What is a Contracted Service Provider (CSP)
A contracted service provider (CSP) in the My Health Record system is an organisation that provides technology services or health information management services relating to the My Health Record system to a healthcare provider organisation, under contract to that organisation.
If you offer an instance of software for one or more healthcare providers to access the My Health Record, then you need to register as a CSP, and your software will need to be CSP Software.
Follow this link to find out the difference between a Clinical Information System (CIS) and a CSP Software.
More information about CSPs can be found at:
https://www.myhealthrecord.gov.au/for-healthcare-professionals/howtos/contracted-service-provider-registration.
Differences between a CIS and CSP software
The table below highlights the key differences between a CIS and CSP software:
| CIS and CSP Software | CIS | CSP software |
| User | Used by Healthcare Provider Organisations
| Used by a CSP (organisation) who operates on behalf of Healthcare Provider Organisation(s) |
| Interactions with the HI Service and/or the My Health Record system | Healthcare Provider Organisations interact directly with their HI and/or NASH certificates | CSP interacts on behalf of the Healthcare Provider Organisation with the CSP’s HI and/or NASH certificates |
| Registration | Healthcare organisations apply for their own HPI-O and certificates | CSP applies for their CSP number, CSP HI and/or NASH certificates. Healthcare organisations apply for their own HPI-O and certificates |
| Certificates management | Healthcare Provider Organisations manage their own certificates | CSP manage their own certificates |
The table below highlights the differences in the HI SOAP request:
| HI SOAP request | CIS | CSP software |
| Certificate | HPI-O HI certificate | CSP HI certificate |
| HPI-O in SOAP header | SHALL NOT include the <hpio> element. | SHALL include the <hpio> element. The HPI-O included SHALL be linked to the CSP number via HPOS. Below is an example of the extra bit in a CSP Software request: <h:hpio xmlns:xsd="http://www.w3.org/2001/XMLSchema" |
The table below highlights the differences in the My Health Record (MHR) SOAP request:
| MHR SOAP request | CIS | CSP software |
| Certificate | HPI-O NASH certificate | CSP NASH certificate |
| System Type in SOAP header | <clientSystemType> SHALL be CIS. Example: <s:Header> | <clientSystemType> SHALL be CSP. Example: <s:Header> |
| HPI-O in SOAP header | HPI-O included in the SOAP header matches the HPI-O encrypted in the HPI-O NASH certificate. | HPI-O included in the SOAP header is linked to the CSP number encrypted in the CSP NASH certificate via HPOS. |
Whether you are developing a CIS, or CSP Software, or both, you will be required to undergo Notice of Connection (NOC) and Conformance Compliance Accreditation (CCA) for the HI Service, and NOC and Conformance Compliance Declaration (CCD) for the My Health Record system. The conformance requirements are the same for both a CIS and CSP software.
For more information: