On August 3, 2018, the Governor in Ohio signed into law the Data Protection Act, which provides businesses with an affirmative defense to data breach claims if the business was in compliance with reasonable security measures at the time of the breach.  Specifically, a business would have to show that it creates, maintains and…