Healthcare Identifiers User Guide
Healthcare Identifiers User Guide
Healthcare Identifiers User Guide
User Guide
This guide is for health professionals and organisations looking to participate, or who are currently participating, in the
Healthcare Identifiers (HI) Service.
In this guide:
• What are healthcare identifiers?
• Why use healthcare identifiers?
• Who operates the HI Service?
• Registering in the HI Service
− Individual healthcare providers
− Healthcare provider organisations
− Contracted service provider organisations
• Electronically accessing healthcare identifiers
• The Healthcare Provider Directory
• Things to be aware of when accessing the HI Service
• Roles in the HI Service
• The My Health Record system
• More information
Healthcare identifiers are unique 16 digit numbers that identify individual healthcare providers, healthcare provider organisations
and individuals receiving healthcare.
1. Individual Healthcare Identifier (IHI)—identifies a patient (individual) receiving healthcare. An IHI uniquely identifies
individuals who receive healthcare, including Australian citizens, permanent residents and visitors to Australia.
2. Healthcare Provider Identifier–Individual (HPI–I)—identifies an individual healthcare provider who provides healthcare,
such as general practitioners, allied health professionals, specialists, nurses, dentists and pharmacists, among others.
3. Healthcare Provider Identifier–Organisation (HPI–O)—identifies the healthcare provider organisation where healthcare is
provided, such as hospitals, medical practices, pathology or radiology laboratories and pharmacies.
Healthcare identifiers can be used in health related information to clearly identify the patient, the treating health professional and
the organisation where healthcare is provided. This helps reduce the potential for mix-ups with healthcare related information
and communication, and gives confidence that the right information is being associated with the right individual.
Healthcare identifiers are also the foundation for other government initiatives, such as the My Health Record system.
The HI Service is operated by the Department of Human Services (the department). As the HI Service operator, the department
has the responsibility to:
• process registrations for healthcare provider organisations and individual healthcare providers not registered with the
Australian Health Practitioner Agency (AHPRA)
• disclose individual healthcare identifiers to healthcare providers in line with legislative safeguards
• operate and maintain the HI Service IT systems, including the Healthcare Provider Directory (HPD)
• answer general enquiries from the public about the HI Service
• provide helpdesk services to HI Service users, and
• ensure accuracy and security of the national database.
To get healthcare identifiers of patients, individual healthcare providers and healthcare provider organisations need to register in
the HI Service and be assigned a healthcare identifier. Forms are available at humanservices.gov.au/hiservice.
Information in the HI Service can be maintained electronically. You can search for other healthcare provider identifiers through
HPOS or compatible software. Electronic searching and retrieval of healthcare identifiers for health care recipients can only be
done through HI Service compatible software. Contact your software vendor for more information about the software you might
need for this.
To access the HI Service electronically, individual healthcare providers, healthcare provider organisations and CSP
organisations need the appropriate Department of Human Services Public Key Infrastructure (PKI) certificate. A PKI certificate
allows you to securely send and receive electronic information.
There are two types of PKI certificates used to access the HI Service:
• Department of Human Services PKI Individual Certificate - for ROs, OMOs and individual healthcare providers.
• Department of Human Services PKI Site Certificate - for authorised employees and CSP officers accessing the HI
Service.
A PKI certificate is not automatically issued when registering in the HI Service. If you already have a PKI Individual Certificate or
the organisation has a PKI Site Certificate used for Medicare business, you can request to have these existing certificates linked
to the HI Service record in the HI Service. If you do not have an existing PKI certificate, you can apply for one when registering
in the HI Service, or request one at a later time by filling out 3054 – Application to request or update a PKI certificate form
at humanservices.gov.au/hiservice.
These individual and site PKI certificates cannot be used to access the My Health Record system. You need to apply for a
National Authentication Services for Health (NASH) PKI certificate. Visit humanservices.gov.au/nash for more information.
The HI Service also includes the Healthcare Provider Directory (HPD). The HPD is a consent-based directory of individual
healthcare providers and healthcare provider organisations registered in the HI Service.
The HPD helps healthcare providers to quickly search for and find other healthcare providers and organisations. It aims to
facilitate communication between them by providing a reliable source of identifying information, including contact, location and
service details.
If an individual healthcare provider consents, an OMO can link them to a healthcare provider organisation. This will allow others
who use the HPD know who works at what organisation. There is no limit on the number of individual healthcare providers that
can be linked to a healthcare provider organisation or vice versa. However, when the individual healthcare provider withdraws
consent or finishes work at the organisation the link must be removed.
We recommend reading the Healthcare Identifiers Act 2010 (the Act) and the Healthcare Identifiers Regulations 2010
on comlaw.gov.au for a full understanding of the legal requirements for healthcare providers and penalties that can be imposed
under the Act.
A healthcare identifier is not a health record. The information held by the HI Service is limited to demographic information (such
as name, date of birth and sex) which is needed to uniquely identify individuals and healthcare providers.
IHIs don’t replace Medicare numbers—individuals still need to use their Medicare card to claim benefits.
An individual doesn’t need their IHI to access healthcare services and shouldn’t be refused treatment if they don’t have an IHI, a
matching IHI can’t be found in the HI Service or if the individual chooses to seek care anonymously.
If you know an individual’s details are out-of-date and they’re enrolled in Medicare, encourage them to update their details with
us.
If you suspect an individual has multiple IHIs and is not aware of it, tell us. We will check with the individual first before any
changes to their IHIs are made.
