HIPAA compliance for Firebase.

388 views

Skip to first unread message

vatsal patel

unread,

Jan 8, 2023, 10:46:43 AM1/8/23

to Firebase Google Group

Hi everyone,

I am building a healthcare app with Flutter, and I need a database to store user health data. I came across something known as HIPAA compliance for storing data. I wanted to know if Firebase is the right choice considering HIPAA compliance is to be followed.

Kato Richardson

unread,

Jan 9, 2023, 1:00:22 PM1/9/23

to fireba...@googlegroups.com

Hello Vatsal,

Compliance is specific to each product you use and not Firebase as a platform. You can read about best practices for achieving compliance in this Cloud guide: https://cloud.google.com/security/compliance/hipaa

One note from that document to consider: "One of the key responsibilities for a customer is to determine whether or not they are a Covered Entity (or a Business Associate of a Covered Entity) and, if so, whether they require a Business Associate Agreement with Google for the purposes of their interactions. While Google provides a secure and compliant infrastructure (as described above) for the storage and processing of PHI, the customer is responsible for ensuring that the environment and applications that they build on top of Google Cloud are properly configured and secured according to HIPAA requirements. This is often referred to as the shared security model in the cloud."

If you do need a BAA in order to achieve compliance, you'll want to look at the list of covered products later in that document.

☼, Kato

On Sun, Jan 8, 2023 at 8:46 AM vatsal patel <vatsalcha...@gmail.com> wrote:

Hi everyone,
I am building a healthcare app with Flutter, and I need a database to store user health data. I came across something known as HIPAA compliance for storing data. I wanted to know if Firebase is the right choice considering HIPAA compliance is to be followed.

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/f6b24418-3d6f-43c9-ad7d-47d5f61d41f1n%40googlegroups.com.

Kato Richardson |

Developer Programs Eng |

kato...@google.com |

775-235-8398

Reply all

Reply to author

Forward

0 new messages