Requirement 2 - Secure Messaging Capability

Contents:

See also:

Secure Messaging Capability

The intent of this requirement is to begin the process that will drive towards achieving a standards based and interoperable secure messaging environment within the health sector.

The practice must have a standards-compliant secure messaging capability to electronically transmit and receive clinical messages to and from other healthcare providers, use it where feasible, and have a written policy to encourage its use in place.

Source: http://www.medicareaustralia.gov.au/provider/incentives/pip/files/9977.pdf

The Secure Message Delivery (SMD) Australian Technical Specification published by Standards Australia defines a set of interfaces and associated applications ensuring that health information exchanged by healthcare providers is protected against malicious interference.  
Source: NEHTA website

Before you begin to use Secure Messaging

Ensure you have completed the guide Practice Incentives Program (PIP) eHealth Incentive Requirement 1 - Integrating Healthcare Identifiers into Electronic Practice Records, available from http://www.hcn.com.au/eHealth

Obtain a NASH PKI certificate for eHealth and secure messaging within two weeks of receiving your HPI-O (Requirement 1) or by 1 February 2013, whichever is later.

PKI Certificate  

Where to obtain PKI Certificate

Supported inMD/PS Version

PIP Incentive Requirement

HI Service PKI Certificate

  • HI Signing Certificate

  • HI Encryption Certificate

If you already have a PKI certificate for Online Claiming in Pracsoft, you can update by applying to include access to the HI Service.

http://www.medicareaustralia.gov.au/provider/health-identifier/index.jsp#N10271

MedicalDirector Clinical/PS 3.12.1b

or later.

Requirement 1

National Authentication Service for Health (NASH) PKI certificate

  • Secure Messaging Delivery (SMD)

  • My Health Record

http://www.medicareaustralia.gov.au/provider/vendors/pki/index.jsp#N1007A

 

MedicalDirector Clinical 3.14d Requirement 2 (SMD)

Requirement 5 (My Health Record)

 

 

 

By 1 February 2013, or within four weeks of having received your NASH PKI certificate, whichever is later:

Practices must have a standards-compliant product with secure messaging capability that is listed on the PIP eHealth Product Register for Secure Messaging (https://epipregister.NEHTA.gov.au/registers/securemessage delivery), or

Have written advice from a vendor listed on the PIP eHealth Product Register for Secure Messaging that their listed product will be available to the practice in order to meet the time frame outlined in Point 5 below.

 

Create a written policy for the Practice which encourages the use secure clinical document exchange.

Software product must be installed and configured in accordance with the Commissioning Requirements for Secure Message Delivery. For details of the Commissioning Requirements for Secure Message Delivery view the NEHTA PIP SMD Commission Requirements document. This step must be completed by 1st August 2013.

SMD-compliant Messaging Vendor

MedicalDirector has partnered with HealthLink which provide a FREE messaging service to GPs.  

For complete list of SMD-compliant messaging vendors, see https://epipregister.NEHTA.gov.au/registers/secure-message-delivery.

HealthLink

To verify that you have HealthLink installed:

Within Clinical, select Tools > Manage Communications. The Manage Communications window appears.

Select the Setup Data Transfer tab.

 

If you can see a registered path to the HealthLink configuration file (an example of which is shown above), you have HealthLink installed.

If you cannot see this file and path, please contact HealthLink for assistance.

Checklist

To ensure that your practice complies with Requirement 2 the following information must be ticked:

Practice must complete Requirement 1 - Integrating Healthcare Identifiers into Electronic Practice Records.

Practice has applied for the National Authentication Service for Health (NASH) PKI certificate for eHealth and secure messaging within two weeks of receiving its HPI-O (Requirement 1) or by 1 February 2013, whichever is later.

Practice has imported the NASH PKI Certificate.

By 1 February 2013, or within four weeks of having received your NASH PKI certificate, whichever is later:

  • Practices must have a standards-compliant product with secure messaging capability that is listed on the PIP eHealth Product Register for Secure Messaging (https://epipregister.NEHTA.gov.au/registers/securemessage delivery), or

  • Have written advice from a vendor listed on the PIP eHealth Product Register for Secure Messaging that their listed product will be available to the practice in order to meet the time frame outlined in the last check box below.

A written policy must be in place to encourage the use of standards-compliant secure messaging.

Practice can provide verification that the compliant product has been installed (e.g. HealthLink) and configured or has written advice that their product will be compliant within the time line for Secure Messaging Delivery (SMD) compliance. This step must be completed by 1st August 2013.