Parse Hipaa

HIPAA & GDPR compliant ready parse-server with postgres/mongo, parse-hipaa-dashboard. Compatible with ParseCareKit
Alternatives To Parse Hipaa
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Immudb8,208152 days ago130August 25, 2022104apache-2.0Go
immudb - immutable database based on zero trust, SQL and Key-Value, tamperproof, data change history
10 months ago80November 05, 202122apache-2.0Go
Compliance automation framework, focused on SOC2
Open Pryv.io109
6 months agootherJavaScript
Open-source version of
Parse Hipaa75
3 days agomitJavaScript
HIPAA & GDPR compliant ready parse-server with postgres/mongo, parse-hipaa-dashboard. Compatible with ParseCareKit
2 years ago1September 10, 20191apache-2.0JavaScript
☁️Haven GRC - easier governance, risk, and compliance 👨‍⚕️👮‍♀️🦸‍♀️🕵️‍♀️👩‍🔬
Openvas Docker57
2 years ago4TeX
A docker container for openvas
Database Anonymizer27
7 months ago4mitPHP
CLI tool an PHP library to anonymize data in various databases
10 days ago67agpl-3.0Python
Data Information System (DAISY) is a data bookkeeping application designed to help Biomedical Research institutions with their GDPR compliance.
Nginx Waf Docker9
5 years agoShell
docker modsecurity reverse proxy WAF based on nginx
Kafka Gdpr Event Sourcing8
5 years agoClojure
Alternatives To Parse Hipaa
Select To Compare

Alternative Project Comparisons


Example of how to setup and run your own HIPAA compliant parse-server with postgres or mongo. parse-hipaa also includes parse-dashboard for viewing/modifying your data in the Cloud. Since parse-hipaa is a pare-server, it can be used for iOS, Android, and web based apps. API's such as GraphQL, REST, and JS are also enabled in parse-hipaa and can be tested directly or via the "API Console" in parse-dashboard. See the Parse SDK documentation for details and examples of how to leverage parse-hipaa for your language(s) of interest. These docker images include the necessary database auditing and logging for HIPAA compliance.

The parse-hipaa repo provides the following:

  • [x] Auditing & logging on postgres or mongo
  • [x] Encryption in transit - setup to run behind a proxy with files & directions on how to complete the process with Nginx and LetsEncrypt

You will still need to setup the following on your own to be fully HIPAA compliant:

  • [ ] Encryption in transit - you will need to complete the process
  • [ ] Encryption at rest - Mount to your own encrypted storage drive (Linux and macOS have API's for this) and store the drive in a "safe" location
  • [ ] Be sure to do anything else HIPAA requires

A modified example of Apple's CareKit sample app, CareKitSample-ParseCareKit, uses parse-hipaa along with ParseCareKit.

To get started with parse-hipaa simply type:

docker-compose up

Use at your own risk. There is not promise that this is HIPAA compliant and we are not responsible for any mishandling of your data

HIPAA compliant parse-server with postgres or mongo

By default, the docker-compose.yml uses postgres 12 with postgis 3. A mongo variant (uses percona-server-mongodb 4 is included in this repo. To use the mongo HIPAA compliant variant of parse-hipaa, simply type:

docker-compose -f docker-compose.mongo.yml up

If you would like to use a non-HIPAA compliant postgres version:

docker-compose -f up

A non-HIPAA compliant mongo version isn't provided as this is the default parse-server deployment and many examples of how to set this up are online already exist.

Getting started

parse-hipaa is made up of four (4) seperate docker images (you use 3 of them at a time) that work together as one system. It's important to set the environment variables for your parse-hipaa server.

Environment Variables


PARSE_SERVER_MASTER_KEY #Unique string value
PARSE_SERVER_OBJECT_ID_SIZE #Integer value, parse defaults to 10, 32 is probably better for medical apps and large tables
PARSE_SERVER_DATABASE_URI #URI to connect to parse-hipaa. postgres://${PG_PARSE_USER}:${PG_PARSE_PASSWORD}@db:5432/${PG_PARSE_DB} or mongodb://${MONGO_PARSE_USER}:${MONGO_PARSE_PASSWORD}@db:27017/${MONGO_PARSE_DB}
PORT #Port for parse-hipaa, default is 1337
PARSE_SERVER_MOUNT_PATH: #Mounting path for parse-hipaa, default is /parse
PARSE_SERVER_URL #Server URL, default is http://parse:${PORT}/parse
PARSE_PUBLIC_SERVER_URL #Public Server URL, default is http://localhost:${PORT}/parse
PARSE_SERVER_CLOUD #Path to cloud code, default is /parse/cloud/main.js
PARSE_SERVER_MOUNT_GRAPHQL #Enable graphql, default is 1
PARSE_USING_PARSECAREKIT #If you are not using ParseCareKit, set this to 0, or else enable with 1. The default value is 0
POSTGRES_PASSWORD: #Needed for Should be the same as POSTGRES_PASSWORD in netreconlab/hipaa-postgres


