PKI certificate management

UPDATE – Advice from Services Australia (September 2021)

PKI certificate renewal – members receiving CDs by post

The Guild has been advised by Services Australia that a significant number of pharmacies are receiving CD Roms via the post with instructions to renew their PKI certificates.

For those pharmacies receiving CDs:

  • Please keep your PKI CD and Personal Identification Code (sent separately) in a safe place so it is retrievable when your dispensing software provider contacts your pharmacy to assist with the renewal of your pharmacy’s PKI certificate. The CD will be sent in plain packaging and may be addressed to the certificate manager or authoriser in the pharmacy who originally applied for the PKI certificate.

Services Australia is working with all pharmacy dispensing software providers to ensure PKI certificates are renewed before they expire. This is required to support pharmacy business continuity during the transition to Services Australia web services (via PRODA) and to ensure your pharmacy can continue to access the other services that it needs to, including the Health Identifier (HI) service and the Prescription Exchange Services.

Why Public Key Infrastructure (PKI) certificates are being renewed

While pharmacies are transitioning to PRODA, a significant number of pharmacy PKI Certificates need to be renewed to support the pharmacy’s access to (Services Australia) services until the 13 March 2022 web services completion deadline.

This is required as a significant number of PKI certificates expire on or before 13 March 2022, and the certificate is still required after 13 March 2022 for accessing other services including the Healthcare Identifiers Service (My Health Record) and the Prescription Exchange Services.

Key points for pharmacies

  1. PKI certificates are being renewed by Services Australia even if the pharmacy’s current certificate has not expired.
  2. Where possible, PKI certificates are being auto renewed by Services Australia (therefore not requiring any action by the pharmacy).
  3. PKI certificates that cannot be auto renewed by Services Australia will be mailed out on a CD to the pharmacy by post.
  4. The CD will be sent in plain packaging and may be addressed to the ‘certificate manager’ or ‘authoriser’ in the pharmacy who originally applied for the PKI certificate.
  5. With the assistance of your pharmacy’s software provider, the certificate should be installed as soon as possible to ensure business continuity, even if the pharmacy is transitioning to PRODA for claims and data transmissions.
  6. PKI Certificates expiring on and up to 13 March 2022 will be renewed and renewed certificates will have an expiry of June 2024.
  7. PKI certificates will continue to work with other services after March 2022 including the Healthcare Identifiers Service (My Health Record) and the Prescription Exchange Services.
  8. Services Australia has started the PKI renewal process now to ensure business continuity for pharmacies and other health professionals. As a result some pharmacies will receive a new certificate even if they have 6-9 months until their current certificate expires.
  9. Services Australia acknowledges the use of CDs is not ideal, however, this is the current system for distribution of Medicare/PBS PKI Certificates.
  10. Services Australia is working with the Australian Digital Health Agency and the Prescription Exchange Services (PES) on a roadmap for ensuring business continuity for Medicare/PBS PKI certificates beyond March 2022 and will update the Guild as this program of work continues.

PKI certificates – general information

Public Key Infrastructure (PKI) is the technology behind digital certificates. A digital certificate fulfills a similar purpose to a driver’s license or a passport – it is a piece of identification that proves identity and provides certain allowances. A digital certificate allows its owner to encrypt, sign, and authenticate.

PKI workflow diagram

PKI is the technology that allows the encryption of data, digitally sign documents, and authenticate yourself or business using certificates. PKI certificates use secure hash algorithm (SHA) technology to send secure messages and other transactions online.

For example, Healthcare providers including community pharmacies and supporting organisations must have a National Authentication Service for Health (NASH) PKI certificate to access the My Health Record system.

Services Australia PKI certificates expire every 2 or 5 years, depending on which policy a certificate was issued under. And some software automatically renews the PKI certificate.

If the pharmacy’s software doesn’t automatically renew its PKI certificate, Services Australia will send the pharmacy a letter and renewal instructions 60 days before the certificate expires.

Page last updated on: 08 September 2021