National Authentication Service for Health (NASH)
The National Authentication Service for Health (NASH) provides Public Key Infrastructure (PKI) certificates that help healthcare organisations and individuals to:
- Access the My Health Record system
- Access the Healthcare Identifiers (HI) Service
- Send and receive messages securely using software that meets the requirements of Secure Message Delivery
- Access the NASH PKI directory - which lists healthcare providers and supporting organisations with an active NASH PKI certificate
The Australian Digital Health Agency (ADHA) is upgrading the NASH authentication system to strengthen security when accessing digital health services. This upgrade will provide enhanced security protection of healthcare information and ensure Australians can continue accessing digital health services safely and securely.
Services Australia will no longer issue NASH SHA-1 PKI Certificates after 13 March 2022. Organisations should upgrade their software to a NASH SHA-2 ready product by 13 March 2022 to continue to connect to the following digital health services:
- My Health Record
- Healthcare Identifiers (HI) Service
- Electronic Prescribing
- Secure Messaging
The ADHA has been working with software providers since 2018 to establish their software readiness for NASH SHA-2 certificates. Some software providers will be ready in October 2021. Your software provider will communicate with you about their software readiness for NASH SHA-2.
Check if your software is SHA-2 ready using the software NASH SHA-2 Readiness Register. This should be done as early as possible to avoid connection problems beyond 13 March 2022.
For more information on NASH visit The Australian Govenment digital health website.
How do you request or renew a NASH Certificate?
To request or renew a NASH certificate an Organisation Maintenance Officer (OMO) needs to log on to their individual PRODA account then:
Enter a mobile number. This is required to send a text message with your Personal Identification Code (PIC) when your certificate is ready to download.
Tick the check box to confirm you have read and understood the terms and conditions. Save changes and submit. Once you have received a text message, your certificate is ready to download. Log into HPOS and use the PIC to download the certificate.
- Select Go to service on the HPOS tile. You may need to complete the linking process to proceed.
- Select My programs.
- Select Healthcare Identifiers and My Health Record
- Select Healthcare Identifiers - Manage existing records.
- Select the required organisation record. When selecting the required organisation record, you may need to navigate to the correct record. Refer to view the organisation's network map, manage HPI-O details and manage your OMO procedures.
- Select My Organisation Details and then Certificates.
- Select Request a NASH PKI site certificate.
- Select your software product version from the first drop-down list. This list contains software product versions that can use NASH SHA-2 certificates (SHA-2 ready).
If you cannot locate your software from the drop-down list, please select the most appropriate reason from the second drop down list:
- My product is not on the list: if your product version is not listed as SHA-2 ready.
- I don’t know my product: if you are unsure of what software product or version is used in your organisation.
- I need a certificate for multiple products: if your organisation has multiple products that require a NASH certificate, select this option to proceed.
- I wish to select my SHA level explicitly: only when you have been advised by your software developer or you are certain which SHA level you need.
For assistance with HPOS or requesting a NASH certificate contact the eBusiness Service Centre.