Penalties for unauthorised access apply under the Act. Each time an IHI is searched and retrieved by healthcare providers and
their employees, the details of the healthcare provider and who requested it is recorded in an audit log. Individuals who are
registered for a Medicare account can access and view their history online.
There are five roles in the HI Service. What individual healthcare providers and representatives of healthcare provider
organisations can do in the HI Service depends on the role they’re acting in. They may act in one or more of these roles,
depending on their duties and the healthcare provider’s requirements. They can access the HI Service over the phone or
electronically.
Responsible officer (RO) - typically this is a position similar to a Chief Executive Officer, and held by a practice principal or
owner of the organisation. The RO is responsible for a seed organisation’s interaction with the HI Service. Their main
responsibility is to make sure the seed organisation, its network organisations and authorised employees comply with the
Healthcare Identifiers Act 2010 and the Healthcare Identifiers Regulations 2010. A RO should be familiar with both.
A RO’s other responsibilities:
• provide the HI Service operator with relevant documentation to show the organisation is eligible to participate in the HI
Service;
• be accountable for all organisations and employees in the seed organisation’s hierarchy, including violations and breaches
• register and link at least one OMO to the seed organisation; and
• create and manage links between their organisation and a contracted service provider (CSP) organisation if required.
An individual can be registered as a RO on the HW018 - Application to Register a Seed Organisation form, or later as a
replacement RO of an existing seed organisation. A RO can also act in the capacity of an OMO.
As the organisation’s RO, an individual can also act as a RO for the My Health Record system. For more information on the My
Health Record, visit myhealthrecord.gov.au.
Organisation maintenance officer (OMO) - typically a practice manager or practice reception staff. The OMO is responsible
for keeping information about their organisation in the HI Service system up-to-date and making sure information about
authorised employees is maintained. A seed organisation must have at least one OMO and can have as many as needed.
Duties of an OMO:
• create network organisations below the seed organisation they represent
• register other OMOs to help maintain organisational information
• change links for other OMOs or link individual healthcare providers to organisations in their hierarchy
• update the organisation’s information in the HPD
• create and manage links between their organisation and a CSP organisation if required
• search for healthcare identifiers of other healthcare providers, and
• maintain a list of authorised employees within their organisation who can access the HI Service.
Organisation details can be managed:
• through HPOS at humanservices.gov.au/hpos;
• via compatible practice software;
• by completing the appropriate form at humanservices.gov.au/hiservice;
• by calling the HI Service operator on 1300 361 457*.
There may be authorised employees working at the healthcare provider organisation who search for and retrieve IHIs from the
HI Service as part of their job.
Authorised employee - an employee within an organisation, such as a practice manager or hospital desk clerk, who retrieves
IHIs for their organisation’s patients from the HI Service.
Responsibilities of authorised employees may include verifying patient information, including existing patients’ IHIs, searching
for and retrieving IHIs of new patients and notifying the HI Service when a patient dies.
An authorised employee does not have to register in the HI Service, however a list of the organisation’s authorised employees’
details must be maintained by the OMO.
Individual healthcare provider - provides healthcare services to the public. They are able to add and maintain some
healthcare identifier details in the HI Service, and also search for IHIs of patients they are providing healthcare to.
An individual healthcare provider can:
• search for, retrieve and use IHIs of their patients in healthcare related management and communication;
• create unverified and provisional IHIs in the HI Service using practice management or patient administration software
developed and approved to interact with the HI Service; and
• search for, and retrieve healthcare identifiers and details of other healthcare providers and organisations listed in the HI
Service to securely send health information such as discharge summaries, test requests or referrals.
Individual healthcare providers registered with AHPRA are automatically assigned a HPI–I by the agency. Individual healthcare
providers not registered with AHPRA, such as a dietician or social worker, can apply for a HPI–I directly to the HI Service
operator by filling out the 2977 – Application to Register a Healthcare Provider form available
at humanservices.gov.au/hiservice.
Contracted service provider (CSP) officer - an employee of a CSP organisation that provides IT services under contract to a
healthcare organisation relating to the management and/or communication of healthcare information.
A CSP officer is responsible for making sure the CSP organisation’s information is up-to-date and correct in the HI Service
system. Duties may also include:
• registering other CSP officers, and
• organising searches for IHIs of patients of the healthcare organisation they are acting on behalf of.
When a CSP organisation record is created it will automatically be set to ‘deactivated’ until a RO of a healthcare provider
organisation creates a link to the CSP organisation. Until this link is created, a CSP organisation can’t access the HI Service.
A CSP officer is nominated on the HW012 - Application to Register a Contract Service Provider Organisation Record form
available at humanservices.gov.au/hiservice.
The My Health Record system is a secure electronic summary of an individual’s health information that can be accessed by the
individual, their representatives and healthcare providers involved in the individual’s care. With the individual’s consent,
authorised healthcare providers will have access to a summary of the individual’s health information, helping improve treatment
decisions and continuity of care. Healthcare providers must be registered in the HI Service before they can participate in the My
Health Record system.
Registering for a My Health Record is voluntary and has no effect on an individual’s entitlement to medical treatment or
Medicare benefits.
For information on how to register for and access the My Health Record system go to myhealthrecord.gov.au.
MORE INFORMATION
Online: humanservices.gov.au/hiservice
Email: healthcareidentifiers@humanservices.gov.au
Call: 1300 361 457*