National Authentication Service for Health

Healthcare providers and supporting organisations use the National Authentication Service for Health (NASH) to securely access and share health information.

Eligibility

About NASH

NASH Public Key Infrastructure (PKI) certificates help you to:

You can apply for a NASH PKI certificate if you meet the eligibility criteria.

Eligibility for a NASH PKI certificate

You're eligible for a NASH PKI certificate if:

  • you're registered in the Healthcare Identifiers (HI) Service, and are:
    • a healthcare provider,
    • a contracted service provider, or
    • a general supporting organisation that assists in the delivery of Digital Health

Applying

NASH PKI certificate for healthcare provider organisations

Before you apply for a NASH PKI certificate, you need to register in the HI Service and get a Healthcare Provider Identifier-Organisation (HPI-O).

There are 2 healthcare provider organisation types in the HI Service:

  • seed organisations
  • network organisations

Registering in the HI Service also lets you register in the My Health Record system.

Read more about the Healthcare Identifiers Service for health professionals.

Certificate policy and terms and conditions

You must read and agree to the Certificate Policy, Terms and Conditions of Use and Relying Party Agreement.

Apply as a seed organisation

A seed organisation is a principal entity that provides or controls the delivery of healthcare services. It may have subordinate, networked organisations.

If you’re a seed organisation, apply for a NASH PKI certificate:

Apply as a network organisation

A network organisation is subordinate to the seed organisation.

If you're a network organisation, apply for a NASH PKI certificate:

Application outcome

We'll post the NASH PKI certificate to your Responsible Officer (RO) or Organisation Maintenance Officer (OMO) at the address you register in the HI Service.

You'll need a personal identification code (PIC) to install the NASH PKI certificate. We'll post that to you separately.

The NASH PKI certificate comes with information to help you install it. You need to install and import it into your My Health Record system compliant software.

Contact your software vendor if you need help with installation. 

NASH PKI certificate for individual healthcare providers

Before you apply for a NASH PKI certificate, you need to register in the HI Service and get a Healthcare Provider Identifier-Individual (HPI-I).

If you're registered with the Australian Health Practitioner Regulation Agency (AHPRA), it has already assigned you a HPI-I

Read more about the Healthcare Identifiers Service for health professionals.

Certificate policy and terms and conditions

Your must read and agree to the Certificate Policy, and Terms and Conditions of Use.

Apply as an individual healthcare provider

If you're an individual healthcare provider:

Application outcome

You can choose to get the NASH PKI certificate as:

  • a smart card with chip and USB token, or
  • a smart card with smart card reader

We'll post the NASH PKI certificate and installation CD to the address you register in the HI Service. If you're registered with AHPRA, we'll post it to the address it has for you.

If you're not registered with AHPRA, you can update your address through HPOS.

You need a PIC to install the NASH PKI certificate. We'll send that to you separately.

The installation CD comes with information to help you install it.

Insert the CD into a CD reader and install the Token Administration Utility.

You’ll need to enter the PIC into the Token Administration Utility each time you use the certificate.

You can change your PIC through the Token Administration Utility.

Contact your software vendor if you need help with installation.

NASH PKI certificate for contracted service providers

To access the My Health Record system as a contracted service provider (CSP) you must provide information technology or health information management services under contract to a healthcare provider organisation.

Certificate policy and terms and conditions

Your must read and agree to the Certificate Policy and Terms and Conditions of Use.

Apply as a contracted service provider

You need to register:

  • with the HI Service to get a registration number, and
  • with the My Health Record system to request a NASH PKI certificate

Download and complete the Application to register a Contracted Service Provider organisation record form

Application outcome

We'll post the NASH PKI certificate to the CSP officer who applied for it. We'll send it to the address you register in the HI Service.

You need a PIC to install the NASH PKI certificate. We'll post that to you separately.

The NASH PKI certificate comes with information to help you install it. You need to install it into the My Health Record system or Secure Message Delivery compliant software.

NASH PKI certificate for general supporting organisations

To access the My Health Record system, a general supporting organisation (GSO) must provide infrastructure and information for the My Health Record system outside the role of a contracted service provider

Certificate policy and terms and conditions

Your must read and agree to the Certificate Policy and Terms and Conditions of Use.

Apply as a general supporting organisation

If you're a general supporting organisation you need to register:

  • with HI Service to be assigned a registration number, and
  • with the My Health Record system to request a NASH PKI certificate

Download and complete the Application to register a General Supporting Organisation form

Application outcome

We'll post the NASH PKI certificate to the GSO officer who applied for it. We'll post it to the address you register in the HI Service.

You’ll need a PIC to install the NASH PKI certificate. We'll post that to you separately.

To use the certificate, install it into the My Health Record system or Secure Message Delivery compliant software.

Managing

NASH directory

The NASH directory lists healthcare providers and supporting organisations with an active NASH PKI certificate.

If you have a NASH PKI certificate, you can access the NASH directory on the Certificates Australia website.

Updating your details

If you change your details in the HI Service this also changes the information we have about you for future NASH PKI certificates.

To change your name, correct your date of birth or update details that require supporting documents use the Healthcare Identifiers Service - Application to Amend a Healthcare Provider Record form (HW034).

Healthcare provider organisations

You can use HPOS to manage most of your contact details. To access HPOS you need a PRODA account.

Individual healthcare providers

If you're an individual healthcare provider registered with the Australian Health Practitioner Regulation Agency (AHPRA) you must contact it to update your registration details, including your address.

If you're an individual healthcare provider not registered with AHPRA, you can use HPOS to manage your contact details. 

Managing your certificates

Expiring certificates

NASH PKI certificates expire 2 years from the date of issue. The expiry date is printed on the installation CD, Smartcard and key tag.

Renewing certificates

Your NASH PKI certificate is renewed automatically if you have an active Healthcare Identifier.

If you don't get a new certificate 3 weeks before your certificate is due to expire, contact the eBusiness Service Centre.

Certificates no longer used or needed

If you don’t need or use the NASH PKI certificate, let us know.

Complete and send us a Request to Revoke and/or Reissue a National Authentication Service for Health Public Key Infrastructure certificate form.

You must do this at least 60 days before your certificate expires.

Lost certificates

If you've lost your NASH PKI certificate, you need to revoke it and request a new one. 

Complete and return the Request to Revoke and/or Reissue a National Authentication Service for Health Public Key Infrastructure certificate form.

Certificate not received

If you don't get your certificate, contact the eBusiness Service Centre.

They can also help if you have a certificate and need assistance.

Correct installation of certificates

If you’re unsure if your certificate is correctly installed, contact your software vendor.

Resources

Software vendors and developers

If you’re a software vendor or developer we have information and resources to help you.

Read more about NASH PKI certificates for software vendors and developers.

Page last updated: 27 August 2017