breach of which is likely to result in a material risk of identity theft or other fraud to person or property. See Ohio Code 1354.01
- state: means the state of Ohio. See Ohio Code 1.59
- Subpoena: A command to a witness to appear and give testimony.
- United States: includes all the states. See Ohio Code 1.59
(A) “Business” means any limited liability company, limited liability partnership, corporation, sole proprietorship, association, state institution of higher education as defined in section 3345.011 of the Revised Code, private college as defined in section 3365.01 of the Revised Code, or other group, however organized and whether operating for profit or not for profit, including a financial institution organized, chartered, or holding a license authorizing operation under the laws of this state, any other state, the United States, or any other country, or the parent or subsidiary of any of the foregoing.
(B) “Covered entity” means a business that accesses, maintains, communicates, or processes personal information or restricted information in or through one or more systems, networks, or services located in or outside this state.
(C) “Data breach” means unauthorized access to and acquisition of computerized data that compromises the security or confidentiality of personal information or restricted information owned by or licensed to a covered entity and that causes, reasonably is believed to have caused, or reasonably is believed will cause a material risk of identity theft or other fraud to person or property. “Data breach” does not include either of the following:
(1) Good faith acquisition of personal information or restricted information by the covered entity’s employee or agent for the purposes of the covered entity’s, provided that the personal information or restricted information is not used for an unlawful purpose or subject to further unauthorized disclosure;
(2) Acquisition of personal information or restricted information pursuant to a search warrant, subpoena, or other court order, or pursuant to a subpoena, order, or duty of a regulatory state agency.
(D) “Personal information” has the same meaning as in section 1349.19 of the Revised Code.
(E) “Restricted information” means any information about an individual, other than personal information, that, alone or in combination with other information, including personal information, can be used to distinguish or trace the individual’s identity or that is linked or linkable to an individual, if the information is not encrypted, redacted, or altered by any method or technology in such a manner that the information is unreadable, and the breach of which is likely to result in a material risk of identity theft or other fraud to person or property.
As used in this division, “encrypted,” “individual,” and “redacted” have the same meanings as in section 1349.19 of the Revised Code.