Translate this page:
Skate to the Puck, by David Daniel, Agents Section Lobbyist, Smith Bryan & Myers
Ok, here is the truth, I use to be an avid Detroit Red Wings hockey fan watching the NHL playoffs each year to see them compete. Big cross-checks on the boards by the defensive, visually blocking the opposing goalie for a redirected shot on goal and the sheer desire by players to hold the Stanley Cup were all a part of the draw for me. “The Great One”, Canadian Wayne Gretzky, who has more assists in his career than the next leading goal scorer, is considered by many to be the most accomplished and well-known hockey player. In discussing his early hockey training, one of his father’s instructions was to skate “To where the puck is going, not where it’s been.” So simple and highly effective for his amazing hockey career.
While I don’t watch much NHL anymore and the players I enjoyed have come and gone, I have come back to the phrase, “skate to the puck” many times. Its application is greater than simply a training tool in hockey and applying this principle to politics has been helpful. Think about it, if you know the direction of a special interest group or politician you can use that to your advantage in getting your agenda across the line or defeating a bad bill. So how do you know where “the puck” is going in politics? It is based on information gained by investing in relationships. Knowing how best to approach a state legislator is information and information is power and can provide much needed intelligence to make navigating the legislative process easier.
As a veteran of prior legislation seeking to reform Florida’s broken HOA estoppel process, I know first-hand how challenging this issue can be. In addition, this battle is over money with the current process simply authorizing an exit tax on Florida’s homeowners to excessively enrich the HOA. We all know just having the right public policy does not guarantee success during a legislative session. It is hard to pass a bill through the legislative process and the right policy must often be worked around the politics of session, individual legislators, and the committee process.
Fortunately, we have a unique opportunity during the 2023 and 2024 Legislative Sessions. The incoming Senate President, Sen. Kathleen Passidomo (R-Naples) is both a Florida Bar certified real estate lawyer and member of the Real Property Probate and Trust Law Section of the Florida Bar. She gets it and understands our industry and the challenges we face each day to serve Floridians by accurately and timely completing real estate transactions. She has made it clear to all she believes both the lender estoppel and HOA estoppel issues need change.
So, how do we skate to the puck? We know tough legislative battles lie ahead. We know the incoming Senate President is interested in making this process work more efficiently and be less costly for Florida homeowners. We know the opposition will hire up lobbyists to oppose any change to their lucrative exit tax. We know that during the last HOA estoppel battles our biggest advantage were the examples provided across the state of outrageous fees and charges homeowners had to pay to simply get an estoppel letter. We know where the puck is going, as do our opponents. The question is what we are willing to do to this summer to get there first.
How about supporting pro-title industry candidates’ election and re-election? How about using this election season to develop relationships with state legislators from your area of the state? How about starting now to collect examples of the significant fees and charges required by HOAs as an exit tax from their association? We know what is coming and we know we need to be prepared prior to the annual Legislative Session which begins on March 7, 2023. Will you be in position when the puck gets there?
NO, An E&O/Professional Liability policy only covers loss due to damages resulting from the failure to provide professional services, negligence, preventable mistakes, incompetent work, and other professional errors. If a Title agent suffers a cyber-attack with only E&O in place, they will not have coverage for a significant portion of their actual expenses.
Errors & Omissions covers only the legal costs associated with a lawsuit, including attorney’s fees, court judgments, and, in some cases, settlements. This is considered third-party coverage, i.e., costs brought on by the action of third parties; clients, vendors, and government agencies.
This is why nearly every Title agent needs both E&O and Cyber Security Insurance coverages to prevent financial ruin after a cyber-attack.
Cyber Liability policies can also include other kinds of coverage:
Cyber Policy vs. Crime Policy
It may seem counterintuitive, but social engineering fraud is not always covered by a crime-policy. Even though this fraud often involves emails and wire transfers, all cyber policies are not designed to cover them either. As cyber criminals and their tactics become more complex, the majority of cyber and cyber-crime attacks are executed via social engineering.
Crime policies cover the direct loss of your funds, whether through maleficence, employee dishonesty or social engineering.
Cyber policies cover economic damages arising through a failure of network security or privacy controls which may cause indirect losses. They cover losses that result from unauthorized data breaches or system failures.
Areas of Risk To Be Aware Of
Tips when shopping for Cyber insurance:
Key Words to Know When Choosing the Correct Coverage:
Network Security: Insurance against cyber-attacks and hacking attacks.
Theft and fraud: Cover destruction or loss of the policyholder’s data as the result of a criminal or fraudulent cyber event, including theft and transfer of funds.
