Common use of Subscriber Terms and Conditions Clause in Contracts

Subscriber Terms and Conditions. This agreement binds the Relying Party in addition to any terms and conditions that bind it as a Subscriber for a Certificate (Subscriber Terms and Conditions) and in addition to the applicable Certificate Policy. Authorised reliance A Certificate does not verify or represent that the Subscriber is a particular organisation or a particular individual. The meaning of a Certificate issued under a Human Services Health Sector PKI Certificate Policy is nothing more and nothing less than a statement expressed in a digital format of the fact that the Subscriber is recorded as being registered with the HI Service. A Certificate does not represent or verify that: the Subscriber has a particular identity (i.e. is a particular organisation or individual) the Subscriber or any of its personnel have particular qualifications or registrations other than with the HI Service, or the Subscriber is registered with the My Health Record system. The registration of a Subscriber's identity is a separate process undertaken only when a Subscriber first applies for a Certificate. The Relying Party may only rely upon a Certificate or digital signature generated using a Key attached to a Certificate for purposes authorised or approved by Human Services and published at xxxxxxxxxxxxx.xxx.xx, including as authorised by the Certificate Policy under which it was issued. Any other reliance is at the sole risk of the Relying Party. Without prejudice to the generality of that limitation, messaging between parties that is not authorised by the Certificate Policy is at the sole risk of those parties. Without limiting clause 7., Relying Parties must not use a XXXX PKI Certificate by itself, and must use means other than reliance on the XXXX PKI, to determine whether they will rely on the content of an electronic message or communication (including any Clinical statement or representation). Responsibility to take precautionary steps The Relying Party must (either itself or if it is a healthcare provider organisation through its Intermediary, if any) before relying on a Certificate (including a reliance for encryption purposes) or a digital signature generated using a Key attached to a Certificate: verify the validity of a Certificate (i.e. verify that the Certificate is current and has not been revoked, by checking the Certificate Revocation List or querying the OCSP Responder) check that the Subject of the Certificate identifies sending parties of an electronic communication who have used their Certificate for digital signing check that the Subject of the Certificate identifies receiving parties of an electronic communication who have had their Certificate used for digital encryption check that the intended use of the Certificate and digital signatures generated using Keys attached to the Certificate are for purposes authorised by the Certificate Policy under which it was issued. The Relying Party must act reasonably in all the relevant circumstances where relying on a Certificate or a digital signature generated using a Key attached to a Certificate, including taking reasonable precautionary steps to address risk to the Relying Party from this reliance. Without limiting this requirement, Human Services may choose to publish (and maintain) information about what it considers to be reasonable precautionary steps at xxxxxxxxxxxxx.xxx.xx/xxx If the Relying Party does not comply with clauses 9. and 10., any reliance upon a Certificate or a digital signature generated using a Key attached to a Certificate is solely at its own risk. Acknowledgement regarding compromised keys The Relying Party acknowledges that if a Private Key is compromised or stolen the messages sent and received using it will not be reliable or secure. Human Services cannot verify whether at any particular moment in time a Private Key has been compromised or stolen. The Relying Party must promptly notify Human Services in the event that it suspects that there has been a compromise of the Subscriber’s Private Key.

