Abstract
OBJECTIVES: The present study aims to identify the key challenges related to information security and confidentiality in health chatbots, extract relevant solutions, and propose a conceptual model to ensure secure and confidential data management within such systems. METHODS: To achieve the study's objectives, a scoping review was conducted. This phase focused on identifying reported challenges and proposed solutions in prior studies regarding information security and confidentiality in health chatbots. In this context, we selected English-language articles in international journals and conferences related to information security and confidentiality in health chatbots. After that, relevant international frameworks, studies, and guidelines on information security, confidentiality, and privacy were systematically reviewed and analyzed and then, a conceptual model was created which was further developed and refined through validation by a panel of experts. RESULTS: Out of 1233 articles screened, 16 met the inclusion criteria. Recurring challenges in health chatbots, such as breaches of privacy, no transparency, incomplete consent, technical issues in data handling, lack of legal frameworks, and emerging threats, were identified in the results. The literature suggested measures like encryption, risk management, access control, standardization, and regular evaluations. Based on international frameworks, a comprehensive conceptual model with four key dimensions was developed, integrating software, hardware, and middleware layers to improve data security and confidentiality. CONCLUSION: These findings can benefit users, health practitioners, the regulatory authorities, and chatbot developers who want to increase the safety and credibility of health chatbot systems.