Public Key Infrastructure
Health care providers need a Medicare Public Key Infrastructure (PKI) certificate to access online services. PKI certificates ensure that information you submit through our online services is secure.
We issue PKI certificates to individuals and organisations in the health sector.
National Authentication Service for Health PKI certificates
Healthcare Providers and participating supporting organisations must have a National Authentication Service for Health (NASH) PKI certificate to access the Personally Controlled Electronic Health (eHealth) Record system.
For more information about NASH, visit eHealth.
Standards and legislation
We have IT standards for electronic transmission, scanning and storage of:
- referrals to specialists or consultant physicians, and
- requests for pathology and diagnostic imaging services
These standards are Notice of Information Technology (IT) Requirements under the Electronic Transactions Act [rtf, 779kb].
Our PKI certificates are based on the Gatekeeper (Public Key Infrastructure) framework and meet the International Organisation for Standardisation (ISO) Health Informatics - Public Key Infrastructure technical specification (ISO/TS 17090).
Any health care site or health care professional that wishes to do business with us electronically is eligible for a PKI certificate.
How to apply
For most online business, you can apply for your Medicare PKI certificate when you register for our online services.
Apply for a Medicare PKI certificate using the following forms:
- Application for a Public Key Infrastructure Site Certificate (HW001)
- Application for a Public Key Infrastructure Individual Certificate (HW002)
- Request to Revoke or Reissue a Public Key Infrastructure Certificate (HW003)
- Acceptable Referee Declaration for Public Key Infrastructure Certificate applications (HW004)
For more information go to:
- Simplified Billing and ECLIPSE
- Online claiming for PBS
- Online claiming for aged care providers
- Health Professionals Online Services (HPOS)
- Healthcare Identifiers Service for health professionals
Medicare PKI certificates expire every 5 years and need to be renewed if you wish to continue to use them.
If your software automatically renews your Medicare PKI certificate, you do not have to do anything to renew your certificate. If your software does not automatically renew your Medicare PKI certificate, we will send you a letter when your certificate is 60 days from its expiry date. You will need to complete the enclosed form and send it back to us. We will renew your Medicare PKI certificate upon receiving your completed form.
PKI policy documents
PKI certificate policies set out the rules for how we issue PKI certificates, and how they should be used. Read the PKI policies and terms and conditions before you use your Medicare PKI certificate.
Healthcare Public Directory
The Healthcare Public Directory lists individuals and organisations that have an active Medicare PKI certificate. You can also access the certificate revocation list from this directory. Go to Certificates Australia for more information about the directory.
PKI supporting documents, tools and software
You can read more information about how to install a PKI individual certificate and the PKI Certificate Manager.
- Public Key Infrastructure (PKI) policy documents
- Public Key Infrastructure (PKI) supporting documents, tools and software
For additional assistance, go to the PKI site certificates on the contact us page.