Forensic investigation: Covers the legal, technical, or forensic services necessary to assess whether a cyber-attack has occurred, to assess the impact of the attack, and to stop an attack.
Business interruption: Covers lost income and related costs where a policyholder is unable to conduct business due to a cyber-event or data loss.
Social Engineering: is the non-technical cyber strategy that relies on tricking people into breaking standard security practices by manipulating victims into performing various actions or providing confidential information. Social engineering fraud (SEF) is a type of fraud that’s become increasingly common over the last several years, with a large majority of this fraud transpiring over email communications.
Cyber extortion and ransomware: Provides coverage for the costs associated with the investigation of threats to commit cyber-attacks against the policyholder’s systems and for payments to extortionists who threaten to obtain and disclose sensitive information.
Reputation Insurance: Insurance against reputation attacks and cyber defamation.
Computer data loss and restoration. Covers physical damage to, or loss of use of, computer-related assets, including the costs of retrieving and restoring data, hardware, software, or other information destroyed or damaged as the result of a cyber-attack.
Information Privacy. Covers organizational liabilities arising from actual or alleged non-compliance with any worldwide cyber, information privacy, or identity-related regulation, statute, or the law. For example, this coverage part would cover an organization's legal defense, and ultimate monetary settlement, resulting from a regulatory claim alleging such organization was non-compliant with any covered privacy regulation
Bricking- Bricking refers to a consumer electronic device that has been damaged beyond repair, making it utterly unusable, often because of damaged firmware, malicious or incorrect software. once they are rendered inoperative, they are virtually useless except as a paperweight or a doorstop
Insurance and recovery process: Coverage for business interruption loss under cyber insurance policies is becoming more prescriptive, the language in most insurance policies is still somewhat open ended and subject to competing interpretations. Most business interruption coverage includes a waiting period of a certain number of hours and a requirement that net profit or loss, charges and expenses be calculated on an hourly basis. It’s important to recognize that cyber insurance policies provide for the recovery of lost net profits and mitigation costs, as well as continuing expenses, such as employee salaries.
The above is provided as informational only from the Cyber Security Committee. It should not and does not represent insurance advice or legal advice. Be sure to consult with your insurance and/or legal team for additional information.
BACK TO INDUSTRY NEWS
Following a public notice and comment period, the Department of State's revised Online Notary Rule will go into effect on February 22, 2022. Here's what the Rule states:
1N-7.005 Online Notary Public and RON Service Provider Required Information.
(1) Online notary public.
(a) Within 30 day of the effective date of this rule, a currently registered online notary public shall provide the Florida Department of State the name of the online notary public’s RON service providers, the effective dates during which the online notary public used each RON service provider, and, if applicable, the name of any secured repositories to which the online notary public may have delegated his or her duties pursuant to Section 117.245(4), F.S., from January 1, 2022, and thereafter.
(b) An individual registering as an online notary public, shall provide this information at the time of his or her registration.
(c) The online notary public shall submit this information on Form Number DS-DOC-50, titled “Online Notary Public: Required Information,” Effective 02/2022, which form is hereby incorporated by reference and is available on the Department of State’s website at https://dos.myflorida.com/sunbiz/other-services/notaries/notary-forms/ or http://www.flrules.org/Gateway/reference.asp?No=Ref-14032.
(d) An online notary public that changes, adds, or removes a RON service provider or secured repository from the online notary public’s use shall submit to the Department within 30 days of the change an amended Form DS-DOC-50 identifying the online notary public’s updated RON service providers and, if applicable, secured repositories.
(2) RON service provider.
(a) Within 30 day of the effective date of this rule, and annually thereafter, a RON service provider shall provide the Florida Department of State, a self-certification form confirming that its audio-video communication technology and related processes, services software, data storage, or other services provided to online notaries public for the performance of online notarization satisfy the requirements of Chapter 117, F.S., and any rules promulgated by the Florida Department of State pursuant to Section 117.295, F.S.
(b) The RON service provider’s self-certification is effective for a period of 1 year after the date the RON service provider files it with the Department.
(c) If applicable, the RON service provider shall, at the same time it files its self-certification, identify any secure repositories to which the RON service provider may have delegated its duties pursuant to Section 117.245(4), F.S., from January 1, 2022, and thereafter.
