The URL can be used to link to this page

Home My WebLink About2011 01 10 Informational 102 Update On Indentiy Theft Prevention "Red Flag Rules" Program COMMISSION AGENDA CONSENT INFORM_ATIONAL X ITEM 102 PUBLIC HEARING REGULAR January 10, 2011 MG /DEPT 7 0 Meeting uthorization REQUEST: The Finance and Administrative Services Department would like to provide the Commission with an update on the status of the Identity Theft Prevention "Red Flag Rules" Program. SYNOPSIS: The Identity Theft Prevention "Red Flag Rules" Program and related Red Flag Rules Privacy Committee were established for the purpose of preventing identity theft. The committee meets quarterly to evaluate the program's strengths and weaknesses. This informational provides a summary of the incidents (Attachment 1) and process improvements since the committee's inception. CONSIDERATIONS: The enforcement of the ruling of the Identity Theft Red Flags Regulation that was jointly issued by the Federal Trade Commission, the Office of Thrift Supervision and several other governing agencies: implementing section 114 of the Fair and Accurate Credit Transactions Act of 2003 (FACT Act) which was set for May 1, 2009 was delayed until December 31, 2010. Although mandatory compliance with the Identity Theft Red Flags Regulation was delayed by the regulatory agencies, Resolution 2009 -28 established an Identity Theft Prevention Program and 'Red Flag' Rules Privacy Committee for the City of Winter Springs' Utility on April 27, 2009 (Attachment 2). The 'Red Flag' Committee consists of the following positions along with the names of those currently serving in those roles: Finance and Administrative Services Director (Shawn Boyle), Controller (Donna Bruno - Borelli), Utility Billing Services Manager (Eileen Garner), Revenue Officer (Iris Freeman), Information Technology Coordinator :Security Administrator (Joe Alcala), and Police Detective (David Rainey). Since adoption of the Red Flag Rules there has only been one confirmed incident of identity fraud. However, because the forgery related to a disconnection request rather than the establishment of service (issuing credit) it does not fall under the official purview of this legislation. Likewise, although the incidents cited in the log (Attachment 1) are technically not 'red flag' cases, their review and evaluation by the Red Flag committee inspired improvements in the City's processes and procedures. As a result of the committee's deliberations the following process improvements have been identified and implemented: • Remove social security number field from residential application form • Remove secondary customer field from residential application form to clearly define responsible party (i.e. collection issues, return of deposit, etc.) • Additional measures to secure customer files • Additional steps to further corroborate the source of faxes and emails Goals for 2011: • In -house Training by Detective Rainey • Install lobby cameras Fortunately, the City's experience with identity theft has been slight. Nevertheless, the Red Flag Rules Privacy Committee routinely meets in order to maintain identity theft awareness and to evaluate current policies and procedures. Since the acceptable of credit cards beginning in September 2010, no incidents of fraudulent credit card use have been reported. FISCAL IMPACT: Lobby Cameras — approximately 51,000 from existing Utility Billing budget (1360- General Fund) COMMUNICATION EFFORTS: This Agenda Item has been forwarded to the Mayor and City Commission; City Manager; City Attorney Staff; placed in Press Packets; placed in the City Hall (Lobby) City Commission Meeting binder:; and is available on the City's \Vebsite, LaserFiche, and the City's Server. Additionally, information related to this Agenda Item has been sent to media //press representatives who have requested Agendas, Agenda Item information, all Homeowner's Associations on file with the City, all individuals who have requested AgendasAgenda Item information. Department Directors; and also posted outside City Hall; posted inside City Hall with additional copies available for the general public; and posted at five (5) different locations around the City. RECOMMENDATION: It is recommended that the City Commission receive the informational report. ATTACHNIENTS: 1- Incident Log — cumulative since inception 2- Agenda item establishing Identity Theft Detection and Prevention Program; Regular 4201; April 27, 2009 01101 CONIM_ Infomlational _102_Red_Flagr_Update RED FLAG — IDENTITY THEFT PREVENTION INCIDENT LOG Report Period: 05/01/09 to 12/31/10 Reference Dollar Steps to Control Date Incident /Significant Event Number Amount Loss Management Action 05/20/09 Customer's girlfriend forged signature on Utility Billing 31988 N/A Water Restored Customer's wife put water service in her name as customer was in disconnection form for water service in customer's name jail. Deposit and application fee collected. but at property occupied by customer's wife. 06/02/09 Customer used ex- roommate's credit card to pay utility 35008 $187.49 Notified Police Dept Customer notified of insufficient funds via door hanger; service bill. Victim is non - utility customer. of Official Payment's disconnected. charge back report 06/10/09 Customer used stranger's credit card to pay utility bill. 35008 $187.49 Notified Police Dep't Customer notified of insufficient funds via door hanger; service Victim is non - utility customer. of Official Payment's disconnected. charge back report. 