Home Closing Privacy Policy

ALTA Best Practices
Privacy and Protection of Non-public Personal Information

Best Practices #3: Adopt and maintain a written privacy and information security program to protect non-public personal inforation as required by local, state and federal laws.

Purpose: Federal and state laws (including the Gramm-Leach-Billey Act) require certain companies to develop a written information security program that describes the procedures they employ to protect non-public personal information. The program must be appropriate to teh Company’s size and complexity, the nature and scope of the Company’s activities, and the sensitivity of the Consumer information the Company handles. A Company evaluates and adjusts its program in light of relevant circumstances, including changes in teh Company’s business or operations, or the results of security testing and monitoring.

Zdenek Law Firm’s Policies and Procedures for
Implementation and Adherence to Best Practice #3

1. Physical security of Non-public Personal Information
The Company:

• Restricts access to Non-public Personal Information to authorized employees who have undergone Background Checks at hiring
• Prohibits or controls the use of removable media
• Uses only secure delivery methods when transmitting Non-public Personal Information

2. Network security of Non-public Personal Information

• Maintains and secures access to Company information technology
• Developed and maintains guidelines for the appropriate use of Company information technology
• Ensures secure collection and transmission of Non-public Personal Information

3. Disposal of Non-public Personal Information

• Adheres to Federal law which requires companies that possess Non-public
• Personal Information for a business purpose to dispose of such information in a manner that protects against unauthorized access to or use of the information

4. The Company has an established Disaster Recover Plan

5. The Company exercises appropriate management and training of employees to ensure compliance with the Company’s information and security program
The Company:

• Takes reasonable steps to select and retain service providers that are capable of appropriately safeguarding Non-public Personal Information

6. The Company has oversight of service providers to help ensure compliance with the Company’s information security program
The Company:

• Takes reasonable steps to select and retain service providers that are capable of appropriately safeguarding Non-public Personal Information

7. Audit and oversight procedures are in place to ensure compliance with the Company’s information security program
The Company:

• Reviews the privacy and information security procedures to detect the potential for improper disclosure of confidential information

8. Notification of security breaches to customers and law enforcement
The Company:

• Posts the privacy and information security program on all Company websites and provides program information directly to customers in useable form.
• When a breach is detected, the Company has a program to inform customers and law enforcement as required by law

This policy was adopted by the Zdenek Law Firm on the 1st day of March, 2014.