Tag Archives: Ohio

Ohio Law Offers Safe Harbor to Companies Meeting Cyber Standards

Photo of Craig A. HoffmanBy Brian P. Bartish and Craig A. Hoffman on Posted in Data Breaches, State Legislation
Ohio will soon have a law in place that provides a “legal safe harbor” from tort claims related to a data breach, to entities that have implemented and comply with certain cybersecurity frameworks. It remains to be seen whether any entity will ever be in a position to take advantage of the affirmative defense this … Continue Reading

State Data Breach Notification Requirements Specifically Applicable to Insurers

Photo of Patrick H. HaggertyBy Patrick H. Haggerty on Posted in Data Breach Notification Laws, Data Breaches, State Legislation
Almost all U.S. states and territories have enacted breach notification laws requiring private and/or government entities to notify individuals when their personal information is compromised. These laws vary, and much has been written about the challenges caused by the differences, including who must comply with the law (e.g., persons, businesses, information brokers, government entities, covered … Continue Reading

Once Again, Clapper Defeats Data Breach Class Action

By Judy Selby on Posted in Data Breaches, Identity Theft, Online Privacy, Privacy Litigation
Article III standing has once again proved to be an insurmountable hurdle for data breach class action plaintiffs whose personal information hasn’t been misused.  In Galaria v. Nationwide Mutual Insurance Co., an Ohio federal court relied on the United States Supreme Court’s decision in Clapper v. Amnesty Intern. USA, 133 S.Ct. 1138 (2013), and held … Continue Reading

Highest Bidder Loses Spoliation Fight in Auction House Data Breach

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Data Breaches
This blog post is a joint submission with BakerHostetler’s Discovery Advocate blog. Authored by: Karin Scholz Jenson and  Ganesh Krishna A recent case out of the Northern District of Ohio is an unsung victory for proportionality in that the Court twice declined to sanction a plaintiff’s “failure” to forensically image computers where computer logs showing the … Continue Reading
LexBlog