HB96 Resource Center

Understanding Ohio's cybersecurity requirements for political subdivisions and public entities.


Helping organizations improve awareness, assess cyber risk, and strengthen operational readiness through education and practical guidance.

ORD 9.64 OVERVIEW

What Is ORC 9.64?

Ohio Revised Code 9.64 establishes cybersecurity requirements for political subdivisions throughout Ohio. The law requires covered entities to implement and maintain a cybersecurity program designed to protect information systems, data, and critical public services.

Protect Information • Identify Threats • Respond to Incidents • Recover Operations

Official Resources

Who Must Comply?

ORC 9.64 applies to counties, municipalities, townships, school districts, libraries, public health agencies, and other covered political subdivisions throughout Ohio.

How SecureOhio Works

Preparing for HB96 doesn't have to be complicated. SecureOhio guides your organization through a straightforward, four-step process designed to help leadership understand current cybersecurity readiness, identify areas for improvement, and build a practical roadmap toward stronger cybersecurity and audit preparedness. 

Speak with one of our cybersecurity advisors for a brief 15-minute executive discussion. Together, we'll evaluate your current cybersecurity program, discuss your organization's objectives, and provide an initial assessment of your HB96 readiness. 

You'll Receive: 
-HB96 Readiness Scorecard 
-Executive Risk Summary 
-Readiness Rating 
-Top Five Executive Recommendations 
-Estimated HB96 Readiness Level 

Cost: Complimentary 

Our Cyber Readiness Checklist helps leadership understand the foundational cybersecurity practices every Ohio political subdivision should have in place. 

Use the checklist to: 
-Evaluate your current cybersecurity program 
-Prepare for conversations with your IT staff or technology provider 
-Identify potential areas of risk 
-Better understand HB96 expectations 
-Begin planning future improvements 

The checklist is an excellent resource whether you're just getting started or validating an existing cybersecurity program. 

Once leadership understands its current readiness, the next step is validating your technical environment. 

The SecureOhio Assessment™ provides a comprehensive cybersecurity evaluation, including penetration testing, vulnerability assessment, executive reporting, an HB96 gap analysis, and a prioritized roadmap for reducing organizational risk. 

This assessment provides leadership with objective information to support budgeting, planning, audit preparation, and cybersecurity decision-making. 

Cybersecurity is not a one-time project. SecureOhio's ongoing cybersecurity programs help organizations continuously improve their security posture through monitoring, awareness training, vulnerability management, policy guidance, executive reporting, and strategic cybersecurity planning. 

Whether your organization is a small township or a large county government, our scalable programs are designed to provide practical, affordable cybersecurity services aligned with your needs and resources. 

Real Incidents.
Real Consequences.

Cyberattacks Are Not Just an IT Problem

Cyberattacks against public entities are no longer rare events. Across the country, counties, cities, school districts, libraries, and public utilities have experienced ransomware attacks, service disruptions, data breaches, and operational outages that directly impacted the communities they serve.When critical systems go offline, citizens cannot access services, employees cannot perform their jobs, and leadership is forced into crisis management.The examples below demonstrate why cybersecurity readiness matters.


Helping organizations improve awareness, assess cyber risk, and strengthen operational readiness through education and practical guidance.