When you store everything in a big centralized system, the risk of that data being compromised increases greatly. Right now, the reason why no one is hacking Firebase is because the data which is being stored in there is low-value.
If banks and hospitals started storing data in Firebase, you can be sure that it would attract the attention of hackers and you can be sure that they would find an exploit eventually.
You can't possibly place all of the world's high-value data inside one or two systems. Every single change made to the codebase is a potential security vulnerability.
Also, I imagine that employees of Firebase have access to all your data - What if one of them decided to share your data with a competitor. Humans are corruptable - This is too much power to put in the hands of so few people.
Is health data actually worth that much to hackers? Genuine question.
Data related to a person's education/intelligence is valuable too.
If you could get a list of all emails of people in the world with IQ < 70, you could easily take advantage of those people by sending them scam emails (for example).
Also, someone's preference for particular adult content is highly valuable (for blackmail).
A person's location data might also be quite valuable (especially if that person is a politician/celebrity).
Scammers could use the info to find targets (Fake hospital bills, "new medications", ... are easier to sell with correct information. Financial scams might work better on families that are desperate to pay expensive bills)
Publicly shaming or attacking people with "bad" or "disgraceful" health issues. (HIV, gender operations, mental issues...)
...and even if they did, the technical requirements of HIPAA compliance go much further than what Parse has to offer. You'd be much better suited building an application and hosting it on Catalyze[1], which covers every aspect of HIPAA compliance and has a HITRUST certification.
