diff --git a/lib/identity-idp-functions/version.rb b/lib/identity-idp-functions/version.rb
index 1a13f48..372b7e1 100644
--- a/lib/identity-idp-functions/version.rb
+++ b/lib/identity-idp-functions/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module IdentityIdpFunctions
-  VERSION = '0.7.5'
+  VERSION = '0.7.6'
 end
diff --git a/source/proof_document/lib/proof_document.rb b/source/proof_document/lib/proof_document.rb
index 0d985e3..212cf23 100644
--- a/source/proof_document/lib/proof_document.rb
+++ b/source/proof_document/lib/proof_document.rb
@@ -63,7 +63,8 @@ def proof
         end
       end
 
-      result = proofer_result.to_h
+      # pii_from_doc is excluded from to_h to prevent accidental logging
+      result = proofer_result.to_h.merge(pii_from_doc: proofer_result.pii_from_doc)
 
       result[:exception] = proofer_result.exception.inspect if proofer_result.exception
 
diff --git a/source/proof_document/spec/proof_document_spec.rb b/source/proof_document/spec/proof_document_spec.rb
index ce247d4..3b209a6 100644
--- a/source/proof_document/spec/proof_document_spec.rb
+++ b/source/proof_document/spec/proof_document_spec.rb
@@ -107,6 +107,7 @@
               result: 'Passed',
               success: true,
               exception: nil,
+              pii_from_doc: applicant_pii,
             },
           )
         end
@@ -138,6 +139,7 @@
             success: true,
             liveness_assessment: 'Live',
             exception: nil,
+            pii_from_doc: applicant_pii,
           },
         )
 
diff --git a/source/proof_document_mock/lib/proof_document_mock.rb b/source/proof_document_mock/lib/proof_document_mock.rb
index 71cd114..8557027 100644
--- a/source/proof_document_mock/lib/proof_document_mock.rb
+++ b/source/proof_document_mock/lib/proof_document_mock.rb
@@ -64,7 +64,8 @@ def proof
         end
       end
 
-      result = proofer_result.to_h
+      # pii_from_doc is excluded from to_h to prevent accidental logging
+      result = proofer_result.to_h.merge(pii_from_doc: proofer_result.pii_from_doc)
 
       result[:exception] = proofer_result.exception.inspect if proofer_result.exception
 
diff --git a/source/proof_document_mock/spec/proof_document_mock_spec.rb b/source/proof_document_mock/spec/proof_document_mock_spec.rb
index e0f5098..13e3112 100644
--- a/source/proof_document_mock/spec/proof_document_mock_spec.rb
+++ b/source/proof_document_mock/spec/proof_document_mock_spec.rb
@@ -41,7 +41,7 @@
   let(:selfie_image_url) { 'http://bucket.s3.amazonaws.com/bar3' }
 
   before do
-    body = applicant_pii.to_json
+    body = { document: applicant_pii }.to_json
     encrypt_and_stub_s3(body: body, url: front_image_url, iv: front_image_iv, key: encryption_key)
     encrypt_and_stub_s3(body: body, url: back_image_url, iv: back_image_iv, key: encryption_key)
     encrypt_and_stub_s3(body: body, url: selfie_image_url, iv: selfie_image_iv, key: encryption_key)
@@ -62,10 +62,14 @@
           },
         ) do |request|
         expect(JSON.parse(request.body, symbolize_names: true)).to eq(
-          document_result: IdentityDocAuth::Response.new(
+          document_result: {
+            billed: true,
+            errors: {},
+            exception: nil,
+            pii_from_doc: applicant_pii,
+            result: 'Passed',
             success: true,
-            extra: { billed: true, result: 'Passed' },
-          ).to_h,
+          },
         )
       end
     end
@@ -85,10 +89,14 @@
         end
 
         expect(yielded_result).to eq(
-          document_result: IdentityDocAuth::Response.new(
+          document_result: {
+            billed: true,
+            errors: {},
+            exception: nil,
+            pii_from_doc: applicant_pii,
+            result: 'Passed',
             success: true,
-            extra: { billed: true, result: 'Passed' },
-          ).to_h,
+          },
         )
 
         expect(a_request(:post, callback_url)).to_not have_been_made
@@ -195,17 +203,18 @@
       let(:selfie_image_url) { 'http://example.com/bar3' }
 
       before do
+        data = { document: applicant_pii }.to_json
         encryption_helper = IdentityIdpFunctions::EncryptionHelper.new
 
-        stub_request(:get, front_image_url).to_return(body: encryption_helper.encrypt(
-          data: applicant_pii.to_json, key: encryption_key, iv: front_image_iv,
-        ))
-        stub_request(:get, back_image_url).to_return(body: encryption_helper.encrypt(
-          data: applicant_pii.to_json, key: encryption_key, iv: back_image_iv,
-        ))
-        stub_request(:get, selfie_image_url).to_return(body: encryption_helper.encrypt(
-          data: applicant_pii.to_json, key: encryption_key, iv: selfie_image_iv,
-        ))
+        stub_request(:get, front_image_url).to_return(
+          body: encryption_helper.encrypt(data: data, key: encryption_key, iv: front_image_iv),
+        )
+        stub_request(:get, back_image_url).to_return(
+          body: encryption_helper.encrypt(data: data, key: encryption_key, iv: back_image_iv),
+        )
+        stub_request(:get, selfie_image_url).to_return(
+          body: encryption_helper.encrypt(data: data, key: encryption_key, iv: selfie_image_iv),
+        )
       end
 
       it 'still downloads and decrypts the content' do