There have been a couple of articles appear on the NASH Tender and related matters today.
First we have:
Health minister Nicola Roxon says e-health safeguards are in place
- Karen Dearne
- From: The Australian
- September 21, 2010
HEALTH Minister Nicola Roxon has rejected suggestions key patient protections are not yet in place.
The Healthcare Identifiers service went live in July after the rushed passage of new laws in parliament in June.
Doubts emerged about the readiness of the underpinning authentication, secure messaging and audit capabilities when an Audit Office report found GPs had been paid $83 million in the past year to use a messaging standard that did not exist.
GPs also had to obtain digital certificates from Medicare, although these could not be used for authentication purposes.
The auditor found the National E-Health Transition Authority had not finalised the messaging standard until March this year, and Medicare's certificates were designed for electronic claiming only.
Last week NEHTA issued a tender for the National Authentication Service for Health (NASH) -- intended to support the launch of the identifiers service -- admitting the design and build would be done by the private sector.
While Ms Roxon, NEHTA, Health and Medicare officials all pointed to NASH as evidence of stronger security for patient information during consultations on the HI framework, it is unclear whether these protections are in place.
A spokeswoman for Ms Roxon said it was incorrect to suggest the key authentication, secure messaging and audit-trail functions did not exist.
"All necessary capabilities were in place to support the HI service from the outset," she said.
"While originally designed for (business) communication with Medicare, its PKI (public key infrastructure) is appropriate to encrypt messages and provide the required level of security.
"There are already 17,000 Medicare certificates in use, and this supports the tough penalties in the legislation (for misuse of HI information)."
and second we have:
Smartcard tender issued for National Authentication Service for Health
- Karen Dearne
- From: The Australian
- September 21, 2010
A SMARTCARD and a public key infrastructure tender has been issued for the National Authentication Service for Health.
And NEHTA is "moving on" from problems and delays over the project.
Almost three years after Deloitte recommended the NASH be put to commercial tender, the National E-Health Transition Authority admitted the project was beyond them and preferred partner, Medicare.
NEHTA head of infrastructure services Stephen Johnson said NASH would underpin authentication of users beyond the Healthcare Identifiers service now being established.
With all this appearing I thought it would be interesting to look at the scope of the actual tender.
Here is the very basic bits of the requirements (Page 14/15 of tender):
3 Statement of Requirements
It is proposed that the NASH project will include three main phases which are design, build, and operate. NEHTA is seeking Tenders which will address each of these phases and provide NEHTA with a fit-for-purpose solution(s).
NEHTA’s conceptual architecture (as depicted in Figure 4 in Section 6.3) proposes a number of Capabilities for the NASH.
NEHTA’s delivery priorities are designing, building and operating the Credential Management Services followed by Token Management Services (including Smartcard build and integration).
It is intended that the end-to-end NASH capabilities will be fully implemented by 30 June 2012.
These Capabilities are:
The Services Catalogue
The NASH Services Catalogue will publish all Services available in the NASH.
Management and Workflow
The Management and Workflow will manage and co-ordinate all requests from the different services, devices and systems for the provision and management of credentials and tokens.
Credential Management Services
The Credential Management Services will generate and manage NASH credentials including credential types, credential validation and lookup interfaces, credential request and management interfaces, subscribing entity access standards, operating systems, and applications.
Token Management Services
The Token Management Services will be responsible for the personalisation and branding of NASH tokens and support token lifecycle operations including the management of token types, token request and management interfaces, token holder access standards, operating systems and applications.
Identity Management Services
The Identity Management Services will manage the authentication of every participant within the NASH Communities of Interest who accesses the NASH Services.
The Fulfilment Services will be responsible for the despatch and delivery of NASH credentials, tokens and token readers.
Reporting and Audit Services
The Reporting and Audit Services will provide internal and external billing and management reporting, compliance and audit capabilities for the NASH Services; and
The Service Desk will provide a centralised helpdesk and support functions for participants within the NASH Communities of Interest.
Tenderers are invited to submit Tenders for provision to NEHTA of one or more of the phases and/or Capabilities:
1. Design – is the activity that defines the components that will be built and implemented to meet the requirements of the NASH;
2. Build – is the activity that creates and constructs the authentication services that will be operated; and
3. Operate – is the activity that includes the day-to-day operation and management of the NASH including the supply of secure tokens and supporting infrastructure.
The full list of detailed functional, technical and non-functional requirements for these phases and Capabilities is included in Sections 6 and 7 of this document.
---- End Extract.
Also important is this table:
Appendix D: Demand Forecast
The following tables provide an estimate of the number of Subordinate Certification Authorities, Subscribing Entities, Credentials, and Secure Tokens that will be required over the first five years of NASH operations.
Table 6 is based on the number of new entities that will join NASH each year and the following assumptions:
1. Each subscribing entity will be issued with a single secure token that contains two credentials. It will be possible for subscribing entities to be issued with credentials only but this use case has not been specifically included as it seen as a minor use case so far as creating demand for credentials is concerned;
2. Each year 10% of the tokens, and credentials, in circulation from the previous years will need to be replaced due to loss, theft, or malfunction;
3. Tokens are expected to have a lifetime in excess of five years; and
4. Credentials will have a lifetime of five years.
Table 7 provides the cumulative totals for each year of operation. This includes an estimate of the number of times a day a relying party may wish to obtain the public key certificate of and/or validate the status of a credential. Tenderers should prepare cost estimates based on the following but keep in mind that actual demand may differ significantly from the estimates provided.
----- End Extract
The tables (which are a bit hard to reproduce on the blog) show the following over a 5 year period - which presumably begins once the system is operational from ‘end to end’ in June 2012 - runs over 5 years and shows:
Subscribing Entities rising from 5,000 to 250,000
Credentials Managed rising from 10,000 to 500,000
Subordinate Certification Authorities rising to 5 from 0.
Transactions rising from 50,000 per day to 5,005,000 per day.
If you take a moment to read the capabilities at 3.1 you will see this is really a ‘gigantic’ national project which will be ramped up over 5 years and which will presumably then grow to being able to provide credentials and authentication for pretty much all professional health sector staff.
Just how much nonsense was provided to the Australian by Ms Roxon’s spokeswoman is obvious when you think to ask the question that ‘if Medicare PKI is good enough, just why is such a huge project necessary?’
The answer is obvious. What is in place for the HI Service is only good enough while essentially no-one is using it! I do recognise NASH will assist other areas but we are repeatedly told the HI Service is foundational.
I look forward to knowing just what NEHTA has budgeted for delivery and maintenance and just where these funds are coming from! I anticipate a little ‘sticker shock’ when the tenders are delivered.
One area of special interest, it is by no means clear how this service it to be integrated into the various applications that might want to use the credentials.
Additionally the governance proposed by NEHTA does not seem to recognise this is just a component of a much larger set of e-Health services which need overall, inclusive governance. general.
I have a very bad feeling about this whole endeavour - as it seems rather grandiose and overarching - again without a clear public cost benefit and business case being available so some rational assessment of just where we are heading and what we are letting ourselves in for.
I hope a full spectrum of overseas approaches to ‘skinning this cat’ have been explored before this tender was let out the door - or that the prospective tenders will steer things in minimally risky directions.
We shall all see I guess!