(d) The RON service provider shall submit this information on Form Number DS-DOC-51, titled “RON Service Provider: Self-Certification and Required Information,” Effective 02/2022, which form is hereby incorporated by reference and is available on the Department of State’s website at https://dos.myflorida.com/sunbiz/other-services/notaries/notary-forms/ or http://www.flrules.org/Gateway/reference.asp?No=Ref-14033.
(e) A RON service provider that, pursuant to Section 117.245(4), F.S., delegates its duties to a secured repository after it has already filed its annual certification shall submit to the Department an amended Form DS-DOC-51 within 30 days after making such delegation.
(f) An entity that seeks to begin providing RON service provider functions after the effective date of this rule shall submit the information required by this section prior to providing RON service provider functions.
Rulemaking Authority 117.295 FS. Law Implemented 117.245, 117.295 FS. History–New 2-22-22.
“Let’s get Physical”
Acknowledging that good Cyber Security starts with addressing any “physical or tangible” information breaches is the best first step toward achieving a higher level of security for your company. This article will address physical areas that should be considered when looking at the overall Cyber Security health of your organization.
1. Vendor Management – When contracting a 3rd party who will have access to your office and physical client data/NPI, you become responsible for any risks posed by their activities. These vendors include, but are not limited to: cleaning services, trash/waste services, shredding companies, alarm companies and copier maintenance companies. It is important to have a vetting process in place to get to know your vendor, ensure they meet any regulatory requirements and are protecting your most valuable asset - your reputation. Key elements of your due diligence process should include:
a. Make sure you are dealing with a licensed and registered business. Get a copy of their business licenses and check it’s standing online.
b. Verify their reviews.
c. Gather information on their general liability insurance, cyber insurance, or insurance specific to their services.
d. Have them sign a Non-Disclosure Agreement (NDA) and Confidentiality Agreement.
2. Visitor Protocols
a. Know who is in your office and why.
b. Have visitors present their credentials, sign visitor log and state the service they will be providing.
c. Only allow visitors in the areas needed for their particular function.
d. If the visitors are service providers, then make sure you have a privacy protocol in place for them to review, as well as receiving their privacy protocols for your review.
3. File Management - In most instances, several people may be working on files simultaneously. Thus, it is important to have best practices in place to ensure the integrity and privacy of the transaction from start to finish.
a. Assure that all computers and laptops are locked or shut down when not in use.
b. Lock doors to internal offices, desks & filing cabinets when outside vendors have access to the main office.
c. Never share passwords or use common/same passwords with others, and change passwords frequently.
d. When files are shared on a network, review shared settings often to determine access privileges. If access is not needed for an individual, delete or de-activate sharing capabilities.
e. Archive files in an encrypted environment when the transaction is completed.
f. Physical files should be secured in closed filing cabinet when employees are not physically present.
4. Clean Desk Policy and Conference Room Protocols - Computer screens and equipment, paper documents (including post-it notes), white boards, and chalk boards are all vulnerable to unauthorized exposure of NPI by anyone who has physical access to the workspace. Oftentimes it can be impossible to know who accessed the exposed NPI, and what the intentions of the culprit might be. Making sure employees are aware of the dangers, with the precaution of a clean desk policy, clean screen policy, and conference room protocols can help to prevent these unnecessary breaches.
a. Things to consider for a clean desk policy
1. ALLOWED: Landline phones; laptops and computers; files when actively working on them.
2. PROHIBITED: iPhones or android phones with the capabilities of taking photos; access cards to the office or building; keys to the office.
3. Implement use of screen blockers for computer screens and personal handheld devices to eliminate “visual hacking.”
4. Locking your computer or turning it off when leaving your desk.
5. Notify management and security immediately upon discovery of lost or stolen items.
b. Things to consider for conference room protocols. Conference rooms are often the place where the most NPI is shared among participants. Complete purging of all information needs to occur.
1. Clean up any leftover notes or paper left on the table or thrown into the trash can.
2. Erase notes on the white board, if applicable.
3. Check to make sure post-it notes have not been left behind with information written on them.
4. If there is a dedicated computer or laptop make sure it is locked and secured prior to leaving.
5. If meeting is breaking for a period of time and participants are leaving the room, make sure the conference room is secured without access to others, or that any items with confidential information is put away.
5. People Risk Management - When people are under financial pressure they can act or do things that are out of character, – taking chances in order to feel financially secure once again.
a. Financial stress considerations:
1. Watch for employees that may be showing signs of abnormal behavior, such as not finishing tasks completely, showing signs of depression, exhibiting lower work quality, demonstrating high agitation with others, asking for pay advances, etc.
