OCR (Optical Character Recognition) is technology that converts different types of documents, such as scanned paper documents, PDF files, or images captured by a digital camera, into editable and searchable data.

What file formats are supported?

We support all major image formats including JPG, PNG, WEBP, TIFF, BMP, and PDF documents.

How accurate is the text recognition?

Our OCR engine achieves 99.9% accuracy on clear, high-quality documents. Accuracy may vary based on image quality, handwriting, and document complexity.

Yes, all data is encrypted in transit and at rest. We use industry-standard security practices and do not share your data with third parties.

What languages are supported?

We support over 107 languages including English, Spanish, French, German, Chinese, Japanese, Arabic, and many more.

¿Funciona con documentos en español?

Sí, nuestro OCR soporta español y más de 107 idiomas. Simplemente selecciona 'Español' antes de escanear tu documento para obtener los mejores resultados con texto en español.

Can I scan Spanish documents?

Yes! Our OCR fully supports Spanish language documents. Select 'Español' as your document language before scanning to get optimized results for Spanish text.

Can I translate scanned text?

Yes! ScanThisText offers AI-powered translation for extracted text. After scanning a document, you can translate it to any of our 107+ supported languages instantly.

How many languages can I translate to?

Our translation service supports 107+ languages including English, Spanish, French, German, Chinese, Japanese, Arabic, Portuguese, Italian, Russian, Korean, and many more.

¿Puedo traducir documentos escaneados?

¡Sí! ScanThisText ofrece traducción con IA para texto extraído. Después de escanear un documento, puedes traducirlo instantáneamente a cualquiera de nuestros 107+ idiomas compatibles.

HIPAA-Compliant OCR with BAA and PHI Redaction

"HIPAA compliant" has become a marketing checkbox — which is exactly why healthcare compliance officers stopped trusting it. The real question isn't whether a vendor claims compliance. It's whether they'll sign a Business Associate Agreement, and whether their architecture actually supports the obligations inside it.

What the BAA Actually Obligates

A Business Associate Agreement commits the vendor to safeguard PHI, report breaches within a defined window, limit access to the minimum necessary, and return or destroy PHI at contract end. That's not just a signature — it's an architecture requirement. Platforms that weren't built for PHI usually can't meet those terms without rebuilding.

Where Most OCR Tools Break HIPAA

Training on customer data: Many free OCR tools explicitly reserve the right to use uploaded content to improve their models. That's a non-starter for PHI.
Third-party LLM passthrough: Sending extracted text to a downstream AI without a BAA on that vendor creates a chain-of-custody break.
Persistent storage: Holding documents longer than needed multiplies breach surface area.
Unredacted exports: Exporting a medical record with every identifier intact when the downstream workflow only needs the clinical content.

What Real PHI Redaction Looks Like

ScanThisText's medical module recognizes the 18 HIPAA Safe Harbor identifiers — names, dates, MRNs, SSNs, phone numbers, addresses, device IDs, account numbers, biometric identifiers, and more — and redacts them before the extracted text leaves the processing pipeline. You get two versions side by side: the full PHI-inclusive extraction for authorized users, and a de-identified export for research, analytics, or downstream tools that don't need identifiers.

The Audit Trail Built-In

Every scan logs who uploaded it, when, from which IP, which user agent, what fields were extracted, and whether the redacted or full version was exported. HIPAA's accounting-of-disclosures requirement becomes a database query instead of a forensic investigation.

Minimum Necessary, Enforced by RBAC

HIPAA's minimum-necessary standard says users should see only the PHI required for their role. In practice, that means the scheduling team shouldn't see clinical notes, billing shouldn't see diagnoses beyond what's needed for coding, and researchers should see de-identified data only. Role-based access control on the medical module enforces those boundaries automatically — no honor system.

Signed BAA, Not Implied

Enterprise and Healthcare customers on ScanThisText get a signed BAA as part of onboarding. Sub-processors — including the LLM provider handling enrichment — are covered under back-to-back BAAs, so chain-of-custody stays intact end to end.

Bring It to Your Compliance Review

If you're scoping an OCR vendor for medical intake, chart digitization, prior-auth processing, or claims workflows, start with the BAA and architecture docs — not the feature list. Request the Enterprise Healthcare brief to share with your compliance and security teams.

HIPAA-Compliant OCR: What a Real BAA + PHI Redaction Look Like