Introduction
This Developer Guide provides guidance for developers on how to test their NASH SHA-2 software enhancements and submit evidence of their product’s readiness to the Agency for assessment.
Software assessed as meeting NASH SHA-2 readiness will be included on the Agency’s public NASH SHA-2 readiness register and will be used by HPOS to help the developer’s customers request the correct (SHA-1 or SHA-2) certificate.
Should developers require a more detailed guide to the NASH SHA-2 readiness assessment use cases, technical requirements, testing approach and processes, they should consult the NASH SHA-2 PKI Certificate Readiness Assessment.
Step 1: Test your enhancements
The individual developer is responsible for conducting self-testing in their own test environment for the relevant requirements and test cases. The Agency has prepared a NASH SHA-2 readiness test specification which is intended to provide a step-by-step NASH SHA-2 software testing guide and provides a template to for developers to create evidence of the testing undertaken as well as a statement of readiness.
Developers should test the earliest supported version of their software that supports NASH SHA-2.
Please note that evidence needs to be provided individually for each product that requires assessment of SHA-2 readiness.
Step 2: Complete the Declaration for NASH SHA-2 readiness
An appropriate representative of the software developer must complete the Declaration for NASH SHA-2 readiness which can be found on the Declaration tab of the NASH SHA-2 readiness test specification.
Step 3: Provide evidence to the Australian Digital Health Agency
Once developers have fully completed the NASH SHA-2 readiness test specification it should be submitted to the Agency by emailing [email protected] with above evidence, with a subject line ‘NASH SHA-2 Testing’.
The following documents are to be submitted to the Agency for assessment:
1. The completed NASH SHA-2 readiness test specification, containing required information, screenshots and declaration.
2. Ensure that any files required by the NASH SHA-2 readiness test specification have been attached
Step 4: Agency assessment of SHA-2 readiness
Once the Agency receives the evidence of the developer’s testing, the Agency will:
1. Acknowledge that the evidence has been received.
2. The Agency will review the evidence submitted by the developer and discuss the readiness assessment result with developers where appropriate. Developers may be required to resubmit and/or retest any test cases upon request by the Agency until a satisfactory result is obtained.
3. Once the Agency is satisfied with the developer’s NASH SHA-2 readiness test specification, the Agency will notify the developer.
4. Unless the developer indicates otherwise (indicated in the NASH SHA-2 readiness test specification, the Agency will:
a. include the details of the software product within the publicly available NASH SHA-2 readiness register; and/or
b. add the software to a list to ensure that the developer’s customers can request the correct (SHA-1 or SHA-2) certificate in HPOS.
Support
The Agency’s Digital Health Help Centre
First level support and escalation to Agency subject matter experts, product and partnership teams
Phone: 1300 901 001 (Mon-Fri, 8:00-17:00 AEST/AEDT)
Email: [email protected]
Services Australia - Developer Support
First level support and escalation to technical support and product integration teams
Phone: 1300 550 115 (Mon-Fri, 8:30-17:00 AEST)
Email: [email protected]
Services Australia - Test Kit Support
Email: [email protected]
Services Australia - Online technical support HI service
Email: [email protected]
Services Australia - Online technical support My Health Record system
Email: [email protected]