06/11/09 Customer used stranger's credit card to pay utility bill. 34914 $242.00 Notified Police Dept Customer notified of insufficient funds via door hanger; service Victim is non - utility customer. of Official Payment's disconnected. charge back report 06/25/09 Customer used stranger's credit card to pay utility bill. 33131 $192.48 Notified Police Dep't Customer notified of insufficient funds via door hanger; service Victim is non - utility customer. of Official Payment's disconnected. charge back report 02/04/10 Customer used stranger's credit card to pay utility bill. 34916 58.35 Notified Police Dep't Customer notified of insufficient funds via door hanger; service Victim also a utility customer. of Official Payment's disconnected. charge back report 02/08/10 Customer used stranger's credit card to pay utility bill. 34916 $51.41 Notified Police Dep't Customer notified of insufficient funds via door hanger; service Victim also a utility customer. of Official Payment's disconnected. charge back report 02/22/10 Customer used stranger's credit card to pay utility bill. 35500 $85.00 Notified Police Dep't Customer notified of insufficient funds via door hanger; service Victim is non - utility customer. of Official Payment's disconnected. charge back report 03/03/10 Customer used stranger's credit card to pay utility bill. 35500 $90.00 Notified Police Dep't Customer notified of insufficient funds via door hanger; service Victim is non - utility customer. of Official Payment's disconnected. charge back report 05/13/10 Customer used stranger's credit card to pay utility bill. 12994 $183.00 Notified Police Dept Customer notified of insufficient funds via door hanger; service Victim is non - utility customer. of Official Payment's disconnected. charge hack report 06/22/10 Customer used stranger's credit card to pay utility bill. 23099 $130.00 Notified Police Dep't Customer notified of insufficient funds via door hanger; service Victim is non - utility customer. of Official Payment's disconnected. charge back report 11/17/10 Customer used stranger's credit card to pay utility bill. 36288 $55.00 Notified Police Dep't Customer notified of insufficient funds via door hanger; service Victim is non utility customer. of Official Payment's disconnected. charge back report 01101 1 COMM Informational 102 Attachment 1 COMMISSION AGENDA INFORMATIONAL CONSENT X ITEM 201 PUBLIC HEARING REGULAR April 27, 2009 MGR /DEPT Kd Special Meeting Authorization REQUEST: The City Manager and Finance Department Is Requesting That the City Commission Adopt Resolution 2009 -28 Establishing an Identity Theft Detection and Prevention Program. PURPOSE: The purpose of this item is to receive Commission approval for Resolution 2009 -28 to establish an identity theft detection and prevention program. CONSIDERATIONS: A ruling known as the `Identity Theft Red Flags Regulation' was jointly issued by the Federal Trade Commission, Office of Thrift Supervision and several other governing agencies; implementing section 114 of the Fair and Accurate Credit Transactions Act of 2003 (FACT ACT) and is effective on May 1, 2009. The Identity Theft Red Flags Regulation requires financial institutions that extend credit to their customers to develop and implement a written Identity Theft Program to detect, prevent and diminish identity theft in connection with opening of certain accounts or certain existing accounts. The attached policy contains guidance to City employees on how to protect our citizen's private information. The program will be reviewed throughout the year by the Privacy Committee, which is established by this Resolution, all incidents will be reported and reviewed as required by the program. Annually a report will be presented to the Commission on the status of the program including any reported incidences during the year. The attached policy has been reviewed by the City Attorney. RECOMMENDATIONS: The Finance Department recommends approval of Resolution No. 2009 -28. ATTACHMENTS: Resolution No. 2009 -28 COMMISSION ACTION: RESOLUTION NO. 2009 -28 A RESOLUTION OF THE CITY COMMISSION OF THE CITY OF WINTER SPRINGS, SEMINOLE COUNTY, FLORIDA ADOPTING THE CITY'S IDENTITY THEFT DETECTION AND PREVENTION PROGRAM; ADOPTING RELATED FORMS FOR REPORTING AND TRACKING POSSIBLE OCCURRENCES OF IDENTITY THEFT; PROVIDING FOR THE REPEAL OF PRIOR INCONSISTENT RESOLUTIONS, SEVERABILITY AND AN EFFECTIVE DATE. WHEREAS, the City is granted the authority, under § 2(b), Art. VIII of the State Constitution, to exercise any power for municipal purposes, except when expressly prohibited by law; and WHEREAS, the Fair Credit Reporting Act ( "FCRA "), 15 U.S.C. § 1581 et. seq., was amended in 2003 in an attempt to improve the accuracy of consumer reports and to help prevent identity theft; and WHEREAS, the amendments to the FCRA require creditors such as utilities to develop and implement a written Identity Theft Prevention Program to detect "red flags" and to respond appropriately to said red flags in an effort to prevent and mitigate identity theft; and WHEREAS, compliance with the FCRA amendments is required no later than May 1, 2009; and WHEREAS, the City Commission desires to adopt the City's Identity Theft Detection and Prevention Program consistent with the requirements of the FCRA as set forth herein; and WHEREAS, City Commission deems that this Resolution is in the best interests of the public health, safety, and welfare of the citizens of Winter Springs. NOW, THEREFORE, BE IT DULY RESOLVED BY THE CITY COMMISSION OF THE CITY OF WINTER SPRINGS, SEMINOLE COUNTY, FLORIDA, THAT: Section 1. Incorporation of Recitals. The foregoing recitals are deemed true and correct and are hereby fully incorporated herein by reference. Section 2. Adoption of Identity Theft Detection and Prevention Program. The City Commission of the City of Winter Springs hereby adopts the City of Winter Springs Identity Theft Detection and Prevention Program and forms as set forth in Exhibit "A," attached hereto and fully City of Winter Springs Resolution No. 2009 -28 Pagc 1 of 2 incorporated herein by this reference. The City Manager is hereby authorized to approve minor modifications to the Program and forms, as needed. Section 3. Severability. If any section, subsection, sentence, clause, phrase, word, or portion of this Resolution is for any reason held invalid or unconstitutional by a court of competent jurisdiction, whether for substantive or procedural reasons, such portion shall be deemed a separate, distinct, and independent provision, and such holding shall not affect the validity of the remaining portions of this Resolution. Section 4. Repeal of Prior Inconsistent Resolutions. All prior resolutions or parts of resolutions in conflict herewith are hereby repealed to the extent of the conflict. Section 5. Effective Date. This Resolution shall become effective on May 1, 2009. ADOPTED by the City Commission of the City of Winter Springs, Florida, in a regular meeting assembled on this day of , 2009. JOHN F. BUSH, Mayor ATTEST: ANDREA LORENZO - LUACES, City Clerk Approved as to legal form and sufficiency for the City of Winter Springs only: ANTHONY A. GARGANESE, City Attorney City of Winter Springs Resolution No. 2009 -28 Page 2 of 2 4 " I " * City of Winter Springs IDENTITY THEFT DETECTION AND PREVENTION PROGRAM In compliance with the Federal FACTAct (2003) Identity Theft Red Flag Ruling TABLE OF CONTENTS Page I. General Information 3 II. Purpose 3 III. Scope 3 IV. Responsibility 4 V. Definitions 4 VI. Privacy Committee 4 VII. Policy and Procedures 5 A. Red Flags Identification and Mitigation 5 B. Data Security and Storage 7 C. Internal Data Base Security 8 D. Data Storage 8 E. Disclosure of Personal Information 8 F. Data Retention and Disposal 8 G. Training Employees 8 H. Handling Reports of Suspected Identity Theft 9 I. Reports, Reviews and Updates for Policy Enforcement 9 VIII. Identity Theft Prevention Program Incident Report 10 2 IDENTITY THEFT PROGRAM Effective date May 1, 2009 I. General Information A ruling known as the `Identity Theft Red Flags Regulation' was jointly issued by the Federal Trade Commission, Office of Thrift Supervision and several other governing agencies ( "Agencies ") implementing section 114 of the Fair and Accurate Credit Transactions Act of 2003 (FACT ACT) and is effective on May 1, 2009. The Identity Theft Red Flags Regulation requires financial institutions to develop and implement a written Identity Theft Program to detect, prevent and diminish identity theft in connection with opening of certain accounts or certain existing accounts. Under the regulation only those financial institutions that offer or maintain `covered accounts' must develop and implement a written program. A `covered account' is defined as (1) an account primarily used for personal, family, or household purposes, that involves or is designed to permit multiple payments or transactions and (2) any other account for which there is a reasonably foreseeable risk to customers or the safety and soundness of the financial institution or creditor from identity theft. The Agencies believe that accounts such as credit cards, mortgage loans, cell phone, utility, checking, automobile loans, and savings accounts are examples of accounts designed to permit multiple payments or transactions and also contain a reasonably foreseeable risk of identity theft. II. Purpose The goal of this policy is to ensure City of Winter Springs has an established written procedure to detect, prevent and mitigate identity theft and for security and storing of customers' personal information. City of Winter Springs recognizes the responsibility to safeguard customer's personal information during its collection, recording and handling within the work place. III. Scope This policy applies to all city employees and service providers that have access to utility customers' personal information that is submitted in person, by fax, mail, email and over the internet. Any part or whole of policies and procedures written and developed will be incorporated into the program where appropriate. This does not replace, but rather supplements, any of the City of Winter Springs' standing policies. 