NASH PKI SHA-1 certificates

The Australian Digital Health Agency has been working closely with Services Australia and the medical software industry to upgrade the National Authentication Service for Health (NASH). 

To enhance security when accessing digital health services, all organisations should have transitioned to a software version that can support NASH PKI SHA-2 certificates before 31 December 2022. However, if you have not yet completed this transition, please contact your software vendor.
If you need an interim NASH PKI SHA-1 certificate before your software is updated, you must follow the instructions below.

How to request an interim NASH PKI SHA-1 certificate

1. Download the Interim NASH SHA-1 approval form (PDF, 357.8 KB) and submit the completed form to the Australian Digital Health Agency at [email protected] 
2. After you receive an approved application from the Australian Digital Health Agency, download and complete the NASH PKI request form (PDF, 137.85 KB) and submit both forms, along with your approved application, to Services Australia at [email protected]
3. Services Australia will issue your organisation with a NASH PKI SHA-1 certificate. Your Organisation Maintenance Officer (OMO) will receive a text message with Personal Identification Code (PIC) when the NASH PKI SHA-1 certificate is ready for download.
4. Install your interim NASH PKI SHA-1 certificate into your clinical information system. This process will depend on your chosen software product. Please contact your software provider for support.

What to do when your software is SHA-2 ready

Once your organisation’s Clinic Information System (CIS) is SHA-2 ready, you will be able to replace your interim NASH PKI SHA-1 certificate with a NASH PKI SHA-2 certificate. For more information, please visit the National Authentication Service for Health (NASH) page.