Redact Messages for HIPPA Compliancy

If you work in an industry that passes personal data, medical data, or financial data, it is crucial that you are able to remove personally-identifying information from records. This guide will use the SignalWire Python SDK to present two possible solutions that show how you can redact a message to remove the message body or delete a message to remove the entire message history.

Redacting Messages Immediately after Sending

The first solution shown is the simplest because if you already have a script for sending messages, you only need to add an extra few lines for either the Update Message API or Delete Message API.

You can run the script below to send a message to a list of phone numbers and then redact the message body after a short time period. Messages cannot be redacted while the sending is in-progress, hence why we are using time.sleep(60) to allow the message to send first. If you need to delete the entire message history rather than just removing the body, you can uncomment line 27 to run the delete message API.

from signalwire.rest import Client as signalwire_client
import time

# instantiate signalwire client 
client = signalwire_client("ProjectID", "AuthToken", signalwire_space_url = 'YourSpace.signalwire.com')

# store list of numbers to send to in an array, or replace this with a lookup to your database
phone_number_list = ['+12xxxxxxxxx', '+13xxxxxxxxx']

# Loop through phone numbers to send to 
for x in phone_number_list:
    message = client.messages.create(
                                from_='+1xxxxxxxxxx',
                                body="We're going to redact this for Hippa",
                                to=x
                            )

    # sleep for a period of time to account for while the message sending is in progress
    time.sleep(60)

    # use this to update the message body but keep the message record
    messages = client.messages(message.sid) \
                    .update(body='')
    print("Message Redacted")

    # uncomment this line and comment the above one if instead you want to FULLY delete the message, erasing all message history
    #client.messages(message.sid).delete()

This is the simplest solution but it's not very scalable. The next section will present an alternative solution that accomplishes the same goal without relying on delays after sending.

Redacting Messages with Status Callbacks

The following example is an SMS status callback application that checks for messages with a MessageStatus that does not indicate the message is still in progress. If the message is not in progress, we will redact the message body. If you prefer to delete the entire message history, uncomment lines 24 and 25 to use the Delete Message API.

from flask import Flask, request
from signalwire.rest import Client as signalwire_client

app = Flask(__name__)

# authenticate the SignalWire client
client = signalwire_client("ProjectID",
                           "AuthToken",
                           signalwire_space_url='YOUR_SPACE.signalwire.com')

@app.route("/RedactMessage", methods=['POST'])
def incoming_sms():
        # store incoming request parameters in variables 
    message_sid = request.values.get('MessageSid', None)
    message_status = request.values.get('MessageStatus', None)

    # check to make sure message isn't still in progress 
    if (message_status != "sending" and message_status != "sent" and message_status != "queued"):
        # use this to update the message body but keep the message record
        message = client.messages(message_sid) .update(body='')
        print("Message Redacted")

        # uncomment this line and comment the above one if instead you want to FULLY delete the message, erasing all message history
        # client.messages(message_sid).delete()
        # print("Message Deleted")
    return ('', 200)

if __name__ == "__main__":
    app.run()

Build and Run SMS Status Callback Application Natively

To run the application, execute export FLASK_APP=app.py then run flask run.

You may need to use an SSH tunnel for testing this code if running on your local machine. – we recommend ngrok. You can learn more about how to use ngrok here.

Sign Up Here

If you would like to test this example out, you can create a SignalWire account and space here.

Please feel free to reach out to us on our Community Slack or create a Support ticket if you need guidance!


Did this page help you?