ISG Playbook
APIs
- Created by Angel Tucker, last modified by Austin McGowan on Mar 21, 2023
Managed file transfer ("MFT") refers to a software or a service that manages the secure transfer of data from one computer to another through a network (e.g., the Internet). MFT is a managed file transfer solution that automates and secures file transfers using a centralized enterprise-level approach. MFT is a comprehensive solution that will manage file transfer, file sharing, secure FTP, and automation needs through a single interface. MFT is the Enterprise Services replacement for Axway Data Exchange.
Managed File Transfer (MFT) provides the ability to transfer files securely to another user. Users must be registered in HARP and have an MFT Web User role approved to send and receive files. Recipients of PHI / PII must be onboarded to MFT and senders may not utilize non-registered user option when sending PHI / PII. In addition, elevated permissions can be granted as Administrators to perform development work or request designation as a Security Official.
For information on the MFT application please refer to the MFT Confluence link - https://qnetconfluence.cms.gov/display/HS/Managed+File+Transfer.
For more information about HARP, please refer to the HARP Confluence page - https://qnetconfluence.cms.gov/display/HS/HARP.
For questions please contact the Service Center Help Desk via email at - ServiceCenterSOS@cms.hhs.gov
Prerequisites to Getting Access to MFT
Before requesting any role the prerequisite is that you have established a HARP account and your organization has onboarded with HARP. If you currently have an EIDM or EUA account, then you can go to HARP page and Login using EIDM/EUA credentials. Otherwise, if you do not have an EIDM or EUA account, then you need to request a HARP ID. If you already have a HARP ID, there is no need to create a new one.
Recipients of PHI / PII must be onboarded to MFT and senders may not utilize non-registered user option when sending PHI / PII.
Because HARP is a prerequisite, we will be targeting organizations who have already onboarded with HARP. If an organization has not identified and designated a Security Official for their organization, none of the requests from that organization will be approved.
QUICK START GUIDE
Step 1: Designate Security Official (SO) for Organization
Each organization designates a Security Official. This role will allow that individual to approve Web User role requests within their organization.
Step 2: Register for a HARP account
If you currently have an EIDM or EUA account then go to HARP page https://harp.cms.gov/ and Login using EIDM/EUA credentials
If you do not have an EIDM or EUA account then Get HARP ID. For instructions on obtaining a HARP ID, visit the How to get a HARP ID Help Page.
If you already have a HARP ID, there is no need to create a new one.
Step 3: Request Role
Once your HARP account has been created, log into HARP and request a User Role:
- Select the “Managed File Transfer” Program
- Select your Organization
- Select a User role (Security Officer (SO) or Web User)
Visit the How to get a HARP ID Help Page to view a helpful video on requesting user roles.
Step 4: Access MFT
- Log into MFT using your HARP credentials: https://qnetmft.cms.gov.
- Enter your HARP ID
- Enter your HARP password
MFT WORK REQUEST PROCESS GUIDE
To submit a request to the File Management team, go to https://qnetjira.cms.gov/servicedesk/customer/portal/8, and click on the File Management Request link on the page to get started.
On the File Management Request link page, fill out the form completely with the title, summary and acceptance criteria or goals of the request, as well as a need by date. If you know who your Product Owner is, you can provide that information as well; this is optional. Once you complete the requested information on the form, click on the “Create” button.
Once you click on the “Create” button, a JIRA ticket will be automatically created, and you will receive an email with the JIRA number as well as a link to view the status of your ticket at any time. The File Management team will follow up if there are additional questions. Please note: all requests are prioritized by the File Management CMS Product Owner.
Links to user resources for MFT
- MFT User Web Guide - MFT_Web_Guide_v1.2.docx
- MFT End User Guide - MFTEndUserGuide_04302021.docx
To submit a request to the File Management team, go to https://qnetjira.cms.gov/servicedesk/customer/portal/8, and click on the File Management Request link on the page to get started.
User Definitions
MFT has two types of users, standard MFT Web users and Custom MFT Web Users and Administrators
- Standard MFT Web Users - This primary group is defined as having the ability to send and receive files securely with others. Every HARP user can get this type of access.