3 IV. Responsibility The City of Winter Springs must protect its customer data and implement policies and procedures that meet standards established by the Federal Trade Commission by May 1, 2009. Therefore, the City of Winter Springs will continually report and monitor the program's integrity, completeness, and deficiencies. Any oversight or patches to perfect the program will be reviewed and amended annually when necessary. V. Definitions A. Identity Theft: A fraud committed using the identifying information of another person. B. Red Flags: A pattern, practice or specific activity that indicates the possible risk of identity theft. C. Identifying Information: Any name or number that may be used alone or with any other information to identify a specific person; includes name, social security number, date of birth, official state or government issued driver's license or identification number, alien registration number, government passport and employer or tax identification number. VI. Privacy Committee The City of Winter Springs Privacy Committee was established to create, drive and monitor the program. A Privacy Officer functions as the head of the committee and reports to a member of Senior Management regarding the outcomes and needs of the Identity Theft Detection and Prevention Program. Position Role Controller Privacy Officer — Coordinates audit and reviews pattern of incidents. Expert in flow of funds. Finance Director Senior Management — supply recourses to establish proactive Identity Theft Program. Utility Billing Services Provides insight in day -to -day processes in opening new Manager accounts and monitoring activity on existing accounts. Revenue Officer Provides insight in collection policies and procedures. Economic Crimes Investigator Provides insight regarding identity theft. Information Technology Provides insight in data network security. Coordinator /Security Administrator 4 VII. Policy and Procedures A. Red Flag Identification and Mitigation Policies All applications must be submitted by the responsible party; parents, siblings, or any other interested party cannot activate service on behalf of another person. Red Flags Next Step Mitigation Alert Presentation of Suspicious Documents Identification documents Ask customer to visit the Do not open the account. appear altered or forged issuing agency (i.e. DMV) and get an acceptable copy of the suspicious document. Photo /physical description Ask the customer to visit Do not open the account. does not match applicant. the issuing agency (i.e. DMV) and get an updated copy of the identification document. Other information on Ask the customer to If customer is unable to identification is inconsistent verify the inconsistent verify information, do not with information given on the information with open the account. application. supporting documentation such as marriage license or social security card. Information in utility records Inform the customer of It may be appropriate to is inconsistent with the discrepancy and ask notify law enforcement if a information provided. the customer to verify the customer who is able to Example: signature on file inconsistent information verify his identity to you does not match signature on with supporting believes his signature has license. documentation. been previously forged in connection with identity theft. Application looks altered or Ask the customer to fill Do not open the account forged or destroyed and out another application in unless you are able to verify reassembled. the office and verify all the information on the suspicious information. application. Lease submitted for proof of Ask the customer to Do not open the account residency appears to be supply an unaltered lease unless you are able to verify altered or forged. with the Landlord's the residency requirement. signature notarized. 5 Red Flags Next Step Mitigation Alert Suspicious Personal Identing Information Applicant fails to provide Inform the customer of the Do not open the account all personal identification requirements to open an unless you are able to verify requested. account and direction for the identity with other types obtaining this of acceptable documentation. documentation. Payments are made in a Contact the customer. Close inactive accounts manner associated with after a reasonable period of fraud. For example: time. deposit or initial payment is made and no payments are made thereafter. Mail sent to customer is Contact the customer to If you are able to verify the repeatedly returned. verify the correct billing correct address and then address. change the address on file, no further action should be necessary. Notification of a Add all charges back to the Notify law enforcement chargeback received from account. the bank due to fraudulent activity. New account requested Ask customer to provide a Require all new accounts to immediately after government issued photo present a government disconnection for I.D. for identification issued photo I.D. prior to nonpayment. purposes. opening an account. Applications submitted by fax, email or mail need to include a copy of a government issued I.D. and a notarized form affirming the identification. No account will be started prior to this proof of identification. 