Development problems continue to dog NASH

This story first appeared in the April 2014 issue of Pulse+IT Magazine.

In March 2011, IBM Australia was awarded $23.6 million to build the National Authentication Service for Health (NASH), one of the foundations of the national eHealth system. In what has become a chequered journey, that first attempt at NASH failed, with Medicare Australia having to come to the rescue. Even now, however, problems remain.

It is a characteristic perhaps of the rushed nature of the roll-out of the PCEHR that IBM’s deadline for the delivery of the National Authentication Service for Health (NASH) was a mere week before the actual system went live to consumers.

As it turned out, IBM failed to deliver, the reasons for which have never been publicly explained and which remain under the cloak of confidentiality agreements. That wasn’t necessary a reason for halting the launch of the PCEHR, as clinicians couldn’t use the system on July 1 anyway, but it did point to a rocky road ahead for NASH.

Highlighted by NEHTA in a 2011 blueprint as one of the foundations of a national eHealth system, secure, trusted authentication is essential to ensure only those qualified to access medical information can do so.

DHS/Medicare was not asked to design a solution despite managing a Public Key Infrastructure (PKI)-enabled authentication system for online claiming for some years, the reasoning being that Medicare’s location certificates are often used by more than one clinician. At the time of the PCEHR build, they were also not supported by a smart card management system (SCMS).

While Medicare’s PKI location certificates were being used for secure messaging, according to NEHTA’s blueprint there was no national identity credential available that could be properly used to support NEHTA-compliant secure messaging standards.

In 2011, NEHTA issued a tender for an external organisation to build NASH, subsequently awarding the $23.6 million contract to design, build and operate it to IBM. Little else was heard until NEHTA CEO Peter Fleming was forced to confirm on June 18, 2012, that NASH would not be ready for the launch of the PCEHR on July 1. In October that year, NEHTA confirmed it had ”terminated” the contract with IBM.

In the meantime, arrangements were put in place to provide an interim NASH through Medicare. NASH certificates began to be issued in late August to healthcare providers and organisations who had registered for the system. These certificates enabled authorised clinicians to access the PCEHR through conformant clinical software, which ironically had not yet been rolled out.

To read the full story, click here for the April 2014 issue of Pulse+IT Magazine.

Posted in Australian eHealth

You need to log in to post comments. If you don't have a Pulse+IT website account, click here to subscribe.

Sign up for Pulse+IT eNewsletters

Sign up for Pulse+IT website access

For more information, click here.

Copyright © 2017 Pulse+IT Magazine
No content published on this website can be reproduced by any person for any reason without the prior written permission of the publisher.