Document a privacy and information security program (policies and procedures) to help ensure FOLIO Title LLC maintains written protocols for the protection of data and Non-public Personal Information (NPI).
These policies and procedures are for all of FOLIO Title LLC (hereafter referred to as “The Firm”) locations including all satellite offices. These procedures are to be followed by all employees and independent contractors where applicable.
The Firm’s policies associated with the privacy and information security program are given to all employees and the employees must acknowledge in writing that they have read and understand such policies. It is the responsibility of Ricardo Teran, Business Development Advisor to help ensure The Firm has received all employee acknowledgements.
The Firm makes an assessment annually of the standards and requirements affiliated with The Firm’s information security program, including those set out in this policy and procedure document. This assessment is conducted by Ricardo Teran, Business Development Advisor and a formal report on compliance is issued to The Firm management.
Physical Security of NPI
The Firm’s individuals who have access to NPI are restricted to authorized principals and employees who have undergone a formal background check process which identified no irregularities.
Removable media devices, including but not limited to external hard drives, compact discs, magnetic tapes and USB/flash drives are issued by The Firm with the approval of Nelson Taracido, Manager. The use of removable media devices is prohibited unless Nelson Taracido, Manager has authorized such use. Removable media is kept in a secure area and accounted for via Ricardo Teran, Business Development Advisor, when not in use.
Other standard procedures for security of NPI include closing paper files other than the one currently being worked on, stowing files away when away from the workspace, and locking desks and file cabinets at the end of the day. Hardcopy NPI that is transmitted outside the Firm is done so using only secured envelopes and/or locked document bags.
Network Security of NPI
At the direction of Nelson Taracido, Manager, The Firm’s designated Network Administrator grants appropriate access to The Firm’s various computer technology applications. The Firm’s file server(s) or main central processing unit is housed (on premise at main office). The Firm’s computer network utilizes up-to-date anti-virus, anti-spyware and data encryption software applications. Third party Network Administrator is responsible for such software maintenance.
Access to The Firm’s information technology computers and network is secured by individual and unique passwords. . All The Firm’s computers no matter, desktop or laptop run a “screen timeout” application causing automatic system sign off when the system detects no activity for a period of 2 minutes.
Disposal of NPI
The Firm has defined and communicated to employees the types of data/information that falls into the NPI category. Any NPI data is disposed of accordingly. Paper records by shredding. Small shredders are available throughout the office. When disposing of computers and portable storage devices, The Firm uses a software application to erase/wipe clean the device.
Disaster Management Plan for NPI
The Firm has a documented disaster management plan to help ensure adequate backup, recovery and business continuity procedures. The plan also includes required procedures for notification and response to security incidents and breaches. The Firm also maintains network security and privacy liability coverage for such circumstances. The disaster management plan is reviewed on an annual basis by Nelson Taracido, Manager. and updated as appropriate.
Security Practices of Independent Service Providers
If independent service providers for The Firm receive NPI from The Firm, The Firm shares this policy document with the service provider and/or conducts appropriate due diligence of the NPI security measures of the service provider before transmitting any NPI data. Service providers are aware they must notify The Firm regarding NPI security breaches of NPI data that has been transmitted.
If security breaches occur, proper notification is provided to consumers and law enforcement in accordance with The Firm’s privacy and information security program and disaster management plan.
ALTA PRIVACY FORM
MAY 7, 2001
FOLIO Title LLC
PURPOSE OF THIS NOTICE
Title V of the1 Gramm-Leach-Bliley Act (GLBA) generally prohibits any financial institution, directly or through its affiliates, from sharing nonpublic personal information about you with a nonaffiliated third party unless the institution provides you with a notice of its privacy policies and practices, such as the type of information that it collects about you and the categories of persons or entities to whom it may be disclosed. In compliance with the GLBA, we are providing you with this document, which notifies you of the privacy policies and practices of FOLIO Title LLC.
We may collect nonpublic personal information about you from the following sources:
- Information we receive from you such as on applications or other forms.
- Information about your transactions we secure from our files, or from our affiliates or others.
- Information we receive from a consumer reporting agency.
- Information that we receive from others involved in your transaction, such as the real estate agent or lender.
We may disclose any of the above information that we collect about our customers or former customers to our affiliates or to nonaffiliated third parties as permitted by law.
We may also disclose this information about our customers or former customers to the following types of non affiliated companies that perform marketing services on our behalf or with whom we have joint marketing agreements:
- Financial service providers such as companies engaged in banking, consumer finance, securities and insurance.
- Non-financial companies such as envelope stuffers and other fulfillment service providers.
WE DO NOT DISCLOSE ANY NONPUBLIC PERSONAL INFORMATION ABOUT YOU WITH ANYONE FOR ANY PURPOSE THAT IS NOT SPECIFICALLY PERMITTED BY LAW.
We restrict access to nonpublic personal information about you to those employees who need to know that information in order to provide products or services to you. We maintain physical, electronic, and procedural safeguards that comply with federal regulations to guard your nonpublic personal information.
Get a Free Consultancy
The team at Folio will represent you with professionalism and integrity.
Schedule your free consultation with us today.