ALTA’s Title Insurance and Settlement Company
Best Practices Call for Samples

ALTA believes that members already practice all or significant parts of the Best Practices. Because of this, we are looking for members to submit sample policies already in place. Submissions will be anonymous and distributed to a related ALTA committee (internal auditing, technology, forms, PR, etc.) in order to produce standard policies or guidelines for the industry.

If your company doesn’t have a complete policy formally documented, please don’t hesitate to submit a description of the practices that are followed in your office. These may be in the form of a staff memo or brief paragraph describing your procedures.

There are seven general topics that we are seeking, but each policy encompasses several different practices. Below is a partial list of the kinds of practices we are looking for. The list is by no means complete, so if you believe something to be relevant, please submit it!

• Escrow Trust Account Policy
• Three-way reconciliations
• Segregation of duties (in 1-3 person offices, midsize offices, large offices)
• Documenting outstanding file balances
• Authority to access and transfer funds
• Physical Security of Non-public Personal Information Policy (NPI)
• Restrict access to authorized employees only
• “Clean-desk” policy
• Secure delivery methods to transmit NPI
• Prohibit NPI from being accessed or stored on non-approved electronic devices
• Network Security of Non-public Personal Information Policy
• Strong passwords
• Password activated screen savers
• Firewall, anti-virus, intrusion prevention systems
• Data encryption for files containing NPI
• Transmit NPI and money via secure socket layer (SSL) connections
• Encrypt or password-protect documents containing NPI on portable devices (laptops, smart phones, USB drives)
• Acceptable Use Policy
• Disposal of Non-public Personal Information Policy
• Document retention period
• Destruction of hard copy and electronic files
• Disaster Recovery Policy
• Security Breach Policy
• Notification to customers and law enforcement
• Written policies related to policy production, delivery, reporting, and remittance

In addition to the practices, we are hoping to create a directory of vendors that can help develop and implement these practices. If you are using outside vendors, please consider uploading a list that includes the vendors name, website, phone number, and service provided.