Go to top of page

Quick Intro

The need for healthcare providers to connect to each other safely and securely is greater than ever. Secure messaging enables the secure and interoperable delivery of electronic messages containing clinical documents such as referrals, specialist letters and discharge summaries between healthcare providers, sent either directly or through one or more secure messaging providers. Secure messaging solutions address all elements required to support secure, reliable message transmission, including recipient discovery, message payload standardisation, authentication of messaging parties, message transmission, message integrity checks and message acknowledgement.

About the National Secure Messaging Network (NSMN)

  • The National Secure Messaging Network (NSMN) is a secure messaging solution being developed by the Agency and its industry partners. More information on the NSMN can be found here.

Further information on secure messaging is available below or via our Help Centre: [email protected] or call 1-300-901-001.

Developer Guides

E-health secure message delivery

  • Specifications | ATS-5822
  • ATS-5822 defines a set of interfaces and associated application behaviours suitable for sending clinical messages over the Internet using standard Web services protocols.
  • Download ATS-5822 from the SAI Global web site.

E-health XML secured payload profiles

  • Specifications | ATS-5821
  • ATS-5821 defines a set of interoperable mechanisms for representing secured XML data, including digital signing and encryption of secure messages.
  • Download ATS-5821 from the SAI Global web site.

E-health web services profiles

  • Specifications | ATS-5820
  • ATS-5820 defines a set of interoperable mechanisms using SOAP Web services for interconnecting computer systems in digital health applications.
  • Download ATS-5820 from the SAI Global web site.

Secure Messaging v1.1

  • Specifications | EP-3365:2021
  • The Agency’s Secure Messaging product provides software developers with information and tools to assist in the implementation of Secure Message Delivery (SMD) and the Australian Provider Directory FHIR Implementation Guide (AU-PD.
  • Download Secure Messaging v1.1

HL7 Australia Provider Directory FHIR Implementation Guide

  • Specifications | FHIR PD2
  • The HL7 Australia Provider Directory FHIR Implementation Guide (PD 2) is a RESTful API for searching directories of healthcare services and healthcare providers.
  • View the FHIR PD2 Specification.

Simplified HL7 REF-I12 profile

  • Specifications | Message specification
  • Developed by HL7 Australia, the simplified REF profile is an HL7 message specification for clinical messages. The specification reduces requirements on implementers by specifying a constrained subset of HL7 Australia's more comprehensive patient referral message.
  • View the Simplified HL7 REF-I12 Specification.

Technical Tools (for developers and testers)

CDA creation and packaging tool

  • Tool for generating and signing CDA documents, creating CDA zip packages, and creating MDM-T02 messages.
  • See the "Clinical Document Packaging Client Library" tool on the ADHA's Open Source Sample Code Directory.

CDA rendering tool

  • Tool for generating HTML for display of CDA documents (e.g. by a web browser).
  • See the "Style Sheets (for HL7™CDA documents)" tool on the ADHA's Open Source Sample Code Directory.

MDM-T02 and ACK-T02 message tool

Clinical Package Validator

  • Tool to check conformance of :
  • HL7 v2.4 messages (ACK^I12, ACK^O01, ACK^R01, ORM^O01, ORR^O02, ORU^R01, REF^I12)
  • HL7 v2.3.1 messages (ACK^T02, MDM^T02)
  • Packaged CDA documents
  • SMD messages.
  • Download the latest version of the Clinical Package Validator.

SMD messaging tools

  • Tools to support Secure Message Delivery (SMD) message construction and delivery.
  • See tools prefixed with "Secure Message Delivery (SMD)" on the ADHA's Open Source Sample Code Directory.

FHIR PD2 provider directory testing tool




Discontinuation of TLS 1.1 access to Verizon certificates-australia websites

NOTE DATE CHANGE: The upgrade will now take place on Saturday 25 June 2022.

Verizon Australia is a third party organisation who manages the issuance of both Medicare and NASH PKI certificates that are used by Healthcare Organisations to undertake electronic business with Services Australia.


Transition to NASH SHA-2 Certificates - Notifications

Changes to the National Authentication Service for Health (NASH) PKI certificates - The Australian Digital Health Agency has been working closely with Services Australia and the medical software industry to upgrade the NASH authentication system to enhance security when accessing digital health services.


Secure Messaging v1.1 - Released

The Australian Digital Health Agency has updated the Secure Messaging end product to reflect the following changes. The introduction of FHIR provider directories as a replacement for Endpoint Location Services; and
The discontinuation of the previous Conformance Assessment Scheme for Secure Message Delivery. 


Media release - Helping healthcare providers to share information

9 September 2019: Collaboration to develop enhanced secure messaging functionality will ensure healthcare providers can communicate quickly, easily and securely to provide safer and more efficient care.


Secure Messaging Industry Offer - News Release

The Australian Digital Health Agency (the Agency) is pleased to announce the release of an industry offer that will financially incentivise software providers to implement new standards for enhanced secure messaging functionality in their products.


July, 2021 - NSMN Governance Committee convened
With membership from peak clinical groups, state and federal health departments, digital health technology groups and major system vendors, the National Secure Messaging Network (NSMN) Governance Committee will provide the ability to formally define and execute ongoing governance of the NSMN specifications and documentation, and promote industry adoption of secure messaging.
December, 2020 - Secure Messaging Industry Offer (SMIO)
The Agency assists industry software vendors to implement key enablers of secure messaging in their information systems, including FHIR-based recipient discovery and standardised payload generation. More information on the SMIO is available here.
June, 2018 - Secure messaging Proof-of-Concept (PoC)
Consortia of industry partners validate the proposed secure messaging solution architecture and security design through successful end-to-end message delivery between clinical information systems.
April, 2016 - Secure Messaging Technical Working Group (SMTWG) established
The Agency and its industry partners establish a Technical Working Group that includes representatives from information system vendors across the healthcare sector. The SMTWG provides the vehicle through which technical aspects of secure messaging can be analysed and discussed, and effective, pragmatic solutions adopted.
A description can go here. 1024 character limit.

By operation of the Public Governance, Performance and Accountability (Establishing the Australian Digital Health Agency) Rule 2016, on 1 July 2016, all the assets and liabilities of NEHTA will vest in the Australian Digital Health Agency. In this website, on and from 1 July 2016, all references to "National E-Health Transition Authority" or "NEHTA" will be deemed to be references to the Australian Digital Health Agency. PCEHR means the My Health Record, formerly the "Personally Controlled Electronic Health Record", within the meaning of the My Health Records Act 2012 (Cth), formerly called the Personally Controlled Electronic Health Records Act 2012 (Cth).

Stay Connected

with the Australian Digital Health Agency

Register to download resources and keep informed of the latest Developer News.


Back to Top