6 Red Flags Next Step Mitigation Alert Customer notifies utility Verify the identity of the If you are able to verify the that they are not receiving customer and then verify correct address and then their bill. the correct address. change the address on file, no further action should be necessary. Utility is notified of Ask the customer to supply Notify law enforcement unauthorized charges or documentation regarding transactions in connection the possible identity theft with a customer's account. such as an affidavit or police report. Utility is notified by law Follow the instructions of Depending on what law officials or others that they law officials. enforcement asks you to do, have opened a fraudulent you may close or closely account for a person monitor the account. engaged in identity theft. B. Data Security and Storage 1) Various Cisco Devices are deployed and used to protect against intentional or accidental intrusion into the city's data network. The Florida Department of Law Enforcement conducts periodic audits of the city - network design and security practices to ensure they meet the Criminal Justice Information Services (CJIS) policy. The Information Technology Manager coordinates objective, third -party network - intrusion testing for the city network on a periodic basis. 2) All Information Technology employees are subject to a full background check by the city Human Resources Department and the City of Winter Springs Police Department. All employees who function in the Information Technology Department are required to pass a fingerprint -based background check submitted through the City of Winter Springs' Police Department, Seminole County Sheriff's Office (SCSO) and Florida Department of Law Enforcement. 3) The Network Administrator provides the initial password for each employee to access the system. The employee is required to create a unique individual password. In our efforts to provide the City of Winter Springs with a secure network, the Information Technology Department has adopted the use of strong passwords and account lockout. Password and account lockout settings are designed to protect user accounts and data by minimizing the threat of brute force guessing of user account passwords. Employees are required to change their password every ninety (90) days. The system will permit three sign -on attempts, and then will disable the password. Upon termination, employee accounts are immediately disabled. 7 C. Internal Data Base Security System administrator passwords are known only to the Information Technology staff and are not divulged to any person outside the Information Technology Division. D. Data Storage System administrator passwords are known only to the Information Technology staff and are not divulged to any person outside the Information Technology Division. E. Disclosure of Personal Information 1) Information is used as a means of identification, for intemal verification, administrative purposes and for debt collection purposes. 2) The City of Winter Springs falls under the Public Records Law and all records are open to inspection. Chapter 119, Florida Statutes, commonly known as Florida's "Public Records Law," provides information on public records in Florida, including policies, definitions, exemptions, general information on records access, inspection, examination and duplication of records. Florida's public records laws are very broad, and most documents and records are available to the public. However, the laws do provide specified exceptions such as social security numbers. F. Data Retention and Disposal Records are disposed of in accordance with state and federal law, including the local records retention schedule issued by the State of Florida General Records Schedule for State and Local Government Agencies and Public Utilities. Documents with sensitive information are disposed by shredding. G. Training Employees A copy of the Identity Theft Detection and Prevention Program will be given to all utility billing customer service division employees. Initial training sessions will be set up to help the employee identify "red flags" and explain the policies and procedures. The Identity Theft Program will be included in the initial training of all new employees within the City of Winter Springs Utility Billing Customer Service Division. 