Protecting Privacy in Messaging Systems used in Health Promotion Research

Cellular communication, by providing global access to users at any time and place, has changed human society. Many health promotion projects utilize this technology for data collection and communication in research and practice. The Pew Research Center reports that cell-phone texting is the preferred channel of basic communication between teens; 72% of teens are regular text messagers. Thus, these systems may provide an avenue for reaching high-risk youth with health education/ promotion messages. The focus of this presentation is on securing privacy in text messaging systems that are used for health education/promotion to support behavior change. With the adoption of SMS (short message service) for health promotion, securing the privacy of personal health information for clients is an important consideration. To our knowledge, this issue has not been addressed systematically. Our objective is to review privacy aspects in a state-of-the-art messaging systems used with Be Fit with Friends (BFF), a physical activity intervention among Latino adolescent girls that incorporated SMS to disseminate and gather information and tailor health messages. We will describe the privacy protections implemented as part of a new reconfigurable and automated messaging system used in the BFF program, such as Role-Based Access Control (RBAC), that was implemented for restricting system access to authorized users. Different roles are created for various job functions. The roles can also be combined in a hierarchy where higher-level roles subsume permissions owned by sub-roles. Conventional security techniques are used to protect access to the website and server application.