Is Firebase HIPAA Compliant?

Firebase is Google’s platform-as-a-service (PaaS) offering. The service is advertised as a developer platform that allows developers to build applications quickly by eliminating the need for backend development and database management.

Read Our Latest Whitepaper – Managing HIPAA in AWS   Download Whitepaper

Many services in the Google ecosystem can be used in a HIPAA compliant manner. Unfortunately, Firebase is not HIPAA compliant. Firebase has not implemented all of the physical, technical, and administrative safeguards required under HIPAA. In recent Google Group conversations and questions with the founders, the team has shared that the service is not HIPAA compliant. 

Most cloud services provide HIPAA compliant services on a “Shared Responsibility” model. Learn more about the compliance requirements shared between your organization and your cloud provider.

HIPAA Compliance with Amazon Web Services


As an alternative, Amazon Web Services (AWS) provides a wide array of offerings for creating backend services and deploying applications. These core services can be configured to be HIPAA compliant. AWS offers the flexibility to launch, manage, and scale virtual machines (VMs), cloud storage, managed databases and other services.

Dash allows your organization to create and maintain a HIPAA compliant environment through the Amazon Web Services Platform, with one simple process:

  • Deploy Dash to your AWS Cloud environment
  • Dash’s automated service sets up and optimizes your services
  • Monitor and manage the compliance process through our dashboard

  • Tour Dash Compliance Automation
    HIPAA Compliance with Amazon Web Services