Subscriber Terms and Conditions. This agreement binds the Relying Party in addition to any terms and conditions that bind it as a Subscriber for a Certificate (Subscriber Terms and Conditions) and in addition to the applicable Certificate Policy. Authorised reliance A Certificate does not verify or represent that the Subscriber is a particular organisation or a particular individual. The meaning of a Certificate issued under a Human Services Health Sector PKI Certificate Policy is nothing more and nothing less than a statement expressed in a digital format of the fact that the Subscriber is recorded as being registered with the HI Service. A Certificate does not represent or verify that: the Subscriber has a particular identity (i.e. is a particular organisation or individual) the Subscriber or any of its personnel have particular qualifications or registrations other than with the HI Service, or the Subscriber is registered with the My Health Record system. The registration of a Subscriber's identity is a separate process undertaken only when a Subscriber first applies for a Certificate. The Relying Party may only rely upon a Certificate or digital signature generated using a Key attached to a Certificate for purposes authorised or approved by Human Services and published at xxxxxxxxxxxxx.xxx.xxxxxxxxxxxxxxxxxxx.xxx.xx, including as authorised by the Certificate Policy under which it was issued. Any other reliance is at the sole risk of the Relying Party. Without prejudice to the generality of that limitation, messaging between parties that is not authorised by the Certificate Policy is at the sole risk of those parties. Without limiting clause 7., Relying Parties must not use a XXXX PKI Certificate by itself, and must use means other than reliance on the XXXX PKI, to determine whether they will rely on the content of an electronic message or communication (including any Clinical statement or representation). Responsibility to take precautionary steps The Relying Party must (either itself or if it is a healthcare provider organisation through its Intermediary, if any) before relying on a Certificate (including a reliance for encryption purposes) or a digital signature generated using a Key attached to a Certificate: verify the validity of a Certificate (i.e. verify that the Certificate is current and has not been revoked, by checking the Certificate Revocation List or querying the OCSP Responder) check that the Subject of the Certificate identifies sending parties of an electronic communication who have used their Certificate for digital signing check that the Subject of the Certificate identifies receiving parties of an electronic communication who have had their Certificate used for digital encryption check that the intended use of the Certificate and digital signatures generated using Keys attached to the Certificate are for purposes authorised by the Certificate Policy under which it was issued. The Relying Party must act reasonably in all the relevant circumstances where relying on a Certificate or a digital signature generated using a Key attached to a Certificate, including taking reasonable precautionary steps to address risk to the Relying Party from this reliance. Without limiting this requirement, Human Services may choose to publish (and maintain) information about what it considers to be reasonable precautionary steps at xxxxxxxxxxxxx.xxx.xx/xxx xxxxxxxxxxxxxxxxx.xxx.xx/xxx If the Relying Party does not comply with clauses 9. and 10., any reliance upon a Certificate or a digital signature generated using a Key attached to a Certificate is solely at its own risk. Acknowledgement regarding compromised keys The Relying Party acknowledges that if a Private Key is compromised or stolen the messages sent and received using it will not be reliable or secure. Human Services cannot verify whether at any particular moment in time a Private Key has been compromised or stolen. The Relying Party must promptly notify Human Services in the event that it suspects that there has been a compromise of the Subscriber’s Private Key.

Subscriber Terms and Conditions. This agreement binds the Relying Party in addition to any terms and conditions that bind it as a Subscriber for a Certificate (Subscriber Terms and Conditions) and in addition to the applicable Certificate Policy. Authorised reliance A Certificate does not verify or represent that the Subscriber is a particular organisation or a particular individual. The meaning of a Certificate issued under a Human Services Health Sector PKI Certificate Policy is nothing more and nothing less than a statement expressed in a digital format of the fact that the Subscriber is recorded as being registered with the HI Service. A Certificate does not represent or verify that: the Subscriber has a particular identity (i.e. is a particular organisation or individual) the Subscriber or any of its personnel have particular qualifications or registrations other than with the HI Service, or the Subscriber is registered with the My Health Record system. The registration of a Subscriber's identity is a separate process undertaken only when a Subscriber first applies for a Certificate. The Relying Party may only rely upon a Certificate or digital signature generated using a Key attached to a Certificate for purposes authorised or approved by Human Services and published at xxxxxxxxxxxxx.xxx.xx, including as authorised by the Certificate Policy under which it was issued. Any other reliance is at the sole risk of the Relying Party. Without prejudice to the generality of that limitation, messaging between parties that is not authorised by the Certificate Policy is at the sole risk of those parties. Without limiting clause 7., Relying Parties must not use a XXXX PKI Certificate by itself, and must use means other than reliance on the XXXX PKI, to determine whether they will rely on the content of an electronic message or communication (including any Clinical statement or representation). Responsibility to take precautionary steps The Relying Party must (either itself or if it is a healthcare provider organisation through its Intermediary, if any) before relying on a Certificate (including a reliance for encryption purposes) or a digital signature generated using a Key attached to a Certificate: verify the validity of a Certificate (i.e. verify that the Certificate is current and has not been revoked, by checking the Certificate Revocation List or querying the OCSP Responder) check that the Subject of the Certificate identifies sending parties of an electronic communication who have used their Certificate for digital signing check that the Subject of the Certificate identifies receiving parties of an electronic communication who have had their Certificate used for digital encryption check that the intended use of the Certificate and digital signatures generated using Keys attached to the Certificate are for purposes authorised by the Certificate Policy under which it was issued. The Relying Party must act reasonably in all the relevant circumstances where relying on a Certificate or a digital signature generated using a Key attached to a Certificate, including taking reasonable precautionary steps to address risk to the Relying Party from this reliance. Without limiting this requirement, Human Services may choose to publish (and maintain) information about what it considers to be reasonable precautionary steps at xxxxxxxxxxxxx.xxx.xx/xxx If the Relying Party does not comply with clauses 9. 9 and 10., any reliance upon a Certificate or a digital signature generated using a Key attached to a Certificate is solely at its own risk. Acknowledgement regarding compromised keys The Relying Party acknowledges that if a Private Key is compromised or stolen the messages sent and received using it will not be reliable or secure. Human Services cannot verify whether at any particular moment in time a Private Key has been compromised or stolen. The Relying Party must promptly notify Human Services in the event that it suspects that there has been a compromise of the Subscriber’s Private Key.