Privacy Statement

Privacy and Security Notice

The Ohio Office of Information Security and Privacy website,, is a service provided by the Ohio Department of Administrative Services (DAS) Office of Information Technology. We recognize the importance of privacy to our web site visitors. This privacy notice applies only to and Any references in this notice to refer to both of these sites. Web sites maintained by other Ohio state agencies are governed by the policies of the agency maintaining the web site.

Visitors to should be aware of the following information:

What We Collect

Personally identifiable information provided to us through online forms or e-mail queries.

  • Please do not submit to us sensitive personally identifiable information such as social security numbers, driver’s license numbers or medical or financial information through e-mail.

Generic, Internet-user information. It may include:

  •  Internet protocol address of the individual computer (or proxy server) making the request, 
  • Type of internet browser or computer operating system you are using,
  • Date and time you accessed this site,
  • Webpages visited on this site and other sites managed by DAS such as, and
  •  Internet address of the site from which you may have linked to this site.

 How We Collect Information

Personally identifiable information is collected through voluntary disclosure by you through online forms and e-mail questions.

Our web site uses log files and web cookies to capture generic, Internet-user information each time a request is made to view a page within this web site.

What We Do With the Information We Collect

Personally identifiable information you submit in e-mail or online forms is used so that we can answer or process your request as effectively as possible.

All information collected through server log files is used in aggregate form to analyze usage trends and statistics to help us improve our web site. It may also be used to identify and respond to threats to the State network.

Cookies may be used when necessary to complete a transaction, to process data submitted to us online, or to facilitate ongoing Internet interaction.

Public Records and When We Share Your Information

Ohio public records law requires state agencies to disclose most documents and records, including electronic records. Therefore, information submitted through this web site may be subject to disclosure pursuant to a public records request. Please be aware that for public records, Ohio law requires us to disclose the records despite requests to keep information confidential. Information on the DAS Public Records Policy is found here (.pdf).

We will share personally identifiable information submitted through e-mail or online forms with other Ohio state agencies when necessary to respond to your e-mail request or process your online form. For example, if you have a question regarding the privacy of state income tax filings, we may forward your question to the Ohio Department of Taxation.

Any information collected through this web site that indicates a threat of harm to people, property or systems or a violation of a law may be shared with law enforcement and used in connection with a criminal investigation, prosecution or other legal proceedings.

Access and Dispute of Information

Under sections 1347.08 and 1347.09 of the Ohio Revised Code, individuals have access rights to their information maintained in personal information systems. “Access rights” means you have the right, with limits, to inspect, correct, and dispute such information. However, the Office of Information Security and Privacy does not maintain any personal information systems.

For record-keeping systems not covered by chapter 1347 of the Revised Code, we will work with you to give you the opportunity to inspect, correct or dispute information, if any, about yourself in other records system we maintain, subject to restrictions or limits in Ohio law.

How We Protect Your Information

We use security measures for all information systems under our control.


Confidential Personal Information and the DAS Policy on Protecting Privacy

DAS, the parent agency of the Office of Information Security and Privacy, requires all of its employees and contractors to respect privacy and protect personally identifiable information regardless of the form and system in which it’s kept. The DAS Policy on Protecting Privacy may be found here (pdf).

The Office of Information Security and Privacy does not maintain any personal information systems containing “confidential personal information” as defined by chapter 1347 of the Ohio Revised Code. Ohio Revised Code 1347.15 requires DAS to adopt rules regulating access to the confidential personal information the agency keeps, whether electronically or on paper. The DAS rules pertaining to confidential personal information may be found in rules 123-4-01 through 123-4-05 of the Ohio Administrative Code.


Any questions concerning privacy and should be sent to the Chief Privacy Officer.


E-mail:    Chief (dot) Privacy (dot) Officer AT oit (dot) ohio (dot) gov


Written correspondence:

   Ohio Chief Privacy Officer
   30 E Broad Street, 40th Floor
   Columbus, Ohio 43215