Home Table of Contents

§ 2071. Industry-recognized cybersecurity framework

Oklahoma Statutes AnnotatedTitle 18. CorporationsEffective: November 1, 2023

Oklahoma Statutes Annotated
Title 18. Corporations (Refs & Annos)
Chapter 33. Oklahoma Hospital Cybersecurity Protection Act of 2023
Effective: November 1, 2023
18 Okl.St.Ann. § 2071
§ 2071. Industry-recognized cybersecurity framework
Currentness
A covered entity's cybersecurity program, as described in Section 3 of this act,1 reasonably conforms to an industry-recognized cybersecurity framework for purposes of that section if this section is satisfied:
1. The covered entity is subject to the requirements of the laws or regulations listed below, and the cybersecurity program reasonably conforms to the entirety of the current version of both of the following, subject to paragraph 2 of this section:
a. the security requirements of the Health Insurance Portability and Accountability Act of 1996, as set forth in 45 CFR Part 164 Subpart C, and
b. the Health Information Technology for Economic and Clinical Health Act, as set forth in 45 CFR Part 162; and
2. When a framework listed in paragraph 1 of this section is amended, a covered entity whose cybersecurity program reasonably conforms to that framework shall reasonably conform to the amended framework not later than one (1) year after the effective date of the amended framework.

Credits

Laws 2023, c. 84, § 4, eff. Nov. 1, 2023.

Footnotes

1
Title 18, § 2070.
18 Okl. St. Ann. § 2071, OK ST T. 18 § 2071
Current with emergency effective legislation through Chapter 295 of the Second Regular Session of the 59th Legislature (2024). Some sections may be more current, see credits for details.
End of Document