- Action requested: To get access, each organization must first designate a Security Official. This role will allow that individual to approve Web User role requests within their organization.
- Once onboarded the designated SO receives a welcome letter via email.
- Organizations that have contractors under them (i.e., hospitals, facilities, etc.) would follow the same model by designating a Security Official (SO) for their organization that would then be approved by the parent SO (i.e., EQRS, CDAC, etc.). These entities would also appear on the selection list and would be handled the same way as a known organizations would be.
- Custom MFT Web Users, Administrators, Security Officials - This group of users are organizations that require custom onboarding and work flows.
- Full engagement onboarding process including kick-off through an request intake form.
- Organization to discuss responsibility level (ESS or organization performing the work).
- Any organization that wants more than the initial MVP release falls under this category.
News & Updates
12/03/2022:
To consolidate request channels and make requesting work of the team more efficient and convenient, the File Management team has created a central location to make requests, either for FileCloud or MFT. You must have a HARP ID to submit a request.
To submit a request to the File Management team, go to https://qnetjira.cms.gov/servicedesk/customer/portal/8, and click on the File Management Request link on the page to get started.
On the File Management Request link page, fill out the form completely with the title, summary and acceptance criteria or goals of the request, as well as a need by date. If you know who your Product Owner is, you can provide that information as well; this is optional. Once you complete the requested information on the form, click on the “Create” button.
Once you click on the “Create” button, a JIRA ticket will be automatically created, and you will receive an email with the JIRA number as well as a link to view the status of your ticket at any time. The File Management team will follow up if there are additional questions. Please note: all requests are prioritized by the File Management CMS Product Owner.
This new method of requesting work will be available beginning Monday, 12/5/2022. If you have previously submitted work through the various Slack channels or through a Service Now ticket, both methods will remain open through 12/9/2022 as we transition to this new process.
12/02/2021: As of December 2nd, 2021, any work requests or enhancement requests for Managed File Transfer (MFT) must be submitted via the MFT Secure Form "MFT Request Form". This Secure Form allows users to submit requests/enhancements for the MFT application. If you do not have access to MFT or need assistance with filling out the request, please contact Austin McGowan at amcgowan@tantustech.com. Once the form is completed, a JIRA number will be issued, and the work will be prioritized.
03/30/2021: (Update) As of March 30th, 2021, all files stored in MFT that have not been modified in the past 30 days will be removed from the MFT application. Beginning March 30th 2021, any future files stored in MFT that have not been modified in the past 30 days will be deleted from the MFT application in accordance to the newly implemented 30 day retention policy. The 30 day retention policy will not apply to files stored on the MFT platform that are managed by your organization through your S3 bucket.
12/17/2020: The MFT website was migrated from the .org URL to the new .gov URL on December 16, 2020. Users will access the MFT Website using the following new URL:https://qnetmft.cms.gov. This change will not impact your access to the MFT website.
12/16/2020: The Axway SFT (Data Exchange) application has been decommissioned and is no longer available. MFT (Managed File Transfer) is the Enterprise Services replacement for Axway SFT (Data Exchange). A link providing MFT onboarding information is provided below. MFT requires users to be registered in HARP and have a MFT Web User role to send and receive files. For information on the MFT application please refer to the MFT Confluence link - https://qnetconfluence.cms.gov/display/HS/Managed+File+Transfer.For more information about HARP, please refer to the HARP Confluence page - https://qnetconfluence.cms.gov/display/HS/HARP.
12/11/2020: The intermittent issues with creating / removing users in MFT from 12/10/2020 has been resolved. If you are still experiencing issues with accessing MFT after your account has been approved, please submit a ticket to the QNET Helpdesk.
12/10/2020: Reminder: The MFT website will be migrating from a .org URL to a .gov URL on December 16, 2020. Users will access the MFT Website using the following new URL: https://qnetmft.cms.gov. This change will not impact your access to the MFT website.
