On July 13, Ohio Lt. Gov. Jon Husted announced the introduction of the Ohio Personal Privacy Act. The law applies to organizations doing business in Ohio or whose products or services target consumers in the state. Businesses with annual gross revenue exceeding $25 million, or process personal data of 100,000 or more Ohio consumers, or derive 50% of gross annual revenue from the sale of personal data would be covered. Like other laws, it offers some consumer rights, including correction, deletion and portability, as well as an opt-out right for the sale of personal data. Most notably, the OPPA includes a carve-out for businesses that reasonably conform with the U.S. National Institution of Standards and Technology’s Privacy Framework. IAPP Editorial Director Jedidiah Bracy, CIPP, recently caught up with Husted to discuss the bill, the NIST provision and what the OPPA could mean for the future of privacy law at the state, federal and international levels.
13 August 2021
Ohio Lt. Governor Jon Husted discusses the state's privacy bill
Related stories
Notes from the IAPP Canada: The privacy force awakens — What's coming at the IAPP Canada Symposium 2026
A view from DC: Can Congress compromise for the children?
State of the states: Connecticut's digital strategy, Florida's foreign adversary privacy unit and more
California privacy enforcement in 2026: A discussion with CalPrivacy's Tom Kemp
Vietnam's first standalone AI Law: An overview of key provisions, future implications
This content is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.