At the risk of re-melting your dream, I would advise – once again – that you not attempt an app that deals with PHI or PFI (directly) in Bubble.
If you do so, you lose ALL the benefits of Bubble. You need HIPAA-compliant storage, for example. So then, what is the effing benefit of Bubble? The benefit of Bubble is that you can stand up a web and web app stack – with database and all – in seconds.
If you have to use an external db, you lose one of the major benefits of Bubble. So just forget about that.
Regulatory compliance is no joke. (It’s stupid, but not a joke, see?) That is, Bubble’s database may actually meet or exceed HIPAA requirements, but without certification (which is costly – in time and dollars) THAT DOESN’T MATTER. And – let me reiterate – Bubble is unlikely to proceed with any such certification in the near, mid- or long-term future.
They will tell you as much if you ask. It’s just “not a thing”.
Hell, Bubble won’t even fix bugs like this one, because it only affects the most advanced of users (currently, an army of one… namely ME). So why would they pursue the requisite HIPAA certifications, etc.
If you choose to go that route, you’re simply doomed to failure. Build your HIPAA-compliant app on a HIPAA-compliant stack. There is no come to bet on here.
In the meantime: Build something without weird regulatory compliance requirements on Bubble. The possibilities are endless, as long as they don’t involve stuff like this. (And there are, in fact, an infinite number of things that don’t require HIPAA compliance. That’s the nature of infinity. It’s big. Like, mind-boggling big as Douglas Adams would have it.)