08/27/2020: MFT-Notify distribution list. Users can request to be added to list on https://www.qualitynet.org/ to receive MFT release and maintenance information. Choose 'Subscribe to Email Updates' / ' then choose 'Private Lists' / Enter User Information / then check 'MFT Notify: Managed File Transfer (MFT) Notifications' / and click 'Submit'.
03/11/2020: If your email address needs to be updated in MFT, please log on to HARP and update your email address accordingly. If you updated your email address in HARP prior to 3/9/2020 and it is not reflected in MFT, please log into HARP, revert back to your previous email address, update and then subsequently update to the desired email address. Once the update occurs on HARP, the change will be reflected in MFT.
03/11/2020: The MFT Team has identified a maximum threshold of 45 GB for secure file transfers through the MFT web application. Files in excess of this size will not be processed. Because the files are transferred via HTTPS, there are transfer limitations depending on the browser used. If you have a file in excess of 2 GB, you must use either Firefox or Chrome. Internet Explorer and Microsoft Edge have thresholds of 2 GB and under and files attempted to be transferred through these browsers in excess of 2 GB will not be processed.
03/04/2020: Managed File Transfer (MFT) will be unavailable this evening March 4th after 8:00 pm for 15 minutes to perform routine maintenance.
The MFT system will be unavailable on Monday, December 21st beginning at 8:00 pm EST with an expected outage of two hours for maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Wednesday, December 16th for the conversion of .org to .gov URLs.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Tuesday, December 15th for system-wide maintenance in preparation of the conversion of .org to .gov URLs on 12/16/2020.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Wednesday, December 9th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 11 p.m. ET on Tuesday, December 8th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 11 p.m. ET on Wednesday, November 18th for system-wide maintenance.
The MFT application will be taken offline beginning at 8 pm EST on 11/4/2020 for maintenance. Estimated down time will be two hours.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Thursday, October 15th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Thursday, October 8th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Wednesday, September 9th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Tuesday, September 1st for system-wide maintenance activities.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 11 p.m. ET on Wednesday, August 26th for system-wide maintenance activities.
MFT Outage for Secure Mail and File Uploads Scheduled for July 31 2020 from 8pm-9pm
The MFT Secure Mail and MFT File Upload features for the website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 9 p.m. ET on Friday, July 31 to allow for system maintenance activities. During this downtime, all MFT Secure Mails and MFT File Upload will not process.
MFT Release 12.5
MFT 12.5 System Update on Thursday September 29, 2022.
MFT 12.5 updates the CDAC Secure Form User Interface and the CDAC Secure Form submission notification distribution list.
MFT Release 12.4
MFT 12.4 GoAnywhere MFT v7.0.3 Upgrade
MFT Release 12.3
MFT 12.3 MFT Address Book API Refactor - Use Axios library
MFT Release 12.2
MFT 12.2 provides NQIIC-TO5 with Validation of Provider data files.
MFT Release 12.1
MFT 12.1 consists of the GoAnywhere MFT v7.0.1 upgrade that includes Log4J v2.17.1.
MFT Release 11.1
MFT Release 11.1 deploys GoAnywhere Vendor Gateway release 2.9.0.
MFT Release 10.9
MFT Release 10.9 deploys a MFT CDAC Secure Form for the CMS Clinical Data Abstraction Center (CDAC) team and their providers to transfer PDF data files to CDAC for processing.
MFT Release 10.8
MFT Release 10.8 removes view permission to the GoAnywhere MFT Global Logs for the QNET Help Desk MFT Admin User Role.
MFT Release 10.7
MFT Release 10.7 updates the error messaging on the MFT HSN CDC File Distribution Form when a virus file is detected.
MFT Release 10.6
MFT Release 10.6 updates the MT Authentication API to handle the invalid resource requests.
MFT Release 10.5
MFT Release 10.5 updates the API services managing the MFT application accounts.
MFT Release 10.4
MFT Release 10.4 updates the API services managing the MFT application accounts.
MFT Release 10.3
MFT Release 10.3 updates the Managed File Transfer (MFT) application to support the sharing of data files between the Internet Quality Improvement and Evaluation System (iQIES) team and iQIES users for each US State/US Territory.
