I'm designing a mobile application that uses Identity Platform and Firestore to store customer's PHI records. Both Identity Platform and Firestore are mentioned as products covered by Google Cloud BAA. Will that architecture solution also fit HIPAA? I have found a tutorial at Cloud Architecture Center https://cloud.google.com/architecture/authenticating-users-to-firestore-with-identity-platform-and-google-identities and want to be sure that example fits HIPAA requirements.
Identify Platform + Firestore REST client is that fits HIPAA requirements?
106 Views Asked by user1827334 At
1
There are 1 best solutions below
Related Questions in GOOGLE-CLOUD-FIRESTORE
- How to Querying Nested Arrays in Firestore with Firebase Admin Python
- Why do I need to wait to reaccess to Firestore database even though it has already done before?
- Kotlin Version Error in Integration of Firebase
- Can Anyone help me to load pdf file from firebase to user app by URL in jetpack compose?
- Setting document field value using Firestore Functions
- Exists not working in Firebase Security Rules
- Stripe subscriptions - When testing clocks, an automatic invoice with status paid is getting created on advancing time
- Nonsense error using a Python Google Cloud Function
- Updating existing document in Firebase using Flutter causes Lost Of Connection to the Simulator
- run dart script from firestore cloud functions
- Saving Dates Into Array for Uploading to a Firestore Document
- Firebase read from the database resulting in repeating the contents of last uploaded document instead of all documents
- How to get data as different subcollections and documents from firebase?
- How to Automatically Generate IDs in Kotlin with Firebase?
- Is it possible to combine Firestore streams in Flutter?
Related Questions in HIPAA
- Is an iframe for a HIPAA-compliant form still HIPAA-compliant if the iframe is used on a non-HIPAA-compliant website?
- Is Microsoft creating a security risk with clickonce deployment?
- Is PyPDF HIPAA-Compliant? I would love to use this library at my healthcare organization
- Calendar for React JS
- How to set protocol and cipher to be hipaa compliant using python ssl
- Google Cloud SQL Postgres Vs Self Hosted Postgres using GCP Compute instances: HIPAA Compliance
- How can we implement search functionality on the encrypted data in mongoDB database?
- Google Cloud - Hippa Compliance - PgAudit vs IAM Audit Logs
- Does Autonomous Database meet HIPAA requirements?
- use GCP database or Firestore with HIPAA compliance
- Identify Platform + Firestore REST client is that fits HIPAA requirements?
- Is Google ReCaptcha v2 HIPAA compliant?
- Are AWS SSH keys HIPAA or Sox compliant?
- Is it okay to use Flutter for Hipaa compliant app?
- De-Identifying PHI For HIPAA
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Natively, the user is able to read and access that information associated with the identity platform once logged in, this also includes any custom claims that would be associated with the user. Beyond that, the user is normally identified by their UID and only has basic information stored on their auth object (email, phone number), none of this pertains to HIPAA requirements.
HIPAA mostly associates with medical records themselves which is where personal information, documents, and other records are stored within your database's (Realtime db, Firestore, Storage)
Allowing access to these documents is what would make your architecture HIPAA compliant and can be done through several means, cloud functions, direct access from within the project app, or encrypted email.
The structure to build a HIPAA compliant database would be to add all the record data as a child node to the users UID: such as
users/user_id/records.jsonSecurity Rules