Protected Health Information (PHI): A Document’s Journey to Translation

Compliance with Federal and State regulations concerning Protected Health Information (PHI) is a top priority at ISI Language Solutions. We routinely process translation requests containing abundant and varied PHI for our healthcare industry clients. This often includes ID cards issued outside the United States, patient reports from overseas hospitals and financial records. Special attention is required to remove this type of information when sharing files with external vendors over the course of the project lifecycle. ISI conducts company-wide HIPAA compliance training annually to educate staff on how to recognize and redact all instances of PHI.

Tasks associated with modifying images of foreign ID documents for transfer to third party vendors provide an illustrative example of the lengths ISI takes to protect privacy and achieve regulatory compliance.

Agencies responsible for issuing modern government ID documents employ innovative and novel methods to accomplish their primary objective, displaying information so a viewer can accurately verify the identity of the document holder. When preparing the source file for transfer to an external vendor, all text and graphical components which constitute personally identifiable information must be scrubbed by means of secure and permanent digital document redaction. Essentially, our efforts to comply with privacy regulations run directly contrary to the main purpose of an ID document.

Here are some unique areas of note:

  • ID cards issued around the world often include both a standard high-resolution main portrait image and a smaller semi-translucent “ghost image.” These are incorporated into the background of the document alongside other security features like holograms, watermarks and foil stamps. Project Managers pay careful attention to these secondary facial portraits to identify and redact personally identifiable images even when intentionally less visually prominent.
  • Secondary unlabeled birth dates which often appear with different separators or an international date format are featured frequently on ID documents issued outside of the United States. In many cases, separators are omitted entirely as they are on many United States driver’s licenses.
  • Scan codes, barcodes and QR codes must also be redacted. Though they do not convey any information directly, they can easily reveal PHI through code reading technology. International and domestically issued ID documents commonly employ three or more instances of machine-readable graphical data.
  • For decades ID documents represented physical traits like sex, height, hair color, weight and eye color. Outside of the United States, governments increasingly choose to include the image of an individual’s fingerprint. As biometric data as a form of identification expands overseas, LSPs must be on the lookout for its inclusion in source material for translation.
  • International ID standardization encourages expanded use of a universal Machine Readable Zone (MRZ). This almost always appears on the back of a card and may seem to the untrained eye as an unintelligible jumble of numbers, letters and angle brackets. However, Like the examples outlined above, this field conveys a robust array of personally identifiable information including but not limited to, birth dates and ID numbers.

ISI Language Solutions goes the extra mile to provide quality results for even the most challenging projects while ensuring regulatory compliance and upholding the most stringent data security standards.

Contact us today to discuss your next language project. Rest assured we will diligently adhere to industry leading privacy protection practices honed through years of experience working with clients in the healthcare field.

Written by Scott Richards, Junior Project Manager