What's new?

September 2010

Health professionals can stay up-to-date with Forum. The spring edition is available online now.

Website Feedback

Send feedback about our website

HPOS Logon

Systems logon

Popular downloads

PKI Frequently Asked Questions (FAQs)

What is PKI?
What does PKI do?
Why should I use PKI?
What type of PKI certificates does Medicare Australia issue?
How do I register for PKI?
What types of Evidence of Identity (EOI) documents can I use?
What is an acceptable referee and what is their role?
Who is classified as an acceptable referee?
How do I use my PKI Individual Key?
How do I use my PKI Site Key?
Does my PKI Certificate expire?
What if my key is lost, stolen or access is compromised?
Who can I speak to if I require further assistance?

What is PKI?

Public Key Infrastructure (PKI) is a set of procedures and technology that provides security and confidentiality for electronic business.

PKI has been adopted by the Australian Government to provide a robust system of security for online health transactions.

What does PKI do?

PKI is a combination of software, hardware, network services and management techniques (policy and procedures) that work together to provide a web of "trust" that enables the secure exchange of data.

Why should I use PKI?

PKI enables the secure exchange of data and has been adopted by the Australian Government to provide a robust system of security for online health transactions.

What type of PKI certificates does Medicare Australia issue?

Medicare Australia issues two kinds of PKI certificates:

Individual Certificate
Site Certificate

Individual Certificates are used to transfer encrypted information. They can produce an electronic signature that is equivalent to your hand written signature. Individual certificates provide authentication, confidentiality, integrity and enable the recipient of the message to know that it has been sent by the sender.

Individual certificates are issued on tokens, usually this is a smartcard but a portable USB drive can be issued on request.

Site Certificates allow a number of people at the same location to sign and encrypt messages on behalf of the site. This certificate provides confidentiality, authentication and integrity of the information that is transmitted. Between location and/or healthcare professions, site certificates are issued on a CD.

Please Note: You will find enclosed instructions on how to install your certificate access to HPOS and a fact sheet on how to change your password.

How do I register for PKI?

To register for a Medicare Australia Individual or Site certificate you must review and meet the certificate pre-application checklist, complete and submit the relevant application form and certified copies of Evidence of Identity (EOI) documents. You will also need to complete an Acceptable Referee Identification Form (ARIF).

View the certificate pre application check list.

To complete the relevant registration and ARIF’s for Individual and Site Certificates, go to Registration forms for online business.

What types of Evidence of Identity (EOI) documents can I use?

Evidence of Identity for Medicare Australia PKI Certificates leverages the Department of Finance and Deregulation’s (DoFD) Evidence of Identity Policy under the Gatekeeper PKI Framework.

Please refer to the information below to meet this requirement.

Option 1

ONE Category A document establishing evidence of commencement of identity in Australia; AND
ONE Category B document establishing a linkage between Identity and Person (photo and signature)

Option 2

TWO Category B documents establishing a linkage between Identity and Person (photograph and signature); AND
ONE Category C document establishing the operation of that identity in the community.

Objective	Documents satisfying the objective
Category A Evidence of commencement of identity in Australia (Mandatory)	Birth certificates (issued by BDM) Record of Immigration Status: Foreign Passport and current Visa Travel Document and current Australian Visa Certificate of Evidence of Residence Status Citizenship Certificate
Category B Linkage between Identity and Person (Photo and Signature) (Mandatory)	Australian Drivers Licence (current and original) Australian Passport (current) Firearms Licence (current and original) Foreign Passport Current commonwealth or state public service ID card with photo and signature
Category C Evidence of Identity Operating in the Community (could be another Category A or B document)	Medicare Card Change of Name Certificate – Non Standard POI – (for marriage or legal name change – showing link with previous name/s) Credit or Account Card or bank passbook Centrelink or Department of Veterans Affairs card Security guard/Crowd control Licence BDM Issued Marriage Certificate Tertiary ID Card (less than one year old and issued by an Australian university only) Australian Exam Report (persons under 16 years of age only) Australian Record of Achievement (persons under 16 years of age only) Australian Secondary School Exam Certificate (persons under 16 years of age only) Certificate of Trusteeship Council rates notices (where name and address match those on the application form Letter from employer (current or within last two years) Telephone directory (verified by telephone call) (where name and address match the application form) The Electoral Roll
Category D Evidence of residential address (Used only to provide evidence of residential address if not provided by a Category B or C document)	Utilities notice Rent details A bank account statement less than one year old (where name and address match the application form) A building society statement less than one year old (where name and address match the application form) A credit union account statement less than one year old (where name and address match the application form) A financial institution statement less than one year old (where name and address match the application form) Council rates notices (where name and address match those on the application form) Title or deed to real estate, or registered mortgage papers on a home or property

What is an acceptable referee and what is their role?

An acceptable referee is an individual who is responsible for ensuring that the originals of all documents presented to them by the applicant are copies of originals and certified by signing each of the documents with the statement ‘This is a true copy of the original as suppled by me.’

Who is classified as an acceptable referee?

Any one of the following listed individuals are classified as acceptable referees.

A member of the Institute of Chartered Accountants in Australia, Australian Society of Certified Practising Accountants or the National Institute of Accountants
A member of a municipal, city, town, district or shire council of a State or Territory
A legal practitioner of a Federal, State or Territory court
A registrar, clerk, sheriff or bailiff of a Federal, State or Territory court
An individual registered or licensed as a dentist, medical practitioner, pharmacist or veterinary surgeon under a law of the State or Territory providing for that registration or licensing
An individual who holds the position of nursing sister and is registered as a nurse under a State or Territory law providing for that registration
A judge or master of a Federal, State or Territory court
A stipendiary magistrate of the Commonwealth or of a State or Territory
A Justice of the Peace of a State or Territory
A member of Parliament or a State Parliament
A member of the Legislative Assembly of the Australian Capital Territory, the Northern Territory or Norfolk Island
A member of the Australian Federal Police, or of the police force of a State or Territory, who, in the normal course of their duties, is in charge of a police station
A manager of a Post Office
An individual employed as an officer or employee by one or more of the following:
- the Commonwealth, a State or Territory;
- an authority of the Commonwealth, a State or Territory; or
- a local government body of a State or Territory; who has been so employed continuously for a period of at least 5 years, whether or not the individual was employed for part of that period as an officer and for as an employee

An individual employed as a full time teacher or as a principal at an educational institution and has been so employed continuously for a period of at least 5 years
An individual who, in relation to an Aboriginal community is recognised by the members of the community to be a community elder or if there is an elected Aboriginal council that represents the community, is an elected member of that council
A Commissioner of Oath of a State or Territory

How do I use my PKI Individual Key?

If you have applied for a PKI Individual key, you are the owner and thus responsible for the use/management and secure storage of this key.

Please ensure this key is kept with you.

This key can be used anywhere access to the internet is available. For example: A locum GP may use their individual PKI from any location where they practice.

How do I use my PKI Site Key?

The Duly Authorised Officer (DAO) is responsible for the PKI Site key.

The PKI Site key must remain at the Location at all times.

Does my PKI Certificate expire?

Medicare Australia PKI Individual and Site Certificates have a 5 year life cycle.

After this time period, the applicant will need to renew their application for registration.

What if my key is lost, stolen or access is compromised?

You must notify Medicare Australia as soon as possible and complete the Revoke and Re-issue form.

Medicare Australia will revoke your PKI and re-issue you new access.

Who can I speak to if I require further assistance?

If you require further assistance, please contact the PKI eBusiness Centre on:

Ph: 1800 700 199
Email: pki@medicareaustralia.gov.au

Last updated: 1 September, 2010