PARSE_DASHBOARD_TRUST_PROXY: #Default is 1, this should always be left as 1 when using docker
PARSE_DASHBOARD_COOKIE_SESSION_SECRET: #Unique string. This should be constant across all deployments on your system
MOUNT_PATH: #The default is "/dashboard". This needs to be exactly what you plan it to be behind the proxy, i.e. If you want to access it should be "/dashboard"


POSTGRES_PASSWORD #Password for postgress db cluster
PG_PARSE_USER #Username for logging into PG_PARSE_DB
PG_PARSE_PASSWORD #Password for logging into PG_PARSE_DB
PG_PARSE_DB #Name of parse-hipaa database


//Warning, if you want to make changes to the vars below they need to be changed manually in /scripts/mongo-init.js as the env vars are not passed to the script
MONGO_PARSE_USER #Username for logging into mongo db for parse-hipaa.
MONGO_PARSE_PASSWORD #Password for logging into mongo db for parse-hipaa
MONGO_PARSE_DB #Name of mongo db for parse-hipaa

Starting up parse-hipaa

  • For the default HIPAA compliant postgres version: docker-compose up
  • or for the HIPAA compliant mongo version: docker-compose -f docker-compose.mongo.yml up
  • or for the non-HIPAA compliant postgres version: docker-compose -f up
  • A non-HIPAA compliant mongo version isn't provided in this repo as that's just a standard parse-server

Imporant Note: On the very first run, the "parse-server"(which will show up as "parse_1" in the console) will sleep and error a few times because it can't connect to postgres (the "db") container. This is suppose to happen and is due to postgres needing to configure and initialize, install the necessary extensions, and setup it's databases. Let it keep running and eventually you will see something like:

db_1 | PostgreSQL init process complete; ready for start up.

The parse-server container will automatically keep attempting to connect to the postgres container and when it's connected you will see:

parse_1      | parse-server running on port 1337.
parse_1      | publicServerURL: http://localhost:1337/parse, serverURL: http://parse:1337/parse
parse_1      | GraphQL API running on http://localhost:1337/parsegraphql
parse_1      | info: Parse LiveQuery Server starts running

You may also see output such as the following in the console or log files:

db_1         | 2020-03-18 21:59:21.550 UTC [105] ERROR:  duplicate key value violates unique constraint "pg_type_typname_nsp_index"
db_1         | 2020-03-18 21:59:21.550 UTC [105] DETAIL:  Key (typname, typnamespace)=(_SCHEMA, 2200) already exists.
db_1         | 2020-03-18 21:59:21.550 UTC [105] STATEMENT:  CREATE TABLE IF NOT EXISTS "_SCHEMA" ( "className" varChar(120), "schema" jsonb, "isParseClass" bool, PRIMARY KEY ("className") )
db_1         | 2020-03-18 21:59:21.550 UTC [106] ERROR:  duplicate key value violates unique constraint "pg_type_typname_nsp_index"

The lines above are console output from parse because they attempt to check and configure the postgres database if necessary. They doesn't hurt or slow down your parse-hipaa server.

Parse Server

Your parse-server is binded to all of your interfaces on port 1337/parse and be can be accessed as such, e.g. http://localhost:1337/parse.

The standard configuration can be modified to your liking by editing index.js. Here you can add/modify things like push notifications, password resets, adapters, etc. This file as an express app and some examples provided from parse can be found here. Note that there is no need to rebuild your image when modifying files in the "index.js" file since it is volume mounted, but you will need to restart the parse container for your changes to take effect.


Default values for environment variables: PARSE_SERVER_APPLICATION_ID and PARSE_SERVER_MASTER_KEY are provided in docker-compose.yml for quick local deployment. If you plan on using this image to deploy in production, you should definitely change both values. Environment variables, PARSE_SERVER_DATABASE_URI, PARSE_SERVER_URL, PORT, PARSE_PUBLIC_SERVER_URL, PARSE_SERVER_CLOUD, and PARSE_SERVER_MOUNT_GRAPHQL should not be changed unles you are confident with configuring parse-server or else you image may not work properly. In particular, changing PORT should only be done in .env and will also require you to change the port manually in the parse-dashboard-config.json for both "serverURL" and "graphQLServerURL" to have the Parse Dashboard work correctly.

