Skip to main content

NASH Enhancement

Published 21 September 2021

National Authentication Service for Health (NASH) Certificates will be transitioning from SHA-1 (Secure Hash Algorithm 1) to SHA-2.


From 14 March 2022, healthcare provider organisations will require a NASH SHA-2 Public Key Infrastructure (PKI) Certificate compatible software for digital health services such as My Health Record, Secure Messaging, Electronic prescriptions, and Healthcare Identifier Services.

Currently, NASH Certificates are issued as NASH-SHA-1 Certificates, but SHA-1 Certificates will no longer be issued after 13 March 2022.

From 14 March 2022:

  • all certificates that are issued will be NASH-SHA-2 and practices will require SHA-2 compatible software
  • Medicare Site Certificates will no longer be issued. All users of Medicare Online, Electronic Claim Lodgement and Information Processing Service Environment (ECLIPSE), PBS online, and Aged Care online must use web services compatible software.

NASH certificates renewed after 16 May 2021 will have two years until they expire, so practices can use these certificates until their expiry dates.

From 20 September 2021, providers may request either SHA-1 or SHA-2 Certificates, depending on their software. All certificates issued from 14 March 2022 will be SHA-2 certificates.

From 20 September 2021, NASH-SHA-2 Certificates will be available to request and for download in Healthcare Provider Online Services (HPOS). In anticipation of the transition, healthcare provider organisations are encouraged to review any notices from their software provider regarding NASH-SHA-2 readiness.

If you are renewing your existing NASH Certificates after 20 September 2021, you will receive either a SHA-1 or SHA-2 Certificate based on whether your software version is SHA-2 ready.

NASH Enhancements

When renewing the NASH certificate via HPOS after 20 September 2021, select the software product from the drop-down list. If your software is listed there, you can request NASH-SHA-2 certificates provided your software version isn’t older than the version listed there.

If your software version is older, update your software to the latest version before requesting a NASH-SHA2 certificate.

If your software is not listed in the drop-down menu, this indicates the software product is not yet SHA-2 ready. Proceed with renewing the existing SHA-1 certificate before it expires in HPOS. To do this, select ‘I cannot select a product because: My product is not available’ in the list, and HPOS will automatically allocate a SHA-1 certificate.

For more information, visit

You can check the expiry date of a NASH certificate, request, renew, and download an updated version in HPOS. To do this:

  • your Organisation Maintenance Officer (OMO) needs to login into PRODA – HPOS
  • go to services ‘My Programs’
  • click on Healthcare Identifiers and click on the ‘My Health Record’ tab
  • select Healthcare Identifiers, then Manage existing records
  • select your Organisation – My Organisation Details
  • click on the Certificates tab.

Last updated: 24 February 2022