Pillar 3 - Privacy & Security
Adopt and maintain a written privacy and information security program to protect Nonpublic Personal Information as required by local, state and federal law.
Purpose: Federal and state laws (including the Gramm-Leach-Bliley Act) require title agents to develop a written
information security program that describes their procedures to protect non-public customer information. The program
must be appropriate to the company’s size and complexity, the nature and scope of the company’s activities, and the
sensitivity of the customer information the company handles. Plunkett & Graver, P.C. evaluates and adjusts its program in light of relevant circumstances, including changes in the firm’s business or operations, or the results of security testing and monitoring.
Non-public personal information, if physically maintained at Plunkett & Graver, P.C., is accessible only by authorized employees. If electronically maintained, is done so on secure servers with access restricted to only authorized employees.
Documents containing non-public personal information is transmitted from Plunkett & Graver, P.C. in safe delivery of documents using encryption and password protection. Plunkett & Graver, P.C. maintains and tests its written Disaster Recovery Plan on an annual basis. All existing and new employees are trained on information security.
Plunkett & Graver, P.C. maintains its own document shredder to ensure disposal of non-public personal information.