Protecting health information is a key part of caring for healthcare consumers
Developer guides
NASH SHA-2 Certificates - Developer Guide
This Developer Guide is for the use of developers whose products connect to the Healthcare Identifiers (HI) Service, My Health Record, Electronic Prescribing and Secure Messaging with a National Authentication Service for Health (NASH) PKI Certificate.
Security Requirements Conformance Profile
The Agency is cognisant of the inherent cyber security risks posed by systems connected to and accessing the My Health Record system, as well as potentially vulnerable aspects of the national infrastructure and all services under its care.
Security resources
Security resources from our Cyber Security Awareness team.
Resources
eHealth Specifications and Standards v1.0
Product
EP-1543:2013
Status
Active
Version
1.0
Clinical specifications and standards.
NASH Organisation Certificate Tracker v1.0.1
Product
EP-2297:2016
Status
Active
Version
1.0.1
Services
Topics
The NASH Organisation Certificate Tracker is a simple tool for listing the expiration dates of NASH PKI Certificates for Healthcare Provider Organisations (NASH certificates). Healthcare provider organisations need active NASH certificates to both access the My Health Record system and securely send and receive information via SMD secure messaging…
NASH SHA-2 Readiness Assessment v1.3
Product
EP-3719:2022
Status
Active
Version
1.3
Services
Topics
NASH SHA-2 PKI Certificate Readiness Assessment v1.0 PDF This provides detailed guidance for developers on the NASH SHA-2 readiness assessment use cases, technical requirements, testing approach and processes. NASH SHA-2 Readiness Test Specs v1.3 XLS Introduces changes to the test environment endpoints for the Clinical Information Systems, along with the…
National Authentication Service for Health v1.0
The National Authentication Service for Health (NASH) makes it possible for healthcare providers and supporting organisations to securely access and exchange health information. NASH provides Public Key Infrastructure (PKI) Certificates that help you or your organisation to: access the My Health Record system; and send and receive messages securely using…
National eHealth Security and Access Framework v4.0
The National eHealth Security and Access Framework (NESAF) provides standards, tools, and guides for the Australian healthcare sector to build and implement secure systems that protect patient data and eHealth-related assets, while providing the provenance required for ensuring patient safety and privacy. (For more details and to download fact sheets, see…