The following frequently asked questions relate to the Secure Messaging Industry Offer. (Updated 17 March 2020)
What happens when we want to send a message to an organisation that is not listed in an Online Provider Directory, their entry is out-of-date or does not support secure messaging?
You can choose to send the message, but you will take on the risk that the message may not be delivered to the intended recipient.
Does this mean as a CIS Developer we need to have an agreement with a Secure Messaging Provider to access the federated search?
Does the Agency maintain the directory service or Secure Messaging Providers maintain the directory service?
No. The Agency facilitates a Technical Working Group (TWG), that any CIS Developers and Secure Messaging Providers can participate in. The TWG develop specifications and set standards for Secure Messaging. If you want to join the TWG please send an email to [email protected] to request to join the technical working group and we can provide more information.
Secure Messaging Providers will deliver aggregation end points based on FHIR profiles and host those end points for CIS Developers to leverage.
Do we need to implement both 6.2.1 Directory Consumer with Directory Operator and 6.2.2 Directory Consumer with Aggregator?
No. The intent of the developer guide was to allow for the CIS developers (Directory Consumers) to choose whether they want to integrate with an Aggregation endpoint hosted by the Secure Messaging vendors (we believe this to be the more common implementation pattern) or whether they want to integrate with a Directory Operator endpoint (if provided by Secure Messaging vendor) and perform the aggregation locally (we anticipate less of a take up of this implementation pattern).
Do we need to implement authentication mechanisms for each Secure Messaging Provider?
No. Mutual x509 provides the minimum mandatory standard. However, if the CIS Developer and Secure Messaging Provider can agree to use an additional authentication profile, this will be based on a bi-lateral agreement between the CIS Developer and Secure Messaging Provider.
To authenticate to the Provider Directory do we only need to implement the mandatory Mutual x509 profile or will some Secure Messaging Providers require us to implement one of the optional profiles in addition to mutual x509?
Yes at a minimum the x509 access profile is mandatory for CIS and SM vendors to support so there is certainty of interoperability with any vendors. Please see section 6.1.4 of the Provider Directory Service & Message Payload Developer Guide.
Who will ensure that the Secure Messaging Providers’ aggregation capabilities are similar and they don’t produce different results?
They should all be the same as they need to follow the agreed AU FHIR PD specifications.
How complete is the data in the Provider Directory? Do all Healthcare Providers have provider numbers, AHPRA numbers and HPI-I codes etc. required for referrals?
The AU FHIR PD profiles have optional fields to drive adoption, so initially data completeness will be partial, however there are initiatives that the Agency has in the proof-of-concept stage to improve both data quality and completeness.
Who will connect to the FHIR services we publish as a CIS Developer? Is this the Secure Messaging Provider who will include it in their federated search?
The typical scenario will be for the Secure Messaging Providers to publish the FHIR services for CIS Developers to consume and present to users (Healthcare Providers). Currently, the Provider Directory FHIR services are read/search only. There is no write capability. Any updates to Healthcare Provider details will continue as they currently do via existing channels.
Will there be an additional cost to use the Address book and services. What is expected?
The Agency cannot comment on commercial agreements between CIS and Secure Messaging organisations.
Do you have developer documentation for FHIR (API) based the National Health Services Directory (NHSD)?
The NHSD, managed by HealthDirect, is accessed using FHIR APIs. Further documentation on the NHSD FHIR API can be found here: https://help.nhsd.com.au/plugins/servlet/desk/portal/2/create/67
What is the recipient’s preferred Secure Messaging Provider and if our CIS customer has HealthLink and the recipient prefers ReferralNet does the API tell us if that is commercially possible?
If you have a HealthLink Secure Messaging agent at a Practice and HealthLink has agreement with ReferralNet to be able to publish their details (and therefore exchange messages) then HealthLink would effectively be able to aggregate those details and provide them to the CIS – there may be duplicates that will be presented to the user allowing them to then select the Healthcare Provider address they want to select.
Will each Secure Messaging Provider only provide information for the networks it supports?
Secure Messaging providers will provide information based on the networks and other Secure Messaging providers it has an agreement with.
How are duplicate healthcare provider records identified when conducting a search?
There is no requirement or agreed method to identify duplicate records. Users will be presented with all results to enable them to decide which record to select. For more information please see section 126.96.36.199 of the Provider Directory Service & Message Payload Developer Guide. The Service Registration Assistant (SRA) will address some of the data quality aspects of the Provider Directory.