2. Have resources to direct them to for assistance – do not ignore these symptoms.
3. Conduct employment background checks at regular intervals.
In conclusion, security breaches of NPI or private and sensitive information happen not just in the cyber world, but also in the physical, tangible data environment. It is important to keep vigilant in your security practices in both realms. For further information regarding how to protect yourself, your business and your employees, we have included the below articles:
1. Vendor Management: Office of Compliance Inspection and Examinations, Safeguarding Customer Records and Information in Network Storage – Use of Third Party Security Features
2. Visitor Protocols: Blog: 9 visitor policy basics to keep your business secure
3. File Management/Access: 6 Simple Ways to Ensure Data Access Governance for File Server
4. Clean Desk Policy and Conference Room Protocols: List of security templates available from SANS Institute
5. Forensic Investigation: Blog: What Does a Cyber Forensic Investigation Do and How Much Does it Cost?
Article by the Cyber Security Committee
Back to Industry News.
Washington, D.C., Oct. 13, 2021 — The American Land Title Association (ALTA), the national trade association of the land title insurance industry, announced that the ALTA Registry, the national database of title and settlement agents, added a new feature that allows companies to quickly provide errors and omissions (E&O) policy information to underwriters.
The new feature allows title and settlement companies to upload their E&O information to the ALTA Registry. Underwriters can then access the data to quickly verify the information. This new tool includes document level automatic scrubbing using Deep Secure by Forcepoint’s malware removal technology and data extraction via AREAL’s artificial intelligence powered document processing technology.
“The ALTA Registry has evolved into a data clearinghouse for title underwriters, lenders and settlement agents,” said Jack Rattikin III, CEO of Rattikin Title and co-chair of the ALTA Registry Committee. “The Registry provides an optimal way for underwriters to manage oversight of their agents’ E&O data.”
Nearly 8,800 title agents, settlement companies and real estate attorneys appear in the ALTA Registry. The ALTA Registry allows title insurance agents and settlement companies to communicate with underwriters to confirm their company name and contact information—providing mortgage lenders with a trusted industry online database to identify transaction partners.
The ALTA Registry also closes an access point for potential malware and drives down oversight costs by improving accuracy and automated data downloads.
“A secure and neutral data-sharing utility that benefits all title agents and underwriters will be a welcome solution to maintaining current E&O coverage details,” said Eddie Oddo NTP, vice president of Corporate Business Solutions for First American Title Insurance Company and co-chair of the ALTA Registry Committee. “The Registry standardizes the process and eliminates the need for title agents to send E&O information to multiple underwriters, allowing industry professionals to focus on the tasks that drive their business.”
The ALTA Registry confirms that mortgage lenders are working with the correct title agent, settlement company or real estate attorney. Every title agent office location is identified by a unique ALTA ID, allowing quick verification. Each entry is also fully confirmed by title insurance underwriters. Using the ALTA Registry, mortgage lenders can increase accuracy, reduce production expenses, combat fraud and improve compliance. The ALTA Registry is offered to mortgage companies on a subscription basis.
an article by the Cyber Security Committee
In a world of smart phones, computers, laptops, tablets, Alexa, Siri…. Do you ever wonder if your devices are listening to you? That perhaps your “private” conversations aren’t so “private” after all?
The short answer is “Yes”, these devices have the ability to listen to you and in many cases, they are. Facebook, Google, and Amazon are just a few of the companies that are listening and collecting information, not to mention cybercriminals who are potentially listening in on your smart devices. After all, the device itself may not be recording this information, but once a cybercriminal has access, the fraudster could be recording this information.
As more and more of us continue to work remotely, away from corporate security overlays, it is important for you to think about the conversations you are having while using these types of devices. For example, consider:
1. Are you discussing sensitive transaction information with a client or customer?
2. Are you in meetings discussing proprietary company information?
3. What about the personal conversations you may be having about your health issues or other personal matters?
You may feel safe discussing this kind of information in the privacy of your own home, but always keep in mind that these conversations, and especially the information disclosed, may not be as safe as you think! So, what can be done?
Here are some security tips to consider to keep your private conversations as safe as you can!
The most important thing to remember is that your personal devices are akin to mini-computers. Gaining access to them allows the cybercriminals to access a great deal of personal information that can ultimately be used on the black market against you and your employer. Employing a few safety tips such as the ones mentioned above are easy ways to help safeguard your privacy.
Where are your Secrets being Kept?
Office printers/scanners/fax machines (hereinafter “printers”) are a treasure trove of sensitive data. Because they often come with a web-based interface or an internet connection, they have a huge attack surface, making them easy to hack.
