Hello folks!
HIPAA dictates that all components of a service must be compliant in order for the product as a whole to meet requirements. Though certain sub-processors may be HIPAA compliant, the Bubble platform and internal company processes as a whole are not, so any applications built on Bubble will not meet compliance requirements. Therefore, we cannot recommend building applications that require HIPAA compliance on Bubble at this time.