MFT Release 10.2
MFT Release 10.2 deploys updates to the MFT APIs managing the application accounts.
MFT Release 10.1
MFT Release 10.1 deploys updates to NGINX and Node Open Source Software (OSS) packages.
MFT Release 9.9
MFT Release 9.9 deploys fix for issue where a Non-MFT User can Register for MFT Account if Shared File by Existing MFT User.
MFT Release 9.8
MFT Release 9.8 deploys MFT Apache Log4J Security Remediation.
MFT Release 9.7
MFT Release 9.7 updates permissions for all MFT Admins to remediate a Security finding.
MFT Release 9.6
MFT Release 9.6 implements MFT Node Services updates.
MFT Release 9.5
Release MFT 9.5 provides ADO-DAS-eSimplicity Organization access to the HARP roles "Managed File Transfer (MFT) ALLFAC Data submitter" and "Managed File Transfer (MFT) HRSA Data Submitter".
MFT Release 9.4
MFT Release 9.4 provides a new Role (Entitlement) for DPS-Mathematica and Yale to submit data files to HQR/SAS Viya.
MFT Release 9.3
MFT Release 9.3 Updates the MFT Admin Service Account Password.
MFT Release 9.2
MFT Release 9.2 MFT SSL Certificates.
MFT Release 9.1
MFT Release 9.1 MFT S3 Bucket Key Rotation.
MFT Release 8.9 and 8.10
MFT Release 8.9 implements a new MFT Secure Form "MFT Request Form". This Secure Form allows users to submit requests/enhancements for the MFT application. Also, inactive sessions are updated to timeout after 30 minutes instead of 15 minutes. MFT Release 8.10 implements a GoAnywhere MFT Secure form for submitting ALLFAC data and HRSA data for ADO-HCQAR-Customer Value Partners.
MFT Release 8.8
MFT Release 8.8 updates the processing of Task Order 3 Hospital Measure CSV data files to rename a CSV file with a version number if an existing filename already exists in the CDR.
MFT Release 8.7
MFT Release 8.7 enables a self-service token update model to facilitate a more efficient process for QMARS to update their token within our established collaboration effort supporting the BFCC and QIO mission.
MFT Release 8.6
MFT release 8.6 deploys changes to support the processing of HRSA data by the CMS DAMOD team.
MFT Release 8.5
MFT Release 8.5 implements changes to support the migration of MFT HARP Roles for EUA users.
MFT Release 8.4
Release 8.4 provides MFT Auto Route Secure Form capability to MFT users who are approved for the new HARP MFT AutoRoute Role for the ADO-HQR-Bellese Technology Organization.
MFT Release 8.3.1
MFT Release 8.3.1 Upgrade the NHSN CDC to CMS Data Transfer to Allow Simultaneous Submissions.
MFT Release 8.3
MFT Release 8.3 is an update to the MFT application provisioning processes to support the EUA migration.
MFT Release 8.2.3
MFT release 8.2.3 organizes the submission of Hospital Measures Data files by year and month in the CDR.
MFT Release 8.2
MFT System Release 8.2 addresses a rare provisioning issue during role assignment.
MFT Release 8.1
MFT Release 8.1 enables multiple email addresses, specifically in relation to EUA accounts.
MFT Release 7.13 and MFT Release 7.14
MFT Release 7.13 implements changes to the MFT Node Service code to ensure the MFT Admin provisioning continues to work after HARP HERA Multi-Role workflow is implemented. There are no impacts to the existing MFT users. MFT Release 7.14 upgrades the GoAnywhere MFT product from v6.7.1 to v6.8.3.
MFT Release 7.12
MFT Release 7.12 Updates the JWT Tokens for authentication between MFT and the QMARS API.
MFT Release 7.11.1
MFT Release 7.11.1 implements a change to the existing MFT Project Workflow for processing TO3 Hospital Measure CSV data files. MFT users with access to the Task Order (TO) 3 Hospital Measure Form whose CSV data file fails validation will no longer receive the invalid data text file in an email; instead, the users will receive a link to authenticate to MFT to download the invalid data text file.
