The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Interview: Nathanael Ayala, Compliance Officer, Hospital San Carlos Borromeo, Puerto Rico

HIPAA Journal is conducting interviews with healthcare professionals to find out more about their compliance journeys, how the HIPAA Rules have affected their working lives, and the successes of HIPAA compliance and the challenges they have faced.

The first HIPAA Journal reader to share his views on HIPAA is Nathanael Ayala, Compliance Officer at Hospital San Carlos Borromeo in Puerto Rico.


Tell HIPAA Journal readers about your career in the healthcare industry

My healthcare career has been an adventure since the beginning. I started by graduating as a graduated nurse from El Colegio (University of Puerto Rico, Mayaguez Campus).

Get the FREE
HIPAA Compliance Checklist

Delivered via email so please ensure you enter your email address correctly.

Your Privacy Respected

HIPAA Journal Privacy Policy

What was your first position?

My first position was as an Emergency Room per diem nurse. 3 months after my first position, I started working full-time as a telephone triage nurse with a health plan health advice service line. I kept the per diem job and I spent 1 year and a few months working both jobs.

What is your current position?

I’m now a full-time Compliance Officer with Hospital San Carlos Borromeo in Moca, Puerto Rico.

What are the main challenges in your position?

My position was not in full effect previous to my arrival in the Hospital because Compliance was handled by another department. So, one of the main challenges has been appropriately developing all seven elements of a compliance program within the fabric of the organization, though I have full support from BOD and the Executive Director.

Tell HIPAA Journal readers about any significant event in your career.

There have been many significant events in my career. 7 months into my full time as a telephone advice nurse I filled in a vacant position as supervisor of a post-discharge monitoring program which I did for almost 2 years when I got promoted to call center Service Manager. One year later, I finished my Master’s Degree in Health Services Administration and got promoted to Service Director.

When did you first get involved with HIPAA compliance?

As a Service Manager/Director, I got passionate about the Health Care Compliance field and started researching and studying about it. A few months into being a Director I got certified with the HCCA CCB as Certified in Healthcare Compliance (CHC).

What are your main challenges regarding HIPAA?

I think the main challenge I often see is that people, even professionals and providers in the healthcare field, do not really comprehend what HIPAA means and stands for.

Do you have any predictions for the future of healthcare regulation?

The healthcare regulatory landscape is very deep and difficult with new rules and regulations each year. Some are vague and need clarification. That’s something regulators should improve.

Do you have any predictions for the future of healthcare technology?

With ever-changing technology, it is very difficult to keep up to date. The HIPAA Security Rule should include its own frameworks, and implementation guidance for administrative, technical and physical safeguards, and not solely refer providers or professionals to NIST or other frameworks.

Do you have anything else interesting to share with readers?

Thank you HIPAA Journal for this space to share my story and my thoughts with your readers. I’m looking forward to reading those fantastic stories that other healthcare professionals are sharing with this community.

If you would like to feature in HIPAA Journal and share your experiences with others, please visit this page.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.


Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist