National Authentication Service for Health (NASH) SHA-1 to SHA-2 transition

If your organisation uses a NASH SHA-1 certificate, you needed to update to a NASH SHA-2 by 31 December 2022, to comply with the Australian Government cyber security requirements. 

You can request a SHA-2 certificate via HPOS, but only if your software is NASH SHA-2 ready. Check this NASH SHA-2 Readiness Register to check if your software version is ready for SHA-2.  

Your NASH certificate allows your organisation to access digital health services such as: 

  • Electronic prescribing 
  • My Health Record 
  • Secure messaging 
  • Healthcare Identifiers (HI) Service. 

It supports your organisation to authenticate and securely access digital health services, digitally sign documents (and other transactions), and encrypts health information for secure exchange. 

Diagram: National Authentication Service for HealthIf your NASH certificate is not updated to SHA-2, you will not be able to access digital health services and tools. You must update and install your new certificate before 31 December 2022 if you are still on SHA-1 please contact us for assistance asap.  

If you’re unsure which certificate you have, follow these instructions to check your NASH certificate details and follow these steps to revoke your NASH SHA-1 and request a NASH SHA-2 if required.  

If you require assistance or would like further information, please contact the Primary Care and Digital Support team at

Share this article