Ohio HB 96 — Effective Sep 30, 2025

CYBER
SECURITY
MADE SIMPLE.

Ohio law requires every township and village to have a formal cybersecurity program. Secured Roots walks you through every requirement — checklists, incident tracking, policy docs, and audit-ready records.

Start Free Trial See Requirements

Ohio Townships & Villages

2,018

required to comply with HB 96

Days to Report an Incident

to the Ohio Cyber Integration Center

Avg. Daily Ransomware Cost

$83K

per day of government downtime

INCIDENT TRACKING POLICY GENERATION 7-DAY OCIC REPORTING TRAINING LOGS NIST FRAMEWORK DOCUMENT VAULT ORC 9.64 COMPLIANCE AUDIT READY RANSOMWARE PROTOCOL RISK ASSESSMENT CIS CONTROLS INCIDENT TRACKING POLICY GENERATION 7-DAY OCIC REPORTING TRAINING LOGS NIST FRAMEWORK DOCUMENT VAULT ORC 9.64 COMPLIANCE AUDIT READY RANSOMWARE PROTOCOL RISK ASSESSMENT CIS CONTROLS

GUIDED COMPLIANCE CHECKLIST

All 20 HB 96 requirements across 7 categories. Step-by-step guidance for every item. Mark complete, add notes, watch your score climb.

Core Feature

INCIDENT TRACKER & DEADLINES

Log an incident and your 7-day (OCIC) and 30-day (Auditor) deadlines auto-calculate. Visual countdowns. Mark reporting complete. Never miss a deadline.

Critical for HB 96

POLICY DOCUMENT GENERATOR

Auto-generate your Cybersecurity Policy, Incident Response Plan, Acceptable Use Policy, and Ransomware Protocol — prefilled with your org's details, ready to adopt.

Saves Hours

TRAINING TRACKER

HB 96 mandates annual training for all employees. Log completions, track 1-year expirations, get alerts before certifications lapse.

Annual Requirement

AUDIT DOCUMENT VAULT

Store policies, training certificates, risk assessment results, and incident reports. Everything an auditor could ask for — one click away.

Audit Ready

COMPLIANCE SCORE DASHBOARD

One number shows where you stand. Drill down by category. See open incidents and expiring training at a glance. Always know your risk posture.

At-a-Glance Status

Ohio HB 96 / ORC 9.64

THE LAW IS ALREADY IN EFFECT

Governor DeWine signed House Bill 96 on June 30, 2025. Every Ohio township and village was required to comply by September 30, 2025. Non-compliance risks negative state audit findings and legal liability after a breach.

Start Complying Today

WHAT HB 96 REQUIRES

01
Adopt a formal cybersecurity program
ORC 9.64(A) — via legislative resolution or ordinance
02
Align with NIST CSF or CIS Controls
ORC 9.64(B) — recognized security frameworks
03
Conduct a cybersecurity risk assessment
NIST CSF: Identify function
04
Annual cybersecurity training for all employees
ORC 9.64(B) — mandatory, recurring
05
Formal written incident response plan
ORC 9.64(C) — must include OCIC contact info
06
Report incidents to OCIC within 7 days
ORC 9.64(C)(1) — Ohio Cyber Integration Center
07
Full report to Auditor of State within 30 days
ORC 9.64(C)(2)
08
Public legislative vote before any ransom payment
ORC 9.64(D) — must occur at a public meeting

SIMPLE PRICING

$100/ month

One flat price. Full access. No per-seat fees, no add-ons, no surprises. Starts with a 14-day free trial — no credit card required to start.

Start Free Trial

✓All 20 HB 96 compliance checklist items
✓Incident tracker with automatic deadline alerts
✓Policy generator — 4 ready-to-adopt templates
✓Employee training tracker with expiration tracking
✓Document vault for audit evidence
✓Compliance score dashboard
✓Unlimited users per organization
✓Export full audit reports anytime

Your dedicated admin at Secured Roots monitors your compliance posture and helps keep your organization on track between state audits.

CYBERSECURITYMADE SIMPLE.

WHAT HB 96 REQUIRES

SIMPLE PRICING

Your township is alreadyrequired to comply.

CYBER
SECURITY
MADE SIMPLE.

Your township is already
required to comply.