Who will develop the federated search/aggregator? ADH, CIS or SMD provider?
Typically Secure Messaging vendors. However, there is nothing in specifications that states that a CIS provider cannot develop aggregation capabilities. Please see section 3 of the Provider Directory Service & Message Payload Tester Guide. The Service Registration Assistant (SRA) will address some of the data quality aspects of the Provider Directory.
- Is there any sample code for connecting to the directory service?
There are FHIR libraries in .NET and Java with the following links:
Nuget FHIR R4: https://www.nuget.org/packages/Hl7.Fhir.R4/
Nuget FHIR STU3: https://www.nuget.org/packages/Hl7.Fhir.STU3/
- Can Healthcare Provider Identifiers – Individuals (HPI-I) be published in the directories?
Yes, provided it is for a purpose as defined in Healthcare Identifiers Regulation 9:
(2) A healthcare provider is authorised to use, and to disclose to another entity, the healthcare identifier of a healthcare provider for the purpose of communicating or managing health information as part of:
(a) the provision of healthcare to a healthcare recipient; or
(b) the management (including the investigation or resolution of complaints), funding, monitoring or evaluation of healthcare.
(3) The other entity is authorised to collect, use or disclose the healthcare identifier of a healthcare provider for the purpose for which the healthcare identifier was disclosed to the entity under sub-regulation (2).
Please also ensure that access to the directory is controlled and users agree to Ts and Cs that reflect the regulation.
Is synchronisation between the Local Address Book and the Online Directory required every time a message is sent or the user can choose to check?
Ensuring the Local Address Book is up to date each time a message is sent, is the recommended approach. The goal of this requirement is to ensure the message reaches it desired recipient. There are alternative suboptimal ways to implement this functionality such as periodic batch updates.
- If the CIS has a Local Address Book, is it mandatory to save the Online Provider Directory search results to the Local Address Book?
It is not mandatory to save search results in the Local Address Book. For CIS products that use a Local Address Book we strongly recommend validating the Local Address Book as often as possible to ensure consistency across search results.
Currently we store provider details in the CIS, usually received from the PAS. We send this directly to the Secure Messaging Provider. Is the recommended practice to change from this and then perform searches as required?
Any updates to healthcare provider details in online directories should be done as per existing channels and processes. The scope of the current Secure Messaging industry offer does not include or specify updating healthcare provider details in the online directories. It specifies how provider details can be found across multiple online provider directories from varying organisations. Having said that, suggestions are provided on how to maintain local address books aligned with healthcare provider details in online directories.
Is this service replacing our internal address book?
The Agency understands that some products with local address books manage additional metadata about healthcare providers. This service is intended to ensure that if products use a local address book to manage information about healthcare providers that they are kept up to date and aligned with the core addressing changes made in the online provider directory to ensure delivery of message.
Can we update information in the local address book automatically, without troubling the user?
Yes, this is possible and recommended.
The main thing we'd be wanting to synch to local address book is preferred Secure Messaging Provider of the recipient and their mailbox name for that Secure Messaging Provider (e.g. HealthLink ‘Sunnybank Med’ but these fields not in sample page - will this be there ?
Yes, you can search for the recipient and the Secure Messaging identifier (a.k.a. Vendor Directory Identifier – VDI). This is effectively the “mailbox name” issued by the recipient Secure Messaging provider.
Is PUT/POST required to send back up?
HTTP PUT and POST to online provider directory are currently not supported. The read/search is executed by performing a GET operation.
Do you have any suggestions on aggregating healthcare providers from the Provider Directory into an existing local provider address book?
Please refer to section 6.3.2 of the PDS & MP Developer Guide. Although directory caching is not a mandatory requirement, is recommended for implementation to improve performance of queries.
- What is the expectation of the NASH expiry test for a CSP-NASH? Our NASH cert covers all CIS users and it is meaningless to end users as we the vendor have to action for our whole cloud infrastructure.
As detailed in the NASH PKI Organisation Certificate Developer Guide, certificate expiry needs to be managed by the CSP organisation to ensure continuity of connection to the HI Service and My Health Record for your clients. Requirement NASH-3 is not applicable for contracted service providers (CSP) or general supporting organisations (GSO) however, it is recommended to develop similar functionality to ensure certificates are updated.
- Is there somewhere at the ADHA website where we can get a SHA-2 NASH certificate?
- NASH Test Kit form – https://developer.digitalhealth.gov.au/sites/default/files/application-requestnash-pki-test-certificate.pdf.
- NASH Test Certificates order form - https://developer.digitalhealth.gov.au/sites/default/files/testnash-certificate-order-form.pdf.
- SHA-1 and SHA-2 certificates are provided in the NASH test kit.
To obtain your test certificates please download the NASH test kit and NASH test certificates ordering forms from the site below and return to [email protected]
- Is the Agency or Human Services able to provide workflows/ policy for the issuing of SHA-2 certificates to Medical Clinics?
The workflow for Healthcare provider organisations to apply for their NASH PKI certificates remains unchanged after the introduction of the SHA-2 certificates. The digital certificates will be available for them to download via the Department of Human Services Health Professional Online Services (HPOS). The NASH PKI certificate for Healthcare Provider Organisations SHA-1 and SHA-2 Policies are available here:
Will all new NASH certs be issued as SHA-2 or SHA-1?
A Release date for SHA-2 NASH PKI Organisation Certificates in production has yet to be confirmed. Until then only SHA-1 certificates are issued to Healthcare provider organisations. Once the release date is announced, there will be a transition period where both SHA-1 and SHA-2 certificates are available to access HI and MHR systems. When a SHA-1 certificate expires (before the 12 March 2022), it will be replaced by a SHA-2 certificate.
Will there be an instance where a Medical Clinic will be issued a SHA-2 certificate and continue to have a valid SHA-1 cert or will the SHA-1 cert be revoked on issuing of the SHA-2?
As per above, expired SHA-1 certificates will be replaced by SHA-2 certificates.
When will there only be SHA-2 NASH certificates in circulation?
The Department of Human Services have announced that NASH PKI Organisations SHA-1 Certificates will no longer be supported by DHS from 12 March 2022. The Australian Digital Agency is currently working with Software providers to ensure that their software products cater for this change to minimise the impact on their customers.
Is NASH being replaced? Will PRODA be used?
NASH isn’t being replaced but it is being updated.
There are two types of NASH certificates one for Organisations and one for Individuals. NASH for Individuals has not been widely used and is being discontinued. PRODA will replace NASH certificates for Individuals to better align and support applications. NASH for organisations has not been changed but has been upgraded to the more secure SHA-2 and the way certificates are requested and delivered has been improved.
- Are NASH PKI Organisation Certificates replacing the method to connect to the HI Service and My Health Record (PCEHR)?
Yes. NASH PKI Organisation Certificates downloaded via the Health Professional Online Services (HPOS) from the 18th of September 2018, can be used to connect to the HI Service and My Health Record system. Medicare PKI site certificates can still be used until they are phased out.
Will CSP certificates be supported? Or do we need to have a certificate for each organisation we represent?
In the context of obtaining provider addressing information from an organisation hosting an online directory based on AU FHIR PD, the x509 certificate presented for authentication will be based on policies set out by the hosting organisation. Given the CSP certificates are issued by NASH we would assume most Secure Messaging Providers hosting AU FHIR PD services to allow this.
In the context of message encryption, the ATS standard states it is responsibility of the sender to assure the certificate (public key) it is using belongs to the recipient organisation or in the case of CSP, that the CSP is authorised to represent the recipient organisation. In the same way the recipient organisation needs to assure the message authenticity and if a CSP certificate was used to sign the message its up to recipient to confirm that the CSP is authorised to sign messages on behalf of that organisation.
Is there information associated with a NASH Organisation Certificate that is needed to identify the health care organisation that sends the message (rather than CSP 'facilitator')?
The NASH organisation certificate contains the HPI-O of the organisation which could be used to validate the message authenticity. Signing messages using the NASH organisation certificate is in fact a mandatory requirement for a MDM-T02 CDA based message.
- We have a CSP NASH Certificate - has the provider directory service been tested with CSP Certificates?
Yes, the Agency’s test bed has been tested with CSP NASH certificates.
- Are the certificates only used for accessing the Provider Directory? Or are they also used in secure messaging and for signing payloads?
X509 Certificates are used for both provider address lookups and message signing.
- Can we identify the provider/user using the NASH Organisation Certificate?
No, the NASH Organisation Certificate only identifies an organisation by a HPI-O.
- How can I resolve the following error when using NASH Certificates “Curl error: The Client Credentials presented are not trusted by this server”?
Ensure the CRT certificates are in the trusted certificate store not in the personal store.