How are printers vulnerable?
What do hackers want with printer access?
What are common methods of attack?
Steps/suggestions to protect your printers:
Special considerations to protect your printers AT HOME:
An article from the FLTA Cyber Security Committee
1. COMMUNICATION WITH CONSUMER:
A. Initial Phone Call to Consumer in the beginning of the transaction:
A. Initial Phone Call to Consumer in the beginning of the transaction:
2. COMMUNICATION WITH REALTORS
A. Speak with Realtors at the beginning of the transaction: How are we communicating with them?
A. Speak with Realtors at the beginning of the transaction: How are we communicating with them?
B. Email discussion with Realtors
B. Email discussion with Realtors
Aaron Davis flew from Tampa, Florida, to Austin, Texas, on Friday — because he wanted to help people affected by the snow and ice storm.
"I just felt incredibly guilty sitting down in Tampa, Florida, in the sunshine watching the rest of the country suffer," Davis, 45, tells PEOPLE. "I've weathered many storms in my life in Florida, the hurricane capital of the world."
During the last Florida hurricane, he bought and delivered generators to people in need. "I just try to step up and do what I can," he says.
A business owner (his company does remote real estate closings), Davis told his staff he was taking a month off to volunteer in Texas. "I felt the need to be feet on the ground in Texas to help out however I could," he says.
Read the complete story on People Magazine.
Through Aaron's work with the Harper, TX Fire Department a GoFundMe account has been created calling for funds to assist the community. Aaron has gone on to say, the need is absolutely real and any amount will be a great help.
GoFundMe Account: Harper Winter Storm Disaster 2021.
Dear fellow members,
I would like to start this message by acknowledging the steady leadership and excellent work of our association staff, our Board of Directors (BOD), and everyone who is contributing so significantly with our various committees and working groups. A quick review of the other sections of this Newsletter will reveal the current efforts and priorities of our Association being powered by our industry’s most dedicated professionals. Despite the incredible challenges of the current pandemic, I am very grateful and proud that our Association is in a stronger position at this moment, both financially and structurally, than it was before the pandemic hit us around this time last year. And we have big plans and opportunities to continue our success.
A big focus for this coming month will be our first fully virtual Lobby Days. Those of you that have participated in past years already know that Lobby Days has become one of the most important and impactful events of our Association as we generate awareness and engagement between FLTA members and key policymakers around current Association legislative priorities and promote the overall benefits that the title insurance and real estate settlement industry provides. And now this event is open to easier access and more participation by being virtual. Are you interested in participating? Get more specific details and register.
Another big focus that I would like to highlight starts with the charitable action of past BOD member, Aaron Davis, who has travelled to Texas to help with the natural disaster caused by their recent storm. Our Association was inspired by Aaron’s efforts and has contributed $250 to the Harper, TX, Fire Department GoFundMe Account and we encourage any interested members to contribute individually as well. I know that giving back is an integral part of who we are as individuals, and I am very proud that our Association is evolving in a way that will put formal structure and resources around these efforts. What started with our BOD decision to donate $20,000 to be split between five Florida area food banks with increased demands created by Covid-19 and a call to action for our members that was met with so much enthusiasm has now evolved into formal BOD approval to establish an FLTA affiliated Charitable Action Foundation with 501(C)(3) status and a commitment to strengthening the communities where our members live and work.
We envision our foundational philanthropy will not be simply about writing a check. This new organization will put structure around our ongoing relationships, collaborations, shared missions to serve our communities, and the giving of our time and talents to specific need driven challenges as well as the broader long-term goals. Our Foundation will heighten our Association’s identity internally and externally.
The scientific research, and the development and rollout of vaccines gives us hope that the dark and isolating days of this pandemic are numbered. And in its wake, we will have an opportunity to connect in ways both old and new in order to advance the interests of our title insurance and real estate settlement industry in Florida and to serve our communities better than we have before.
I hope this newsletter contains information that is helpful for you and that you are also proud and engaged in our Association. Your ideas, comments and questions are always welcome! I can be reached at email@example.com.
Len Prescott, 2020-2021 President
Email: Executive Director, Scott MerrittEmail: Executive Assistant, Jena Daly
Email: Membership Engagement Coordinator, Rebecca Charette
Florida Land Title Association is a 501(c)6 not-for-profit organization.
Copyright © 2013-2021. All Rights Reserved.
Mailing Address:Florida Land Title AssociationP.O. Box 66145St. Pete Beach, FL 33736