Data Security & Monitoring
Securing our clients’ proprietary and extremely sensitive trading data is of the utmost importance at Battea. Only essential Battea personnel have access to client data. The Company has stringent client data handling policies and employs strict user authentication for access, employing multi-level system and user database auditing processes. Additionally, active alert and security monitoring and notification capabilities are enabled at all times. Battea monitors configuration and file integrity throughout the physical and virtual infrastructure in addition to extensive media handling procedures.
All of Battea’s customer data handling processes and systems are subject to both internal and external audit reviews. Battea adheres to the industry-accepted auditing standard for service companies, SSAE 18 (Short for Statement on Standards for Attestation Engagements No. 18, Reporting on Controls at a Service Organization). Sarbanes-Oxley legislation placed an increased focus on the internal controls of valued business partners.
At Battea, we know that proper controls and processes are absolutely critical in safeguarding our clients’ information. We utilize advanced technology combined with effective procedures to ensure the integrity and security of our clients’ proprietary information.
Battea successfully completes an American Institute of Certified Public Accountants (AICPA) SSAE 18 examination and conduct such an audit on an annual basis. The official audit, conducted by an independent auditing firm, provides a thorough review of the implemented internal controls, policies, and processes used to administer Battea – Class Action Services’ securities class action recovery services. The audit report details Battea’s entire IT infrastructure, including information security, data communications, normalization and verification, and filing and tracking of claims, specific to its securities class action claims recovery service. Battea's core securities class action settlement recovery services AND its data center providers adhere to the strictest standards and have completed SSAE 18 Type II audits. This is an important distinction because we have seen many examples of firms claiming SSAE 18 compliance, when in fact, only their external providers have successfully completed such audits. SSAE 18 audits not specifically performed on claims filing businesses can be misleading and provide very little transparency with respect to underlying security architecture, procedures and monitoring of the class action claims service provider’s employees’ access to and handling of data.