Running in production for ParseCareKit

If you are plan on using parse-hipaa in production. You should run the additional scripts to create the rest of the indexes for optimized queries.


If you are using hipaa_postgres or parse-postgres (the two images included in this repo). The is already in the container. You just have to run it.

  1. Log into your docker container, type: docker exec -u postgres -ti parse-hipaa_db_1 bash
  2. Run the script, type: ./parseScripts/setup-parse-index.h

If you are using your own postgres image, you should copy to your container and complete the login and run steps above (be sure to switch parse-hipaa_db_1 to your actual running container name).


Will be created in the future...

Other parse-server environment variables can be set, but they require you to make additions/modifications to the index.js.

Cloud Code

For verfying and cleaning your data along with other added functionality, you can add Cloud Code to the cloud folder. Note that there is no need to rebuild your image when modifying files in the "cloud" folder since this is volume mounted, but you may need to restart the parse container for your changes to take effect.

Viewing Your Data via Parse Dashboard

Parse-dashboard is binded to your localhost on port 4040 and can be accessed as such, e.g. http://localhost:4040/dashboard. The default login for the parse dashboard is username: "parse", password: "1234". For production you should change the password in the postgres-dashboard-config.json. Note that ideally the password should be hashed by using something like bcrypt-generator and setting "useEncryptedPasswords": false". You can also add more users through this method.

  1. Open your browser and go to http://localhost:4040/dashboard
  2. Username: parse
  3. Password: 1234
  4. Be sure to refresh your browser to see new changes synched from your CareKitSample app


As mentioned, the default address and port the parse-server dashboard is binded to is which means it can only be accessed by your local machine. If you want to change this, you should do it here. If you plan on using this image to deploy in production, it is recommended to run this behind a proxy and add the environment variable PARSE_DASHBOARD_TRUST_PROXY=1 to the dashboard container. Note that since the parse dashboard is running in docker, the following should remain in the yml, command: parse-dashboard --dev.


The image used is postgis which is an extention built on top of the official postgres image. Note that postgres is not binded to your interfaces and is only local to the docker virtual network. This was done on purpose as the parse and parse-desktop is already exposed.

If you want to persist the data in the database, you can uncomment the volume lines in docker-compose


Default values for environment variables: POSTGRES_PASSWORD, PG_PARSE_USER, PG_PARSE_PASSWORD, PG_PARSE_DB are provided in docker-compose.yml for quick local deployment. If you plan on using this image to deploy in production, you should definitely change POSTGRES_PASSWORD, PG_PARSE_USER, PG_PARSE_PASSWORD. Note that the postgres image provides a default user of "postgres" to configure the database cluster, you can change the password for the "postgres" user by changing POSTGRES_PASSWORD. There are plenty of postgres environment variables that can be modified. Environment variables should not be changed unles you are confident with configuring postgres or else you image may not work properly. Note that changes to the aforementioned paramaters will only take effect if you do them before the first build and run of the image. Afterwards, you will need to make all changes by connecting to the image typing:

docker exec -u postgres -ti parse-hipaa_db_1 bash

You can then make modifications using psql. Through psql, you can also add multiple databases and users to support a number of parse apps. Note that you will also need to add the respecting parse-server containers (copy parse container in the .yml and rename to your new app) along with the added app in postgres-dashboard-config.json.

Deploying on a real system

The docker yml's here are intended to run behind a proxy that properly has ssl configured to encrypt data in transit. To create a proxy to parse-hipaa, nginx files are provided here. Simply add the sites-available folder to your nginx directory and add the following to "http" in your nginx.conf:

http {
    include /usr/local/etc/nginx/sites-enabled/*.conf; #Add this line to end. This is for macOS, do whatever is appropriate on your system

Setup your free certificates using LetsEncrypt, follow the directions here. Be sure to change the certificate and key lines to point to correct location in default-ssl.conf.

Is there a mongo version available?

The mongo equivalent is available in this repo. The same steps as above. but use:

docker-compose -f docker-compose.mongo.yml up

Popular Gdpr Projects
Popular Docker Projects
Popular Legal Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Cloud Computing
Environment Variables
Backend As A Service