A hash, in essence, is the digital fingerprint of a document. It is also called a digest of a data message.
To understand how a hash is obtained, we can compare its creation to that of a CURP or RFC. A system digests your personal information such as name and date of birth and outputs a series of letters and numbers. At first glance it is not easy to understand what each of them means, but together they contain all your identifying information.
The important difference between obtaining a CURP or RFC and a hash is that from a hash you cannot obtain the original document to which it belongs, it is irreversible.
Every hash is unique. Any change or alteration to the document—removing or adding a period, a space, a comma—would generate a different hash. No two different documents produce the same hash.
Why the hash is signed
NOM 151 regulates part of the electronic signature. It states that what the PSC must sign when issuing a record of data integrity is the hash and not the original document. In fact, the PSC never receives the original document, but its hash. So you can rest assured about the privacy of the information contained in your document.
Moreover, electronic signature legislation is based on international standards and UNCITRAL model laws. These also indicate that the hash must be signed, not the original document.