Ohio Rev. Code Ann. § 3333.0412
(A) No nonprofit institution that holds a certificate of authorization issued under Chapter 1713. of the Revised Code shall be liable for a breach of confidentiality arising from the institution's submission of student data or records to the chancellor of higher education or any other state agency in compliance with any law, rule, or regulation, provided that the breach occurs as a result of one of the following: