Firebase is Google’s platform-as-a-service (PaaS) offering. The service is advertised as a developer platform that allows developers to build applications quickly by eliminating the need for backend development and database management.
Many services in the Google ecosystem can be used in a HIPAA compliant manner. Unfortunately, Firebase is not HIPAA compliant. Firebase has not implemented all of the physical, technical, and administrative safeguards required under HIPAA. In recent Google Group conversations and questions with the founders, the team has shared that the service is not HIPAA compliant.
Most cloud services provide HIPAA compliant services on a “Shared Responsibility” model. Learn more about the compliance requirements shared between your organization and your cloud provider.
Organizations have several options for building HIPAA compliant services. Teams may turn to Amazon Web Services (AWS) for solutions to rapidly build compliant applications.
These services are a good alternatives to Firebase, and allow teams to quickly build applications without worrying about much cloud configuration and DevOps administration.
As an alternative to traditional cloud security and compliance management, Dash provides a HIPAA Managed Cloud, in coordination with managed service provider (MSP) partners.
With the Organizations can take advantage of all of the services Amazon Web Services offers while a managed service provider, handles all technical infrastructure such as servers, networking, and access control.
Automate Your Organziation’s HIPAA Security Program