EPISODE · May 8, 2026 · 39 MIN
#132 - Offshoring Healthcare Data: HIPAA Risks, Vendor Liability, and the Mirra Health Case
from The Healthcare Compliance Step-By-Step Podcast · host EPICompliance
Offshoring Healthcare Data: HIPAA Risks, Vendor Liability, and the Mirra Health Case highlights the growing compliance risks healthcare organizations face when protected health information, claims data, or regulated functions are handled by oversea vendors.In this session, Ray Walters (EPICompliance) and Mr. Jose Delgado (Taino Consultants) discuss the difference between using domestic resources, such as Puerto Rico-based support, and overseas resources where U.S. regulators may have limited enforcement reach. Using the recent Mirra Health case as a real-world example, the discussion explains how unclear data flows, weak vendor oversight, Business Associate Agreement concerns, and "No Offshoring" contract clauses can create serious liability for healthcare organizations.Key Topics:How offshoring healthcare data can create HIPAA and vendor liability risks.Why covered entities may still be responsible when vendors mishandle patient data.How organizations can strengthen vendor review, data-flow documentation, and contract protections.Resources:Learn more about healthcare compliance systems: epicompliance.comExplore healthcare compliance training and weekly webinars: epicompliance.com/training-in...Originally Recorded: May 5, 2026.
What this episode covers
Offshoring Healthcare Data: HIPAA Risks, Vendor Liability, and the Mirra Health Case highlights the growing compliance risks healthcare organizations face when protected health information, claims data, or regulated functions are handled by oversea vendors.In this session, Ray Walters (EPICompliance) and Mr. Jose Delgado (Taino Consultants) discuss the difference between using domestic resources, such as Puerto Rico-based support, and overseas resources where U.S. regulators may have limited enforcement reach. Using the recent Mirra Health case as a real-world example, the discussion explains how unclear data flows, weak vendor oversight, Business Associate Agreement concerns, and "No Offshoring" contract clauses can create serious liability for healthcare organizations.Key Topics:How offshoring healthcare data can create HIPAA and vendor liability risks.Why covered entities may still be responsible when vendors mishandle patient data.How organizations can strengthen vendor review, data-flow documentation, and contract protections.Resources:Learn more about healthcare compliance systems: epicompliance.comExplore healthcare compliance training and weekly webinars: epicompliance.com/training-in...Originally Recorded: May 5, 2026.
NOW PLAYING
#132 - Offshoring Healthcare Data: HIPAA Risks, Vendor Liability, and the Mirra Health Case
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m