HIPPA Compliancy

We are also in the process of building HIPPA compliant solution using bubble. We decided to build our complete rest webservice based back end and nothing to be stored on bubble database and only use bubble as a front end. Being able to use bubble as a front end is more than enough as building good UI is a big challenge and bubble solved it.

Emmanuel, for HIPPA compliance, if once could develop their own HIPPA compliant back end and only use bubble as front end and donā€™t store any information on bubble database. What do you think about this?

Are you building your own backend or are you connecting to a HIPPA complaint web service. I will need a HIPPA complaint solution soon and I just need stuff to be stored on it. And if someone has it figured out I would be willing to pay someone to help me set something up.

We are building our own backend on AWS Elastic Beanstalk. Will be using oauth for authentication. posting some question on this forum to get some advice, we are in the very early stage.

I was doing some more research on HIPAA and I came across Caspio and they are are HIPAA complaint site where you build your database with form and view pages that are built with no code and can be easily deploy on any website with a url, embed, iframe, and wordpress.

Looks interesting. I just asked about pricing: ā€œOur HIPAA plans start out at $1000 per month and up.ā€ Too expensive for my situation, but seems in line with the features.

What options are you looking at?

I just asked what it would cost to get on a hipaa-compliant plan and thatā€™s what he said. Iā€™ve come across a number of services like that which are well-priced for regular users, but then you need to get on an Enterprise plan for hipaa.

According to this Caspio pricing page, HIPPA compliance starts at the $249/month plan.

I also talked with them and they told the HIPPA compliant plan is $1000

Interesting. Hereā€™s my chat transcript:

11:44:52 AM [Phil] How much will I have to pay to get on a hipaa-compliant plan?
11:46:07 AM [Kevin] Our HIPAA plans start out at $1,000 per month and up depending on the features and requirements.

1 Like

Care to join this chat about HIPAA? Challange for amazeball developers (Virgil Security, HIPAA)

Care to join us? Challange for amazeball developers (Virgil Security, HIPAA)

@anon29779373 I though you might have something helpful to add. Challange for amazeball developers (Virgil Security, HIPAA)

Would this make bubble hippa compliant?

I know Iā€™m necroing an old thread, but I did have a question/insight for those who may be doing research on this. In a response to a privacy/security Q&A thread a couple years back, @josh mentioned that the bubble team all have access to any data stored on bubble. Iā€™m not sure if this is the case anymore, but if it is, could it affect bubbleā€™s HIPAA compliance, even if AWS itself is compliant?

1 Like

Dear Bubblers
Covered health care providers that seek additional privacy protections for telehealth while using video communication products should provide such services through technology vendors that are HIPAA compliant and will enter into HIPAA business associate agreements (BAAs) in connection with the provision of their video communication products. The list below includes some vendors that represent that they provide HIPAA-compliant video communication products and that they will enter into a HIPAA BAA.

  • Skype for Business / Microsoft Teams
  • Updox
  • VSee
  • MirrorFly for Healthcare
  • Zoom for Healthcare
  • Doxy Me
  • Google G Suite Hangouts Meet
  • Cisco Webex Meetings / Webex Teams
  • Amazon Chime
  • GoToMeeting
  • Spruce Health Care Messenger
3 Likes

I realize it goes against the main use case & benefits of Bubble, but Is there any way to export your application as code and then self-host? With ever increasing compliance standards, especially with medical patient data ā€“ even if not storing the data & just making the DB calls ā€“ I donā€™t want to get into compliance issues for my client. I was looking at one of these providers as a HIPAA compliant hosting optionā€¦ but just not sure if a Bubble app is the right platform. Thoughts/tips? Thanks, guys!

Unfortunately, you cannot export your Bubble code and run it yourself.

Hi
did you try to do this ?
is it difficult ?
i think itā€™s the best way to have hipaa