No nonprofit institution that holds a certificate of authorization issued under Chapter 1713. of the Revised Code shall be liable for a breach of confidentiality arising from the institution's submission of student data or records to the chancellor of higher education or any other state agency in compliance with any law, rule, or regulation, provided that the breach occurs as a result of one of the following:
(A) An action by a third party during and after the transmission of the data or records by the institution but prior to receipt of the data or records by the chancellor of higher education or other state agency;
(B) An action by the chancellor of higher education or the state agency.
This provision shall apply to the submission of any student data or records that are subject to any laws of this state or, to the extent permitted, any federal law, including the "Family Educational Rights and Privacy Act of 1974," 88 Stat. 571, 20 U.S.C. 1232g.
Amended by 131st General Assembly File No. TBD, HB 64, §101.01, eff. 9/29/2015.
Added by 130th General Assembly File No. 25, HB 59, §101.01, eff. 9/29/2013.