Merge branch 'de-identification-service-articles' of https://github.com/paulth1/azure-docs-pr into de-identification-service-articles

Author: paulth1

articles/healthcare-apis/deidentification/overview.md

@@ -52,22 +52,22 @@ Consistent surrogation results enable organizations to retain relationships that
 
 The de-identification service offers many benefits, including:
 
-- **Expanded PHI coverage:** The service expands beyond the 18 HIPAA identifiers to provide stronger privacy protections and more fine-grained distinctions between entity types. It distinguishes between doctor and patient and covers [27 PHI entities that the service de-identifies](/rest/api/health-dataplane/deidentify-text/deidentify-text#phicategory).
-- **PHI compliance:** The de-identification service is designed for PHI. The service uses machine learning to identify PHI entities, including HIPAA's 18 identifiers, by using the `TAG` operation. The redaction and surrogation operations replace these identified PHI values with a tag of the entity type or a surrogate or pseudonym. The service supports compliance requirements such as HIPAA and GDPR principles.
-- **Security:** The de-identification service is a stateless service. Customer data stays within the customer's tenant.
-- **Role-based access control:** Azure role-based access control enables you to manage how your organization's data is processed, stored, and accessed. You determine who has access to de-identify datasets based on roles that you define for your environment.
+- **Expanded PHI coverage**: The service expands beyond the 18 HIPAA identifiers to provide stronger privacy protections and more fine-grained distinctions between entity types. It distinguishes between doctor and patient and covers [27 PHI entities that the service de-identifies](/rest/api/health-dataplane/deidentify-text/deidentify-text#phicategory).
+- **PHI compliance**: The de-identification service is designed for PHI. The service uses machine learning to identify PHI entities, including HIPAA's 18 identifiers, by using the `TAG` operation. The redaction and surrogation operations replace these identified PHI values with a tag of the entity type or a surrogate or pseudonym. The service supports compliance requirements such as HIPAA and GDPR principles.
+- **Security**: The de-identification service is a stateless service. Customer data stays within the customer's tenant.
+- **Role-based access control (RBAC)**: Azure RBAC enables you to manage how your organization's data is processed, stored, and accessed. You determine who has access to de-identify datasets based on roles that you define for your environment.
 
 ## Easy API integration into your workflow
 
 ![Screenshot that shows the API integration workflow.](workflow.png)
 
 Integrating the Azure de-identification service into your environment is fast, flexible, and secure. The service is built to support health and life sciences workflows with minimal effort.
 
-- **API-first design:** Determine whether you need real-time de-identification or asynchronous batch processing from Azure Blob Storage. The REST API and SDKs provide easy integration points to fit your system.
-- **Quick setup:** Deploy the service in minutes by using the Azure portal, Azure Resource Manager templates, Bicep, or the Azure CLI. You can be up and running quickly without complex configuration.
-- **Secure access:** Enable private endpoints by using Azure Private Link to keep data traffic off the public internet.
-- **Fully managed identity support:** Use managed identities for secure, credential-free access to Azure Blob Storage.
-- **Compliance-ready:** Operate the service within your Azure tenant and to adhere with HIPAA.
+- **API-first design**: Determine whether you need real-time de-identification or asynchronous batch processing from Azure Blob Storage. The REST API and SDKs provide easy integration points to fit your system.
+- **Quick setup**: Deploy the service in minutes by using the Azure portal, Azure Resource Manager templates, Bicep, or the Azure CLI. You can be up and running quickly without complex configuration.
+- **Secure access**: Enable private endpoints by using Azure Private Link to keep data traffic off the public internet.
+- **Fully managed identity support**: Use managed identities for secure, credential-free access to Azure Blob Storage.
+- **Compliance-ready**: Operate the service within your Azure tenant and to adhere with HIPAA.
 
 ## Synchronous or asynchronous endpoints
 
@@ -85,9 +85,7 @@ The following service limits apply:
 - Requests can't exceed 50 KB.
 - Jobs can process no more than 10,000 documents.
 - Each document processed by a job can't exceed 2 MB.
-- Requests are throttled if you exceed 1 MB per 5 seconds or 100 requests per 5 seconds.<sup>1</sup>
-
-<sup>1</sup> If your use case requires higher throughput, submit a support request for consideration.
+- Requests are throttled if you exceed 1 MB per 5 seconds or 100 requests per 5 seconds. If your use case requires higher throughput, submit a support request for consideration.
 
 ## Pricing
 

articles/healthcare-apis/deidentification/quickstart-asynchronous-python.md

@@ -22,20 +22,20 @@ When you choose to store documents in Azure Blob Storage, you're charged based o
 
 ## Prerequisites
 
-* An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/pricing/purchase-options/azure-account?cid=msft_learn)
-* A de-identification service with system-assigned managed identity. [Deploy the de-identification service](quickstart.md)
+* An Azure account with an active subscription. [Create an account for free](https://azure.microsoft.com/pricing/purchase-options/azure-account?cid=msft_learn).
+* A de-identification service with a system-assigned managed identity. To create one, use the following steps. For more information, see [Deploy the de-identification service](quickstart.md).
 
-1. In the top search bar, enter **De-identification**.
-1. Select **De-identification Services** from the search results.
-1. Select **Create**.
-1. Fill in required subscription and instance details.
-1. Select **Review + create**, and then select **Create**.
-1. After deployment is finished, go to the resource and copy your service URL and subscription ID.
+  1. In the top search bar, enter **De-identification**.
+  1. Select **De-identification Services** from the search results.
+  1. Select **Create**.
+  1. Fill in required subscription and instance details.
+  1. Select **Review + create**, and then select **Create**.
+  1. After deployment is finished, go to the resource and copy your service URL and subscription ID.
 
-> [!IMPORTANT]
-> To use the Batch (asynchronous) API with the multilingual model, ensure that you have the DeID Batch Data Owner role assigned to your identity in **Access Control (IAM)**.
+  > [!IMPORTANT]
+  > To use the Batch (asynchronous) API with the multilingual model, ensure that you have the DeID Batch Data Owner role assigned to your identity in **Access Control (IAM)**.
 
-Install the [Azure CLI](/cli/azure/install-azure-cli), and open your terminal of choice. In this tutorial, we use Azure PowerShell.
+* Installation of the [Azure CLI](/cli/azure/install-azure-cli). After you install it, open your terminal of choice. In this tutorial, we use Azure PowerShell.
 
 ## Create a storage account and container
 
@@ -93,7 +93,7 @@ Next, you upload a document that contains synthetic protected health information
 
 In this step, you grant role-based access to the container for the system-assigned managed identity of the de-identification service.
 
-You grant the Storage Blob the Data Contributor role because the de-identification service reads the original document and writes the de-identified output documents.
+You grant the Storage Blob Data Contributor role because the de-identification service reads the original document and writes the de-identified output documents.
 
 Substitute the name of your de-identification service for the `<deid_service_name>` placeholder:
 

articles/healthcare-apis/deidentification/quickstart-python.md

@@ -62,7 +62,7 @@ Now that the resource is deployed, you need to assign yourself the following per
 1. Select **Add** and **Add role assignment.**
 1. Select **DeID Data Owner** and **DeID Real-Time Data User**, and then select **Members** on the top panel.
 1. Select **+ Select members** to open a panel. Search for your own name and choose **Select.**
-1. Back on the **Members** panel, select **Review + assign** at the bottom left.
+1. Back on the **Members** panel, select **Review + assign** at the lower left.
 
 >[!TIP]
 >If you want to use both the synchronous and asynchronous (Batch) APIs, you need to also assign yourself the DeID Batch Data Owner role.