Public Key Infrastructure

Medicare Public Key Infrastructure (PKI) certificates give Healthcare Providers health professionals secure access to online services.

Health care providers need a Medicare Public Key Infrastructure (PKI) certificate to access online services. PKI certificates ensure that information you submit through our online services is secure.

We issue PKI certificates to individuals and organisations in the health sector.

National Authentication Service for Health PKI certificates

Healthcare Providers and participating supporting organisations must have a National Authentication Service for Health (NASH) PKI certificate to access the My Health Record system.

For more information about NASH, visit eHealth.

Standards and legislation

We have IT standards for electronic transmission, scanning and storage of:

  • referrals to specialists or consultant physicians, and
  • requests for pathology and diagnostic imaging services

These standards are Notice of Information Technology (IT) Requirements under the Electronic Transactions Act .

Our PKI certificates are based on the Gatekeeper (Public Key Infrastructure) framework and meet the International Organisation for Standardisation (ISO) Health Informatics - Public Key Infrastructure technical specification (ISO/TS 17090).


Any health care site or health care professional that wishes to do business with us electronically is eligible for a PKI certificate.

How to apply

For most online business, you can apply for your Medicare PKI certificate when you register for our online services.

Apply for a Medicare PKI certificate using the following forms:

For more information go to:


Medicare PKI certificates expire every 5 years and need to be renewed if you wish to continue to use them.

If your software automatically renews your Medicare PKI certificate, you do not have to do anything to renew your certificate. If your software does not automatically renew your Medicare PKI certificate, we will send you a letter when your certificate is 60 days from its expiry date. You will need to complete the enclosed form and send it back to us. We will renew your Medicare PKI certificate upon receiving your completed form.

PKI policy documents

PKI certificate policies set out the rules for how we issue PKI certificates, and how they should be used. Read the PKI policies and terms and conditions before you use your Medicare PKI certificate.

Healthcare Public Directory

The Healthcare Public Directory lists individuals and organisations that have an active Medicare PKI certificate. You can also access the certificate revocation list from this directory. Go to Certificates Australia for more information about the directory.

PKI supporting documents, tools and software

You can read more information about how to install a PKI individual certificate and the PKI Certificate Manager.

Privacy policy

For the current PKI privacy policy, refer to the Department of Human Services Public Key Infrastructure (PKI) Privacy Policy June 2013.

For the previous PKI privacy policy, refer to the SecureNet-HeSA Gatekeeper Health PKI - Registration Authority Privacy Policy.


For additional assistance, go to the PKI site certificates on the contact us page.

Page last updated: 10 March 2016

This information was printed Tuesday 25 October 2016 from It may not include all of the relevant information on this topic. Please consider any relevant site notices at when using this material.