MFT Release 7.11
MFT Release 7.11 implements a new GoAnywhere MFT Secure Form, called TO3 Hospital Measure Data Submission, providing authorized MFT users the ability to submit data files for validation.
MFT Release 7.8, 7.9, 7.10
MFT Release 7.8 implements changes that will improve the user-experience for the MFT AutoRoute users by allowing multiple AutoRoute transfers to be submitted. AutoRoute transfers can be submitted by different users and these transfer request will be queued instead of returning an error message to individual submitting the second AutoRoute transfer. MFT Release 7.9 provides Yale-CORE team IQR Auto-Route Functionality in MFT. MFT Release 7.10 provides the OQPSSS - HSAG ADO MFT autoroute functionality to send the Ambulatory Surgical Center (ASC) preview reports to the ASC facilities.
MFT Release 7.5, 7.6, 7.7
MFT System Release 7.5 deploys updates to support the Saviynt 5.5 ServicePack 3 upgrade. MFT System Release 7.6 provides AHCAH team the ability to download IQIES Assessment Data from the Manage File Transfer (MFT) application. MFT System Release 7.7 implements the Managed File Transfer (MFT) EXT ESRD-NW Facility User role for the two new ESRD contractors (Network 11 and 18).
MFT Release 7.4
MFT System Release 7.4 deployed AutoRoute capability to the CMS Center for Program Integrity / Program for Evaluating Payment Patterns Electronic Report (CPI/PEPPER) team.
MFT Release 7.2 and 7.3
MFT System Release 7.2 deployed the GoAnywhere MFT 6.7.1 Upgrade and MFT System Release 7.3 implemented the HCQAR/SAS Viya Data Submitter MFT user role for Analytics-IOMM-Mathematica Policy Research Organization.
MFT Release 7.1
MFT Release 7.1 updated the email header in the Medical Records Request Form to help users distinguish between the MFT and QMARS system.
MFT Release 6.11
MFT Release 6.11 was an enhancement to secure form submissions.
MFT Release 6.10
MFT 6.10 GoAnywhere Gateway Upgrade for PI14. Upgrade the GoAnywhere Gateway installed in the ESS VPC to version 2.8.2 (currently on version 2.7.0).
MFT Release 6.9
MFT 6.9 implements the 30-day MFT File Retention Policy. The policy will remove files stored in MFT that have not been modified in the last 30 days.
MFT Release 6.7 and MFT Release 6.8
MFT Release 6.7 (implementation of the MVP for HARP MFT SSO capabilities) and MFT Release 6.8 (enhancements to the HARP / MFT sync process ) were successfully deployed to production on Monday March 22nd.
MFT Release 6.6
MFT 6.6 was successfully deployed to production on 3/16/2021. This release enables the CMS Chronic Conditions Data Warehouse (CCW) team to download data in support of the Acute Hospital Care At Home (AHCAH) project.
MFT Release 6.5
MFT 6.5 was successfully released into production on 3/9/2021 to enable autoroute capabilities for the HSAG organization.
MFT Release 6.4
MFT 6.4 was successfully released into production on Thursday, March 4th, 2021 for general maintenance on administrative accounts.
MFT Release 6.3
MFT 6.3 was successfully deployed into production on 02/19/2021. The release enables the ability of special characters in MFT usernames to be consistent with allowable HARP naming conventions.
MFT Release 6.2.1
If you have recently requested an MFT role, you may have experienced a delay in having your role provisioned. This issue has been resolved and the roles have been provisioned successfully.
MFT Release 6.2
MFT 6.2 was successfully deployed to production on 2/18/2021 to allow usernames consistent with HARP.
MFT Release 6.1
MFT 6.1 was successfully deployed to production on 2/10/2021. This deployment supports the .gov initiative related to an existing integration with QMARS.
MFT Release 5.12
MFT 5.12 was successfully deployed to production on 1/28/2021. This release features automatic routing capabilities as requested by HCQAR.
MFT Release 5.11
MFT 5.11 was successfully deployed to production on 1/11/2021. This release enhances the consistency and performance of user provisioning.
