Changes to the National Authentication Service for Health (NASH) PKI certificates
The Australian Digital Health Agency has been working closely with Services Australia and the medical software industry to upgrade the NASH authentication system to enhance security when accessing digital health services.
The transition from NASH SHA-1 to NASH SHA-2 will provide enhanced protection of healthcare information and ensure Australians can continue accessing digital health services safely and securely.
From today, healthcare organisations can obtain a NASH SHA-2 certificate in Health Professional Online Services (HPOS) if their software products are NASH SHA-2 ready.
NASH certificates expiring on or before 13 March 2022 can be renewed now. We will make a subsequent announcement about the transition of NASH SHA-1 certificates that expire on or after 14 March 2022.
Healthcare provider organisations should upgrade their software products to a NASH SHA-2 ready version prior to their NASH certificate expiry date where possible and no later than 13 March 2022. Please refer to the readiness register at https://www.digitalhealth.gov.au/nash.
We appreciate the support of medical software providers for this important initiative.
If you would like more information on the NASH SHA-2 transition or how to request a NASH SHA-2 certificate, please visit our website at: https://www.digitalhealth.gov.au/nash
If you are a software developer and would like more information on NASH SHA-2 readiness, please visit the Developer Portal NASH resources.