PKI policy documents

Before you apply for your Medicare Public Key Infrastructure (PKI) certificate read:

SHA-1 Certificate Policy and Certification Practice Statements

• Root Certification Authority Certificate Policy v2.6 2011
• Root Certification Authority Certification Practice Statement v2.5 2011
• Organisation Certification Authority Certification Practice Statement v2.5 2014.

SHA-2 Certificate Policy and Certification Practice Statements

• Root Certification Authority Certificate Policy v2.8 2017
• Root Certification Authority Certification Practice Statement v2.7 2017
• Organisation Certification Authority Certification Practice Statement v2.8 2018.

Terms and Conditions

• Public Key Infrastructure Site Certificates Terms and Conditions of Use
• Public Key Infrastructure Individual Certificate Terms and Conditions of Use.

You may also find it useful to read the Department of Human Services Public Key Infrastructure (PKI) glossary, February 2018.

If your organisation is applying for a Human Services PKI site certificate, read our Public Key Infrastructure Site Certificates Terms and Conditions of Use. This applies to all the claiming organisation certificates listed below.

Health care sites applying for a SHA-1 site certificate, read the Community of Interest Certificate Policy for Site Certificates v2.2 2011.

Health care sites applying for a SHA-2 site certificate, read the Communities of Interest Certificate Policy for Site Certificates for website transaction v1.0 2016.

Pharmacies and Pharmaceutical Benefits Scheme (PBS) sites applying for a SHA-1 site certificate, read the Community of Interest Certificate Policy for Pharmacy and Pharmaceutical Benefits Scheme Site Certificates v2.9.

Pharmacies and PBS sites applying for a SHA-2 site certificate, read the Community of Interest Certificate Policy for Approved Supplier and PBS Site Certificates for website transactions v1.0 2016.

Healthcare Provider Organisations applying for a:

• SHA1 NASH PKI organisation certificate, read the Community of Interest Certificate Policy for the National Authentication Service for Health PKI Certificate for Healthcare Provider Organisations v2.5 2021.
• SHA2 NASH PKI organisation certificate, read the Community of Interest Certificate Policy for the digital National Authentication Service for Health Public Key Infrastructure Certificate for Healthcare Provider Organisations v1.0 2018.

You also need to read the:

• National Authentication Service for Health Public Key Infrastructure Relying Party Agreement.
• National Authentication Service for Health Public Key Infrastructure Certificate for Healthcare Provider Organisations Terms and Conditions of Use.

If you’re a contracted service provider or part of a General Supporting Organisation, read the:

• Community of Interest Certificate Policy for Healthcare Provider Organisations.
• National Authentication Service for Health Public Key Infrastructure Relying Party Agreement.
• National Authentication Service for Health Public Key Infrastructure Certificate for Healthcare Provider Organisations Terms and Conditions of Use.
• For contacted service providers, the Terms and Conditions of Use attached to the back of the HI Service - My Health Record system - Application to register a Contracted Service Provider organisation record form (HW012).
• For general supporting organisations, the Terms and Conditions of Use attached to the back of the HI Service - Application to register a General Supporting Organisation form (HW013).

The below PKI certificate policies relate to PKI certificate types no longer issued. They are listed for historical purposes only:

• Community of Interest Certificate Policy for Site Certificates 2007.
• Community of Interest Certificate Policy for Healthcare Individual Certificate 2013.
• Community of Interest Certificate Policy for Pharmacy and Pharmaceutical Benefits Scheme Site Certificates 2011.
• Healthcare Identifiers (HI) Network Organisations, read the Community of Interest Certificate Policy for Network Organisations under the Healthcare Identifiers Service (HI Service) Site Certificates 2010.
• Healthcare Provider Identifier - Individual (HPI-I) via Data Source, read the Community of Interest Certificate Policy for Individual Certificates for Healthcare Providers Individuals via data source (HPI-DS) for Healthcare Identifiers Services (HI Service) 2016.
• Authorised Organisation Maintenance Officers (OMOs) in the HI Service, read the Community of Interest Certificate Policy for Individual Certificates for an Authorised Organisation Maintenance Officer (OMO) under the Healthcare Identifiers Service (HI Service) 2016.
• Community of Interest Certificate Policy for the National Authentication Service for Health PKI Certificate for Individual Healthcare Providers 2016.
• National Authentication Service for Health Public Key Infrastructure Relying Party Agreement.
• National Authentication Service for Health Public Key Infrastructure Certificate for Healthcare Provider Organisations Terms and Conditions of Use 2018.
• Australian Government Department of Human Services Community of Interest Certificate Policy for the National Authentication Service for Health Public Key Infrastructure Certificate for Healthcare Provider Organisations.
• Community of Interest Certificate Policy for the National Authentication Service for Health Public Key Infrastructure Certificate for Supporting Organisations v1.4 2018.
• Community of Interest Certificate Policy for the National Authentication Service for Health Public Key Infrastructure Certificate for Supporting Organisations v1.0 2018.
• National Authentication Service for Health Public Key Infrastructure Relying Party Agreement.