MFT Release 5.9
MFT Release Notice: MFT Release 5.9 was successfully deployed to Production on Friday December 18th. This release corrected the MFT Role Removal Provisioning issue.
MFT Release 5.8 and Release 5.9
MFT Release notice: On 12/17/2020, MFT 5.8 was successfully released to production. This will enable three new entitlements for HCQAR / CVP to allow transfers to their S3 bucket.
In addition, MFT 5.9 was successfully released into production on 12/17/2020 to address an issue with user provisioning.
MFT Release 5.3
MFT 5.3 was successfully released in production on 11/30/2020. This release facilitates SFTP functionality for ARBOR Research to enable secure file transfer sizes in excess of 45 GB due to browser limitations. Deployment began at 8pm EST and the expected downtime was 2 hours.
MFT Release 5.2
MFT 5.2 was released in production on 11/19/2020. This release facilitates SFTP functionality for ARBOR Research to enable secure file transfer sizes in excess of 45 GB due to browser limitations. There was no downtime associated with this deployment.
MFT Release 4.3.3
MFT 4.3.3 was successfully deployed to production on 10/28/2020. This release facilitates SFTP functionality for ARBOR Research to enable secure file transfer sizes in excess of 45 GB due to browser limitations. There was no downtime associated with this deployment.
MFT Release 4.3.1
MFT 4.3.1 was deployed to production on 10/22/2020. This release provides an update of the sender email address from the MFT application to the public to meet new policy requirements per CMS. MFT will be unavailable between 8pm ET and 10pm ET to complete this deployment.
MFT Release 4.3
MFT 4.3 release addresses a minor bug fix as well as general system maintenance. This release will be deployed on 10/20/2020 and will require system downtime for these activities, beginning at 8 pm ET. The outage is expected to last approximately 2 hours.
MFT Release 4.2.6
MFT 4.2.6 was deployed to production on 9/23/2020. This release accomplishes an upgrade of the vendor sign in widget which enables single sign on capability and ensures the version is current. MFT will be unavailable between 8pm EST and 11pm EST to complete this deployment.
MFT Release 3.5.3
MFT Release 3.5.3 was deployed to production on 8/11/2020. This release includes enhancements for monitoring and compliance as well as the ability to accept special characters in support of HARP usernames as access is gained to the system.
MFT Release 3.4.1
The MFT Team deployed to production a new Saviynt Entitlement for the MFT CMS Federal Organization called IQIES_SAS_VIYA. This role will have provide access to the AWS iQIES S3 Bucket with specific permissions to the CMS (MFT Folder Display Name: iQIES_SAS-Viya_CMS) directory.
MFT Release 3.3.3
MFT 3.3.3: SCA Remediation and PROD2 Cutover.
MFT Release 3.3.2
The MFT Team released MFT 3.3.2 in Production on Friday, July 10, 2020. This release will facilitate ESRD-NW onboarding efforts for 18 existing MFT Organizations. This release also provides for S3 bucket sharing for iQIES as well as a corresponding entitlement to enable access.
MFT Release 3.2.2
The MFT Team released MFT 3.2.2 in Production on 07/01/2020. This release upgrades the MFT Angular Sign-In Widget application from v7.2.3 to v8.2.14, which is a supported version of Angular and is consistent with the ESS HARP Angular applications. This release also addresses an issue with reports not generating as expected.
MFT Release 3.2.1
The MFT Team released MFT 3.2.1 in Production on 06/26/2020. This release provides new functionality that enables automatic folder creation feature in MFT to organize file upload(s) in support of COVID-QII_DVAC.
MFT Release 3.1.3
MFT 3.1.3 - release enabled two requested group email addresses for organizations to allow them to send secure mail to a distribution list as well as minor bug fixes.
MFT Release 3.1.1. 3.1.2
MFT 3.1.1, 3.1.2 - CDAC Email Address Update. MFT Entitlement Fix for NCQII-TO1-HQI.
