Hash value is a personal information or not?

When personal information is included in a certificate created by Blockcerts, it is considered to be personal information under Japanese law, even if it is converted to a hash value. Therefore, we have been instructed by the legal department to avoid recording such information on the blockchain.
We would like to devise a way to prevent the hash values from being classified as personal information, but we do not know how to do so. If you are operating certificates in Japan or in other countries, please let us know how to deal with this problem.

Are there any hashing mechanism that would be tolerated? It seems pretty intense to consider a sha256 hashing of the whole document as correlatable to PII.

In any case, if I understand correctly the problem, it’s the blockchain anchoring that’s not authorized, not just the hashing.

I see potentially 2 solutions:

Here are example files (with multiple signatures, but they don’t need to be, nor signed with MerkleProof2019):

As a matter of fact, I think if you change the signature back to an object (and not an array) and keep only the first one, the documents should verify.

Thank you for your reply, the off chain method is under consideration within our company. First of all, I would like to thank you for your advice.