Operating under the Google Cloud Platform Business Associate Agreement (BAA), rapidcarecourier maintains a zero-trust model for Protected Health Information (PHI).
Database requests are structurally restricted via Firestore Security Rules. A courier driver’s application can only query documents assigned directly to their Identity UID. Similarly, clinical facilities are strictly isolated to their own bookings via multi-tenant isolation. Direct database reads of unassigned PHI are blocked at the Google Cloud IAM layer.
Push notifications, SMS, and email alerts inherently traverse unencrypted public networks. To prevent accidental PHI exposure, all outbound notifications are scrubbed of patient identifiers. Alerts only contain opaque identifiers (e.g., “Specimen #RC-8942 is in transit”), requiring the user to log into the secure portal to view associated clinical details.
In accordance with HIPAA’s audit requirements, Google Cloud Data Access Logging tracks all administrative and API-driven read/writes. Every time a specimen record is accessed, the system records the timestamp, the document path, and the authenticated caller UID into an immutable, append-only log sink that cannot be tampered with by developers.