Time
9 hours 48 minutes
Difficulty
Intermediate
CEU/CPE
10

Video Transcription

00:00
let's talk about these legal concepts. So when we start talking about legal considerations, we have to discuss liability. We want to ensure that the information our customers or employees or patients have entrusted us with that we protect. We also want to make sure that we protect the assets
00:19
that are bored or stakeholders shareholders
00:23
I have entrusted to us. So ultimately, what we want to do, we want to do the right thing,
00:28
right? So we want to demonstrate, do care and due diligence. Now, don't take these definitions back to law school. But just to remember, due diligence is the research do care
00:42
is the action.
00:44
So if I'm gonna go out and determine what industry standards are for my business, I'm gonna look at all the laws. I'm gonna make sure that I understand them well educated, due diligence. But if that's all I do, if I stop there, it doesn't really make any difference, right? It's really more important that I act
01:03
rather than I know,
01:04
right. So do care is the action. The two should go hand in hand. But if you were to see some sort of question like in relation to
01:15
culpable negligence, which is more important. Do you care? Due diligence whilst you care. If you care, you will act.
01:23
All right then There's also a prudent person rule
01:27
and used to be called the Prudent Man Rule. But we are a politically correct, gender neutral society. So it is the prudent person rule now, even though it's his prudent man on the screen and essentially based on a judge's discretion, can we demonstrate
01:47
we've acted responsibly in cautiously as a prudent person would do
01:52
so These air just elements that will help us avoid liability. You care Due diligence Acting is a prudent person. Three idea with downstream liabilities. And this is something I've said throughout the course is, Even though I can share risk, I cannot share liability or I cannot trends for liability.
02:12
So if I, as a health care provider, choose to store my information in the Cloud Cloud Service provider,
02:19
I
02:21
I'm still legally responsible for the protection of that data. And even though there's a failure, the Cloud service provider you know I'll get financial compensation based on the service level agreement, most likely, but I'm still liable for the protection of that data so
02:38
talk about downstream liabilities. We all know outsourcing doesn't eliminate our liabilities.
02:45
Hey, um
02:47
and you know, this last bullet point integrated technology with other comes cos you know again is we're outsourcing. Or as my technology is dependent on your organization's technology, this becomes a little bit less clear cut than it's been Traditionally, right?
03:07
Liabilities, we wantto avoid them.

Up Next

Certified Cloud Security Professional (CCSP)

This Certified Cloud Security Professional (CCSP) certification course covers topics across six domains, to ensure the candidate has a wide range of competencies and is capable in the assessment and implementation of cloud service solutions.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor