Managed file transfer ("MFT") refers to a software or a service that manages the secure transfer of data from one computer to another through a network (e.g., the Internet). MFT is a managed file transfer solution that automates and secures file transfers using a centralized enterprise-level approach. MFT is a comprehensive solution that will manage file transfer, file sharing, secure FTP, and automation needs through a single interface. MFT is the Enterprise Services replacement for Axway Data Exchange.
Managed File Transfer (MFT) provides the ability to transfer files securely to another user. Users must be registered in HARP and have an MFT Web User role approved to send and receive files. Recipients of PHI / PII must be onboarded to MFT and senders may not utilize non-registered user option when sending PHI / PII. In addition, elevated permissions can be granted as Administrators to perform development work or request designation as a Security Official.
For information on the MFT application please refer to the MFT Confluence link - https://qnetconfluence.cms.gov/display/HS/Managed+File+Transfer.
For more information about HARP, please refer to the HARP Confluence page - https://qnetconfluence.cms.gov/display/HS/HARP.
For questions please contact the Service Center Help Desk via email at - ServiceCenterSOS@cms.hhs.gov
Prerequisites to Getting Access to MFT
Before requesting any role the prerequisite is that you have established a HARP account and your organization has onboarded with HARP. If you currently have an EIDM or EUA account, then you can go to HARP page and Login using EIDM/EUA credentials. Otherwise, if you do not have an EIDM or EUA account, then you need to request a HARP ID. If you already have a HARP ID, there is no need to create a new one.
Recipients of PHI / PII must be onboarded to MFT and senders may not utilize non-registered user option when sending PHI / PII.
Because HARP is a prerequisite, we will be targeting organizations who have already onboarded with HARP. If an organization has not identified and designated a Security Official for their organization, none of the requests from that organization will be approved.
QUICK START GUIDE
Step 1: Designate Security Official (SO) for Organization
Each organization designates a Security Official. This role will allow that individual to approve Web User role requests within their organization.
Step 2: Register for a HARP account
If you currently have an EIDM or EUA account then go to HARP page https://harp.cms.gov/ and Login using EIDM/EUA credentials
If you do not have an EIDM or EUA account then Get HARP ID. For instructions on obtaining a HARP ID, visit the How to get a HARP ID Help Page.
If you already have a HARP ID, there is no need to create a new one.
Step 3: Request Role
Once your HARP account has been created, log into HARP and request a User Role:
- Select the “Managed File Transfer” Program
- Select your Organization
- Select a User role (Security Officer (SO) or Web User)
Visit the How to get a HARP ID Help Page to view a helpful video on requesting user roles.
Step 4: Access MFT
- Log into MFT using your HARP credentials: https://qnetmft.cms.gov.
- Enter your HARP ID
- Enter your HARP password
MFT WORK REQUEST PROCESS GUIDE
For Custom MFT work or enhancement requests, users will need to submit requests by completing the MFT Secure Form "MFT Request Form". This Secure Form allows users to submit requests/enhancements for the MFT application.
Links to user resources for MFT
- MFT User Web Guide - MFT_Web_Guide_v1.2.docx
- MFT End User Guide - MFTEndUserGuide_04302021.docx
- MFT Procedure for Custom Work Requests - MFT Work Requests SOP.pdf
- MFT Custom Work Request Process Guide - MFT Work Request Process Guide.pdf
MFT has two types of users, standard MFT Web users and Custom MFT Web Users and Administrators
- Standard MFT Web Users - This primary group is defined as having the ability to send and receive files securely with others. Every HARP user can get this type of access.
- Action requested: To get access, each organization must first designate a Security Official. This role will allow that individual to approve Web User role requests within their organization.
- Once onboarded the designated SO receives a welcome letter via email.
- Organizations that have contractors under them (i.e., hospitals, facilities, etc.) would follow the same model by designating a Security Official (SO) for their organization that would then be approved by the parent SO (i.e., EQRS, CDAC, etc.). These entities would also appear on the selection list and would be handled the same way as a known organizations would be.
- Custom MFT Web Users, Administrators, Security Officials - This group of users are organizations that require custom onboarding and work flows.
- Full engagement onboarding process including kick-off through an request intake form.
- Organization to discuss responsibility level (ESS or organization performing the work).
- Any organization that wants more than the initial MVP release falls under this category.
News & Updates
12/02/2021: As of December 2nd, 2021, any work requests or enhancement requests for Managed File Transfer (MFT) must be submitted via the MFT Secure Form "MFT Request Form". This Secure Form allows users to submit requests/enhancements for the MFT application. If you do not have access to MFT or need assistance with filling out the request, please contact Austin McGowan at firstname.lastname@example.org. Once the form is completed, a JIRA number will be issued, and the work will be prioritized.
03/30/2021: (Update) As of March 30th, 2021, all files stored in MFT that have not been modified in the past 30 days will be removed from the MFT application. Beginning March 30th 2021, any future files stored in MFT that have not been modified in the past 30 days will be deleted from the MFT application in accordance to the newly implemented 30 day retention policy. The 30 day retention policy will not apply to files stored on the MFT platform that are managed by your organization through your S3 bucket.
12/17/2020: The MFT website was migrated from the .org URL to the new .gov URL on December 16, 2020. Users will access the MFT Website using the following new URL:https://qnetmft.cms.gov. This change will not impact your access to the MFT website.
12/16/2020: The Axway SFT (Data Exchange) application has been decommissioned and is no longer available. MFT (Managed File Transfer) is the Enterprise Services replacement for Axway SFT (Data Exchange). A link providing MFT onboarding information is provided below. MFT requires users to be registered in HARP and have a MFT Web User role to send and receive files. For information on the MFT application please refer to the MFT Confluence link - https://qnetconfluence.cms.gov/display/HS/Managed+File+Transfer.For more information about HARP, please refer to the HARP Confluence page - https://qnetconfluence.cms.gov/display/HS/HARP.
12/11/2020: The intermittent issues with creating / removing users in MFT from 12/10/2020 has been resolved. If you are still experiencing issues with accessing MFT after your account has been approved, please submit a ticket to the QNET Helpdesk.
12/10/2020: Reminder: The MFT website will be migrating from a .org URL to a .gov URL on December 16, 2020. Users will access the MFT Website using the following new URL: https://qnetmft.cms.gov. This change will not impact your access to the MFT website.
08/27/2020: MFT-Notify distribution list. Users can request to be added to list on https://www.qualitynet.org/ to receive MFT release and maintenance information. Choose 'Subscribe to Email Updates' / ' then choose 'Private Lists' / Enter User Information / then check 'MFT Notify: Managed File Transfer (MFT) Notifications' / and click 'Submit'.
03/11/2020: If your email address needs to be updated in MFT, please log on to HARP and update your email address accordingly. If you updated your email address in HARP prior to 3/9/2020 and it is not reflected in MFT, please log into HARP, revert back to your previous email address, update and then subsequently update to the desired email address. Once the update occurs on HARP, the change will be reflected in MFT.
03/11/2020: The MFT Team has identified a maximum threshold of 45 GB for secure file transfers through the MFT web application. Files in excess of this size will not be processed. Because the files are transferred via HTTPS, there are transfer limitations depending on the browser used. If you have a file in excess of 2 GB, you must use either Firefox or Chrome. Internet Explorer and Microsoft Edge have thresholds of 2 GB and under and files attempted to be transferred through these browsers in excess of 2 GB will not be processed.
03/04/2020: Managed File Transfer (MFT) will be unavailable this evening March 4th after 8:00 pm for 15 minutes to perform routine maintenance.
The MFT system will be unavailable on Monday, December 21st beginning at 8:00 pm EST with an expected outage of two hours for maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Wednesday, December 16th for the conversion of .org to .gov URLs.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Tuesday, December 15th for system-wide maintenance in preparation of the conversion of .org to .gov URLs on 12/16/2020.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Wednesday, December 9th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 11 p.m. ET on Tuesday, December 8th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 11 p.m. ET on Wednesday, November 18th for system-wide maintenance.
The MFT application will be taken offline beginning at 8 pm EST on 11/4/2020 for maintenance. Estimated down time will be two hours.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Thursday, October 15th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Thursday, October 8th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Wednesday, September 9th for system-wide maintenance.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 10 p.m. ET on Tuesday, September 1st for system-wide maintenance activities.
The MFT website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 11 p.m. ET on Wednesday, August 26th for system-wide maintenance activities.
MFT Outage for Secure Mail and File Uploads Scheduled for July 31 2020 from 8pm-9pm
The MFT Secure Mail and MFT File Upload features for the website (https://mft.harp.qualitynet.org/mft-signin/login) will be unavailable from 8 p.m. ET to 9 p.m. ET on Friday, July 31 to allow for system maintenance activities. During this downtime, all MFT Secure Mails and MFT File Upload will not process.
MFT Release 12.2
MFT 12.2 provides NQIIC-TO5 with Validation of Provider data files.
MFT Release 12.1
MFT 12.1 consists of the GoAnywhere MFT v7.0.1 upgrade that includes Log4J v2.17.1.
MFT Release 11.1
MFT Release 11.1 deploys GoAnywhere Vendor Gateway release 2.9.0.
MFT Release 10.9
MFT Release 10.9 deploys a MFT CDAC Secure Form for the CMS Clinical Data Abstraction Center (CDAC) team and their providers to transfer PDF data files to CDAC for processing.
MFT Release 10.8
MFT Release 10.8 removes view permission to the GoAnywhere MFT Global Logs for the QNET Help Desk MFT Admin User Role.
MFT Release 10.7
MFT Release 10.7 updates the error messaging on the MFT HSN CDC File Distribution Form when a virus file is detected.
MFT Release 10.6
MFT Release 10.6 updates the MT Authentication API to handle the invalid resource requests.
MFT Release 10.5
MFT Release 10.5 updates the API services managing the MFT application accounts.
MFT Release 10.4
MFT Release 10.4 updates the API services managing the MFT application accounts.
MFT Release 10.3
MFT Release 10.3 updates the Managed File Transfer (MFT) application to support the sharing of data files between the Internet Quality Improvement and Evaluation System (iQIES) team and iQIES users for each US State/US Territory.
MFT Release 10.2
MFT Release 10.2 deploys updates to the MFT APIs managing the application accounts.
MFT Release 10.1
MFT Release 10.1 deploys updates to NGINX and Node Open Source Software (OSS) packages.
MFT Release 9.9
MFT Release 9.9 deploys fix for issue where a Non-MFT User can Register for MFT Account if Shared File by Existing MFT User.
MFT Release 9.8
MFT Release 9.8 deploys MFT Apache Log4J Security Remediation.
MFT Release 9.7
MFT Release 9.7 updates permissions for all MFT Admins to remediate a Security finding.
MFT Release 9.6
MFT Release 9.6 implements MFT Node Services updates.
MFT Release 9.5
Release MFT 9.5 provides ADO-DAS-eSimplicity Organization access to the HARP roles "Managed File Transfer (MFT) ALLFAC Data submitter" and "Managed File Transfer (MFT) HRSA Data Submitter".
MFT Release 9.4
MFT Release 9.4 provides a new Role (Entitlement) for DPS-Mathematica and Yale to submit data files to HQR/SAS Viya.
MFT Release 9.3
MFT Release 9.3 Updates the MFT Admin Service Account Password.
MFT Release 9.2
MFT Release 9.2 MFT SSL Certificates.
MFT Release 9.1
MFT Release 9.1 MFT S3 Bucket Key Rotation.
MFT Release 8.9 and 8.10
MFT Release 8.9 implements a new MFT Secure Form "MFT Request Form". This Secure Form allows users to submit requests/enhancements for the MFT application. Also, inactive sessions are updated to timeout after 30 minutes instead of 15 minutes. MFT Release 8.10 implements a GoAnywhere MFT Secure form for submitting ALLFAC data and HRSA data for ADO-HCQAR-Customer Value Partners.
MFT Release 8.8
MFT Release 8.8 updates the processing of Task Order 3 Hospital Measure CSV data files to rename a CSV file with a version number if an existing filename already exists in the CDR.
MFT Release 8.7
MFT Release 8.7 enables a self-service token update model to facilitate a more efficient process for QMARS to update their token within our established collaboration effort supporting the BFCC and QIO mission.
MFT Release 8.6
MFT release 8.6 deploys changes to support the processing of HRSA data by the CMS DAMOD team.
MFT Release 8.5
MFT Release 8.5 implements changes to support the migration of MFT HARP Roles for EUA users.
MFT Release 8.4
Release 8.4 provides MFT Auto Route Secure Form capability to MFT users who are approved for the new HARP MFT AutoRoute Role for the ADO-HQR-Bellese Technology Organization.
MFT Release 8.3.1
MFT Release 8.3.1 Upgrade the NHSN CDC to CMS Data Transfer to Allow Simultaneous Submissions.
MFT Release 8.3
MFT Release 8.3 is an update to the MFT application provisioning processes to support the EUA migration.
MFT Release 8.2.3
MFT release 8.2.3 organizes the submission of Hospital Measures Data files by year and month in the CDR.
MFT Release 8.2
MFT System Release 8.2 addresses a rare provisioning issue during role assignment.
MFT Release 8.1
MFT Release 8.1 enables multiple email addresses, specifically in relation to EUA accounts.
MFT Release 7.13 and MFT Release 7.14
MFT Release 7.13 implements changes to the MFT Node Service code to ensure the MFT Admin provisioning continues to work after HARP HERA Multi-Role workflow is implemented. There are no impacts to the existing MFT users. MFT Release 7.14 upgrades the GoAnywhere MFT product from v6.7.1 to v6.8.3.
MFT Release 7.12
MFT Release 7.12 Updates the JWT Tokens for authentication between MFT and the QMARS API.
MFT Release 7.11.1
MFT Release 7.11.1 implements a change to the existing MFT Project Workflow for processing TO3 Hospital Measure CSV data files. MFT users with access to the Task Order (TO) 3 Hospital Measure Form whose CSV data file fails validation will no longer receive the invalid data text file in an email; instead, the users will receive a link to authenticate to MFT to download the invalid data text file.
MFT Release 7.11
MFT Release 7.11 implements a new GoAnywhere MFT Secure Form, called TO3 Hospital Measure Data Submission, providing authorized MFT users the ability to submit data files for validation.
MFT Release 7.8, 7.9, 7.10
MFT Release 7.8 implements changes that will improve the user-experience for the MFT AutoRoute users by allowing multiple AutoRoute transfers to be submitted. AutoRoute transfers can be submitted by different users and these transfer request will be queued instead of returning an error message to individual submitting the second AutoRoute transfer. MFT Release 7.9 provides Yale-CORE team IQR Auto-Route Functionality in MFT. MFT Release 7.10 provides the OQPSSS - HSAG ADO MFT autoroute functionality to send the Ambulatory Surgical Center (ASC) preview reports to the ASC facilities.
MFT Release 7.5, 7.6, 7.7
MFT System Release 7.5 deploys updates to support the Saviynt 5.5 ServicePack 3 upgrade. MFT System Release 7.6 provides AHCAH team the ability to download IQIES Assessment Data from the Manage File Transfer (MFT) application. MFT System Release 7.7 implements the Managed File Transfer (MFT) EXT ESRD-NW Facility User role for the two new ESRD contractors (Network 11 and 18).
MFT Release 7.4
MFT System Release 7.4 deployed AutoRoute capability to the CMS Center for Program Integrity / Program for Evaluating Payment Patterns Electronic Report (CPI/PEPPER) team.
MFT Release 7.2 and 7.3
MFT System Release 7.2 deployed the GoAnywhere MFT 6.7.1 Upgrade and MFT System Release 7.3 implemented the HCQAR/SAS Viya Data Submitter MFT user role for Analytics-IOMM-Mathematica Policy Research Organization.
MFT Release 7.1
MFT Release 7.1 updated the email header in the Medical Records Request Form to help users distinguish between the MFT and QMARS system.
MFT Release 6.11
MFT Release 6.11 was an enhancement to secure form submissions.
MFT Release 6.10
MFT 6.10 GoAnywhere Gateway Upgrade for PI14. Upgrade the GoAnywhere Gateway installed in the ESS VPC to version 2.8.2 (currently on version 2.7.0).
MFT Release 6.9
MFT 6.9 implements the 30-day MFT File Retention Policy. The policy will remove files stored in MFT that have not been modified in the last 30 days.
MFT Release 6.7 and MFT Release 6.8
MFT Release 6.7 (implementation of the MVP for HARP MFT SSO capabilities) and MFT Release 6.8 (enhancements to the HARP / MFT sync process ) were successfully deployed to production on Monday March 22nd.
MFT Release 6.6
MFT 6.6 was successfully deployed to production on 3/16/2021. This release enables the CMS Chronic Conditions Data Warehouse (CCW) team to download data in support of the Acute Hospital Care At Home (AHCAH) project.
MFT Release 6.5
MFT 6.5 was successfully released into production on 3/9/2021 to enable autoroute capabilities for the HSAG organization.
MFT Release 6.4
MFT 6.4 was successfully released into production on Thursday, March 4th, 2021 for general maintenance on administrative accounts.
MFT Release 6.3
MFT 6.3 was successfully deployed into production on 02/19/2021. The release enables the ability of special characters in MFT usernames to be consistent with allowable HARP naming conventions.
MFT Release 6.2.1
If you have recently requested an MFT role, you may have experienced a delay in having your role provisioned. This issue has been resolved and the roles have been provisioned successfully.
MFT Release 6.2
MFT 6.2 was successfully deployed to production on 2/18/2021 to allow usernames consistent with HARP.
MFT Release 6.1
MFT 6.1 was successfully deployed to production on 2/10/2021. This deployment supports the .gov initiative related to an existing integration with QMARS.
MFT Release 5.12
MFT 5.12 was successfully deployed to production on 1/28/2021. This release features automatic routing capabilities as requested by HCQAR.
MFT Release 5.11
MFT 5.11 was successfully deployed to production on 1/11/2021. This release enhances the consistency and performance of user provisioning.
MFT Release 5.9
MFT Release Notice: MFT Release 5.9 was successfully deployed to Production on Friday December 18th. This release corrected the MFT Role Removal Provisioning issue.
MFT Release 5.8 and Release 5.9
MFT Release notice: On 12/17/2020, MFT 5.8 was successfully released to production. This will enable three new entitlements for HCQAR / CVP to allow transfers to their S3 bucket.
In addition, MFT 5.9 was successfully released into production on 12/17/2020 to address an issue with user provisioning.
MFT Release 5.3
MFT 5.3 was successfully released in production on 11/30/2020. This release facilitates SFTP functionality for ARBOR Research to enable secure file transfer sizes in excess of 45 GB due to browser limitations. Deployment began at 8pm EST and the expected downtime was 2 hours.
MFT Release 5.2
MFT 5.2 was released in production on 11/19/2020. This release facilitates SFTP functionality for ARBOR Research to enable secure file transfer sizes in excess of 45 GB due to browser limitations. There was no downtime associated with this deployment.
MFT Release 4.3.3
MFT 4.3.3 was successfully deployed to production on 10/28/2020. This release facilitates SFTP functionality for ARBOR Research to enable secure file transfer sizes in excess of 45 GB due to browser limitations. There was no downtime associated with this deployment.
MFT Release 4.3.1
MFT 4.3.1 was deployed to production on 10/22/2020. This release provides an update of the sender email address from the MFT application to the public to meet new policy requirements per CMS. MFT will be unavailable between 8pm ET and 10pm ET to complete this deployment.
MFT Release 4.3
MFT 4.3 release addresses a minor bug fix as well as general system maintenance. This release will be deployed on 10/20/2020 and will require system downtime for these activities, beginning at 8 pm ET. The outage is expected to last approximately 2 hours.
MFT Release 4.2.6
MFT 4.2.6 was deployed to production on 9/23/2020. This release accomplishes an upgrade of the vendor sign in widget which enables single sign on capability and ensures the version is current. MFT will be unavailable between 8pm EST and 11pm EST to complete this deployment.
MFT Release 3.5.3
MFT Release 3.5.3 was deployed to production on 8/11/2020. This release includes enhancements for monitoring and compliance as well as the ability to accept special characters in support of HARP usernames as access is gained to the system.
MFT Release 3.4.1
The MFT Team deployed to production a new Saviynt Entitlement for the MFT CMS Federal Organization called IQIES_SAS_VIYA. This role will have provide access to the AWS iQIES S3 Bucket with specific permissions to the CMS (MFT Folder Display Name: iQIES_SAS-Viya_CMS) directory.
MFT Release 3.3.3
MFT 3.3.3: SCA Remediation and PROD2 Cutover.
MFT Release 3.3.2
The MFT Team released MFT 3.3.2 in Production on Friday, July 10, 2020. This release will facilitate ESRD-NW onboarding efforts for 18 existing MFT Organizations. This release also provides for S3 bucket sharing for iQIES as well as a corresponding entitlement to enable access.
MFT Release 3.2.2
The MFT Team released MFT 3.2.2 in Production on 07/01/2020. This release upgrades the MFT Angular Sign-In Widget application from v7.2.3 to v8.2.14, which is a supported version of Angular and is consistent with the ESS HARP Angular applications. This release also addresses an issue with reports not generating as expected.
MFT Release 3.2.1
The MFT Team released MFT 3.2.1 in Production on 06/26/2020. This release provides new functionality that enables automatic folder creation feature in MFT to organize file upload(s) in support of COVID-QII_DVAC.
MFT Release 3.1.3
MFT 3.1.3 - release enabled two requested group email addresses for organizations to allow them to send secure mail to a distribution list as well as minor bug fixes.
MFT Release 3.1.1. 3.1.2
MFT 3.1.1, 3.1.2 - CDAC Email Address Update. MFT Entitlement Fix for NCQII-TO1-HQI.
- No labels