#3 Information and Data Privacy
Adopt and maintain a written privacy and information security program to protect Non-public Personal Information as required by local, state and federal law.

Federal and state laws (including the Gramm-Leach-Bliley Act) require title companies to develop a written information security program that describes the procedures they employ to protect Non-public Personal Information. The program must be appropriate to the Company’s size and complexity, the nature and scope of the Company’s activities, and the sensitivity of the customer information the Company handles. A Company evaluates and adjusts its program in light of relevant circumstances, including changes in the Company’s business or operations, or the results of security testing and monitoring.

ALTA's Best Practices Resource & Documentation Page

ALTA Assessment Procedures
ALTA Best Practices: Protecting Non-public Personal Information
Video in the ALTA Title Topics Best Practices series.
ALTA Office Security and Privacy Guidelines (booklet)
ALTA Procedures
ALTA Title Topics: Real World Lessons from the Paperless Filesl
Video by Greenfolders in ALTA Title Topics series.
ALTA’s Best Practices Resource & Documentation Page
NC Attorneys: What You Should Know - Issues to Consider & Discuss

What You Should Know; Issues to Consider & Discuss
Resources - Articles, Contacts, Websites, Statutes, Ethics Rules & Opinions

*** FOR AGENTS ONLY - National Agency website (LOGIN REQ) ***
*** FOR AGENTS ONLY -- NC ftp site (LOGIN REQ FIRST) ***
ABA Disaster Preparedness & Business Continuity for Lawyers
Are you, your staff, your client files, your computer systems able to continue in the event of a fire, hurricane, flood or other disaster at your office? What is your PLAN? Important information, links and resources.
ABA The Management Challenge of Data Security & Privacy
By Ed Poll, ABA Law Practice Division, October 2013
Best Practices Boot Camp #1
Webinar by Real Estate Data Shield, RynohLive and DataMotion detailing data, information, escrow and email security.
Beyond the Seven Pillars, Gulotta, Real Estate Data Shield (Feb 2014)
What & Where is NPPI? Data breach notification under NC law. Gramm-Leach-Bliley (FTC privacy notice, safeguard & disposal), OCC (third party relationships), Dodd-Frank (CFPB) & TRAINING. This does not constitute legal advice nor an attorney client relationship & is provided for information purposes only. Laws, rules & regulations change frequently. Local laws may apply. Consult an attorney for any specific compliance or related inquiries.
Chicago (FNTG family) resources / partnered or preferred vendors
DISCOUNTS & EXPERTS: Training/advising, encrypted email, secure document management, storage/shredding, business continuity
Clean Desk Policy - NOTICE & notes
DataMotion - Best Practices for Encrypted Email & File Transfer
Datamotion - Email Encryption (VIDEO)
FTC Data Security resources
Interactive video, Protecting Personal Information practical step-by-step guide
Lawyers Mutual - Disaster Planning and Recovery
Fire, Power Failure, Tornado, Theft: Assess your risk; Develop a plan; Protect your people and client files; Know who to call -- checklists
North Carolina Breach Notification Statute, N.C. Gen. Stat. 75-60 et seq.
The NC Identity Theft Protection Act, G.S. 75-60 et seq. & G.S. 14-113.20 et seq. require reporting of any data breach to clients affected as well as authorities, with penalties up to treble damages as well as criminal penalties.
OCC Guidelines for Law Firms (Real Estate Data Shield, 5/1/13)
Real Estate Data Shield
Information policy templates, online training, certification, and company security self-assessment tools
Resources -- Statutes, Regulations, Governmental websites, Ethics rules, vendors
Security Compliance Associates
Internal Risk assessments for security vulnerability to develop information security policies & business continuity plans -- Control tests, compliance & assessments
Sample Checklists

Sample Business Continuity Plan checklist

Sample Policies and Procedures

Sample Computer Systems Insurance Rider
Sample Data Security Policy Structure
Sample Policies & Procedures Template (updated 4-28-2015)
ALTA Best Practices
Best Practice #1
Best Practice #2
Best Practice #3
Best Practice #4
Best Practice #5
Best Practice #6
Best Practice #7
ALTA Assessment
ALTA Certification
Contact Us