FAQs
GENERAL | ACCESS | Working in MFT
Managed file transfer ("MFT") is an application for the CMS HCQIS community to securely transfer data files over the internet. MFT provides the capabilities for transferring data files from person-to-person(s) using MFT Secure Mail or from person-to-system (i.e. Amazon S3 Bucket) through MFT Secure Forms.
The MFT transfer capabilities are provided by the GoAnywhere MFT COTS product.
All MFT users MUST have an CMS Okta account and On-Board to the CMS HARP application and be granted access by their Security Official to access MFT. MFT users log into the MFT Web Console to access the secure transfer functions (i.e. Secure Mail, Forms, local Files).
Recipients of PHI / PII must be onboarded to MFT and senders may not utilize non-registered user option when sending PHI / PII.
Internal users; i.e., the Centers for Medicare & Medicaid Services (CMS) and CMS Contractors, can exchange messages and files with internal users and also external users such as providers and vendors.
The MFT web user is the end user; this person will have the ability to complete person to person secure file transfers. All MFT users MUST have an CMS Okta account and On-Board to the CMS HARP application and be granted access by their Security Official to access MFT. MFT users log into the MFT Web Console to access the secure transfer functions (i.e. Secure Mail, Forms, local Files). Recipients of PHI / PII must be onboarded to MFT and senders may not utilize non-registered user option when sending PHI / PII.
The Security Official (SO) is a person that is designated by a line of business (LoB) or other CMS contractor who has the authority to approve requests for managed file transfer access made by users within that particular line of business or contract.
To consolidate request channels and make requesting work of the team more efficient and convenient, the File Management team has created a central location to make requests, either for FileCloud or MFT. You must have a HARP ID to submit a request.
To submit a request to the File Management team, go to https://qnetjira.cms.gov/servicedesk/customer/portal/8, and click on the File Management Request link on the page to get started.
On the File Management Request link page, fill out the form completely with the title, summary and acceptance criteria or goals of the request, as well as a need by date. If you know who your Product Owner is, you can provide that information as well; this is optional. Once you complete the requested information on the form, click on the “Create” button.
Once you click on the “Create” button, a JIRA ticket will be automatically created, and you will receive an email with the JIRA number as well as a link to view the status of your ticket at any time. The File Management team will follow up if there are additional questions. Please note: all requests are prioritized by the File Management CMS Product Owner.
Yes, a HARP ID is required to access MFT. All MFT users MUST have an CMS Okta account and On-Board to the CMS HARP application and be granted access by their Security Official to access MFT. MFT users log into the MFT Web Console to access the secure transfer functions (i.e. Secure Mail, Forms, local Files).
Recipients of PHI / PII must be onboarded to MFT and senders may not utilize non-registered user option when sending PHI / PII.
For instructions on this process, visit the HARP page.
A registered MFT user with a HARP ID can send a file through MFT to a non-registered user. The non-registered user can retrieve the file without having a HARP ID. The non-registered user receiving secure mail is unable to respond back to the sender or send a file. The sender will need to ensure the "Require Registered Users" checkbox is NOT checked when sending a message.
Recipients of PHI / PII must be onboarded to MFT and senders may not utilize non-registered user option when sending PHI / PII.
Visit the HARP page for instructions on how to register for a HARP account.
Users must register for a HARP ID. Once the HARP account has been created, log into HARP and request a User Role.
- Log into HARP and request a User Role
- Select the “Managed File Transfer” Program
- Select your Organization
- Select a User role (Security Officer (SO) or Web User)
Security Official Role
- The Security Official (SO) is a person that is designated by a line of business (LoB) or other CMS contractor who has the authority to approve requests for managed file transfer access made by users within that particular line of business or contract
- It is initially up to the CMS representative for the LoB to designate themselves as SO or appoint another SO
- As an example, the CMS representative could be your Product Owner
- You will need to identify your CMS representative before onboarding
- The initial SO must be designated and approved before any access will be granted to requests to utilize managed file transfer functionality
- There can be more than one SO appointed as determined by the CMS LoB representative
- It is the determination of the CMS LoB representative to on how they want to implement SO roles for the LoB as well as the contractors under their LoB. Until this methodology is known and published, we will not prioritize
- If you are unsure who your SO is, you will need to contact your CMS representative to have them make that determination
- The SO only approves the web user role or other SOs for the LoB.
