Verizon Australia is a third party organisation who manages the issuance of both Medicare and NASH PKI certificates that are used by Healthcare Organisations to undertake electronic business with Services Australia.
Verizon have notified Services Australia that they must make an upgrade to the Transport Layer Security that’s used on their website www.certificates-australia.com.au from TLS1.1 to TLS1.2. The upgrade will now take place on Saturday 25 June 2022.
Software vendors who are currently using TLS1.1 will need to upgrade to TLS1.2 to avoid any impact.
Who does this affect?
All systems that use NASH or Services Australia (Medicare) PKI certificates, that have also been hardcoded to use TLS 1.1, or are running on Windows Server 2008 or Windows 7 or earlier.
These systems may experience issues with the following digital health services:
- The My Health Record B2B gateway
- The Healthcare Identifiers service
- Electronic Prescribing
- Secure Messaging
- Medicare-related services
- Any other use of the NASH or Services Australia (Medicare) PKI
Required action
Please ensure that your software has not been hardcoded to use TLS 1.1. and provide advice to any customers that may be running on Windows Server 2008 or Windows 7 or earlier.
Ensure your software is compatible with TLS 1.2 or 1.3 and that your customers’ operating systems are configured to default to TLS 1.2 or TLS 1.3.
How do I self-check my software?
To ensure systems remain secure, the TLS version should not be hardcoded.
Microsoft provide information on how to check the TLS version of your software and guidance on the recommended configuration here.
How to update Windows Operating System to support TLS
Earlier versions of Windows, such as Windows 7 or Windows Server 2008, don't enable TLS 1.2 by default for secure communications. For these earlier versions of Windows please see the Microsoft guidance here.
For your information:
- Transport Layer Security (TLS) is a security protocol for establishing encryption channels over computer networks.
- ISM guidelines provided by the Australian Securities Directorate (ASD) dictate that Verizon must upgrade from TLS1.1 to TLS1.2 in the very near future.
- Healthcare Professionals attempting to access the Verizon website www.certificates-australia.com.au without upgrading to TLS1.2 will have connectivity issues once Verizon removes support for TLS1.1.
The Verizon web site hosts the Medicare and NASH public PKI certificate directories which are commonly used to facilitate business to business communications. In particular Healthcare Professionals and their software may have issues in verifying the validity of PKI certificates, accessing the chain of trust and verifying Certificate Revocation Lists.