8 H. Handling Reports of Suspected Identity Theft A zero tolerance policy is in effect for all fraudulent transactions within the City of Winter Springs Utility Billing Customer Service Division. Once written notification and verification is received of fraudulent activity from a customer, banking institution or collection agency, the Utility Billing Division employee will: 1) Proceed with notating and taking corrective actions on the account; and, 2) Gather all pertinent information that is available and immediately contact the appropriate law enforcement agency to initiate a criminal investigation. I. Reports, Reviews and Updates for Policy Enforcement The Controller will conduct annual review of the current policy and report any fraudulent activity to the Finance Director. The City Manager will approve any recommended changes in policy. An annual report reviewing all incidents, program revisions and goals will be submitted to the City Commission. 9 City of Winter Springs Identity Theft Prevention Program Incident Report Date Prepared by It is the policy of the City of Winter Springs to provide an Identity Theft Prevention Program for customers and employees. The purpose of this report is to promote continued evaluation of effectiveness of current policies and procedures in compliance with the FACTAct (2003). This document will be used to drive recommendations for changes to the program due to evolving risk and methods of theft. Committee Members: Controller Finance Director Utility Billing Services Manager Revenue Officer Information Technology Coordinator /Security Administrator Describe strengths of the program: Describe areas of improvement of the program: Committee Signatures: (Name) (Title) (Date) (Name) (Title) (Date) (Name) (Title) (Date) (Name) (Title) (Date) 10 Identity Theft Prevention Program Incident Report Date Incident/"Significant Event" Management Response Mitigation 11 RESOLUTION NO. 2009-28 A RESOLUTION OF THE CITY COMMISSION OF THE CITY OF WINTER SPRINGS, SEMINOLE COUNTY, FLORIDA ADOPTING THE CITY'S IDENTITY THEFT DETECTION AND PREVENTION PROGRAM; ADOPTING RELATED FORMS FOR REPORTING AND TRACKING POSSIBLE OCCURRENCES OF IDENTITY THEFT; PROVIDING FOR THE REPEAL OF PRIOR INCONSISTENT RESOLUTIONS, SEVERABILITY AND AN EFFECTIVE DATE. WHEREAS, the City is granted the authority, under § 2(b), Art. VIII of the State Constitution, to exercise any power for municipal purposes, except when expressly prohibited by law; and WHEREAS, the Fair Credit Reporting Act ( "FCRA "), 15 U.S.C. § 1581 et. seq., was amended in 2003 in an attempt to improve the accuracy of consumer reports and to help prevent identity theft; and WHEREAS, the amendments to the FCRA require creditors such as utilities to develop and implement a written Identity Theft Prevention Program to detect "red flags" and to respond appropriately to said red flags in an effort to prevent and mitigate identity theft; and WHEREAS, compliance with the FCRA amendments is required no later than May 1, 2009; and WHEREAS, the City Commission desires to adopt the City's Identity Theft Detection and Prevention Program consistent with the requirements of the FCRA as set forth herein; and WHEREAS, City Commission deems that this Resolution is in the best interests of the public health, safety, and welfare of the citizens of Winter Springs. NOW, THEREFORE, BE IT DULY RESOLVED BY THE CITY COMMISSION OF THE CITY OF WINTER SPRINGS, SEMINOLE COUNTY, FLORIDA, THAT: Section 1. Incorporation of Recitals. The foregoing recitals are deemed true and correct and are hereby fully incorporated herein by reference. Section 2. Adoption of Identity Theft Detection and Prevention Program. The City Commission of the City of Winter Springs hereby adopts the City of Winter Springs Identity Theft Detection and Prevention Program and forms as set forth in Exhibit "A," attached hereto and fully City of Winter Springs Resolution No. 2009 -28 Page 1 of 2 incorporated herein by this reference. The City Manager is hereby authorized to approve minor modifications to the Program and forms, as needed. Section 3. Severability. If any section, subsection, sentence, clause, phrase, word, or portion of this Resolution is for any reason held invalid or unconstitutional by a court of competent jurisdiction, whether for substantive or procedural reasons, such portion shall be deemed a separate, distinct, and independent provision, and such holding shall not affect the validity of the remaining portions of this Resolution. Section 4. Repeal of Prior Inconsistent Resolutions. All prior resolutions or parts of resolutions in conflict herewith are hereby repealed to the extent of the conflict. Section 5. Effective Date. This Resolution shall become effective on May 1, 2009. ADOPTED by the City Commission of the City of Winter Springs, Florida, in a regular meeting assembled on this 27th of April , 2009. c JOHN F: BUSH, Mayor - A'1"11� : T: ■ • • i A LORENZO - LUACES, City Clerk Approved as to legal form and sufficiency for the City of Winter Springs only: ANTHONY A. GARGANESE, City Attorney City of Winter Springs Resolution No. 2009 -28 Page 2 of 2