- HARP Security Official Role video HARP Page.
PM3 is currently handling both individual request and bulk updates. PM3 is currently loading the first SO. The first SO can then approve additional SO request.
Check with their SO to confirm the name they should be looking for.
If they do not know who their SO is, then PM3 should be contacted.
When an individual from your line of business /organization requests access to MFT, they will select an organization. This label represents what the users will see in the selection list.
Administrative User Role
- MFT has numerous capabilities that can be leveraged for customized development of workflows and functions. The administrator role in this instance acts as a developer.
- When an individual from your line of business /organization requests access to MFT, they will select an organization. This label represents what the users will see in the selection list.
- Out of the box, the main function of MFT is to provide person to person secure file transfers. If more functionality is needed then a customized onboarding process is required including filling out a custom RFI form.
- Requesting an admin role requires going through a custom onboarding.
- If yes, a member of the onboarding team will reach out to you to obtain documentation on the type(s) of PHI / PII being transferred after the initial line of business / organization has been onboarded
- Recipients of PHI / PII must be onboarded to MFT and senders may not utilize non-registered user option when sending PHI / PII.
Out of the box, the main function of MFT is to provide person to person secure file transfers.
- If no, no further action needs to be taken.
- If yes, submit a request to the File Management team, go to https://qnetjira.cms.gov/servicedesk/customer/portal/8, and click on the File Management Request link on the page to get started.
Out of the box, the main function of MFT is to provide person to person secure file transfers. It is assumed that all organizations require, at least, standard MFT Web User access. Please review the End User Guide. After reviewing the End User Guide documentation, do you believe your organization(s) users require more MFT capabilities than a standard Web User role provides (Person to Person Secure File Transfer)?
- Getting my HARP ID HARP Help Page
- HARP User Profile HARP Help Page
- HARP Security official Role video HARP Help Page
- HARP User Roles HARP Help Page
- MFT User Web Guide - MFT_Web_Guide_v1.2.docx
- MFT End User Guide - MFTEndUserGuide_04302021.docx
A video is currently under development.
Log into:
- Web Users: https://qnetmft.cms.gov.
- Enter your HARP ID
- Enter your HARP password
If you have a file in excess of 2 GB, you must use either Firefox or Chrome, which have been identified as having a threshold of about 40 GB. Internet Explorer and Microsoft Edge have thresholds of 2 GB and under and files attempted to be transferred through these browsers in excess of 2 GB will not be processed. There are no known constraints on the number of attachments but the total cumulative size of the files applies as referenced above.
Users can request to be added to MFT Notify list at https://www.qualitynet.org/ to receive MFT release and maintenance information. Choose 'Subscribe to Email Updates' / choose 'Private Lists' / Enter User Information / then check 'MFT Notify: Managed File Transfer (MFT) Notifications' / and click 'Submit'.
- Service Center
1-866-288-8912 (TRS: 711) from 7:00 AM to 7:00 PM CT Monday through Friday, or via email at ServiceCenterSOS@cms.hhs.gov
To receive notifications with news, release and maintenance information, sign up for the MFT ListServ. Users can be request to be added to our subscriber list by clicking on the link and following the instructions below:
- On the page select the Private Lists tab
- Enter Your Information
- Select the checkbox next to MFT Notify: Managed File Transfer (MFT) Notifications
- Click Submit
To unsubscribe from this list please send ‘unsubscribe’ to mft-notify-leave@mailer.qualitynet.org.
- CCSQ Support Central: Provides you with multi-program support to submit a new ticket, and track the status of an existing case, incident, or request. No login required. https://cmsqualitysupport.servicenowservices.com/ccsq_support_central
- Service Center: For any MFT related issues or questions, Please contact the Service Center Support Team.
Phone: (866) 288-8914 (TRS:711)
Slack: #help-service-center-sos
Email: ServiceCenterSOS@cms.hhs.gov
Hours of Operation: 24/7
- No labels