Ohio ORC 9.64 Cybersecurity Requirements

Understanding Ohio's cybersecurity requirements for political subdivisions and public entities.

View Requirements
Download Readiness Checklist

Helping organizations improve awareness, assess cyber risk, and strengthen operational readiness through education and practical guidance.

ORD 9.64 OVERVIEW

What Is ORC 9.64?

Ohio Revised Code 9.64 establishes cybersecurity requirements for political subdivisions throughout Ohio. The law requires covered entities to implement and maintain a cybersecurity program designed to protect information systems, data, and critical public services.

Protect Information • Identify Threats • Respond to Incidents • Recover Operations

Official Resources

Ohio Revised Code
Ohio Auditor Guidance

Who Must Comply?

ORC 9.64 applies to counties, municipalities, townships, school districts, libraries, public health agencies, and other covered political subdivisions throughout Ohio.

Counties

County governments and agencies

Cities & Villages

Municipal governments and departments

Townships

Township governments and administrative offices

Libraries

Public library systems and governing authorities

Public Health & Other Political Subdivisions

Health districts and other covered public entities

School Districts

Public K-12 educational organizations

NEXT STEPS
UNDERSTAND REQUIREMENTS
Understand Requirements Review ORC 9.64 obligations and determine applicability.
ASSESS CURRENT STATE
Evaluate policies, procedures, and cybersecurity controls.
IMPLEMENT PROGRAM
Address gaps and establish required safeguards.
MAINTAIN COMPLIANCE
Document activities and prepare for ongoing review.