Notices
This user guide (the “Guide”) is provided by Capario in order to facilitate your use of the Capario Secure File Transfer Software. This Guide is subject to change without notice.
Capario retains all rights with respect to the Guide and the Secure File Transfer Software. Your right to use this Guide and the Capario Secure File Transfer Software is subject to the Capario Terms of Use found at www.capario.com, including, but not limited to, the warranty disclaimers contained therein. In addition, your use may be subject to other terms and conditions as agreed upon between you and Capario.
All content included in this Guide, including trade names or marks, service names or marks, text and graphics (collectively the “Content”) and the selection and arrangement thereof, are the sole and exclusive property of Capario or its suppliers. However, you are free to view, copy, print, and distribute the Content as long as:
The Content is used for information purposes only.
The Content is used for non-commercial purposes only within your organization in support of
Capario products.
The Content is not distributed in any form to any third party.
Copies of the Content include all Capario’s copyright or other proprietary notices.
Except as specified above, nothing contained herein shall be construed as conferring by implication, estoppel or otherwise any license or right under any patent, trademark or copyright of Capario or any third party.
THE CONTENT IN THIS GUIDE IS THE PROPRIETARY PROPERTY OF CAPARIO AND/OR ITS SUPPLIERS AND IS PROTECTED BY U.S. AND INTERNATIONAL COPYRIGHT AND OTHER INTELLECTUAL PROPERTY LAWS. EXCEPT AS SPECIFICALLY PERMITTED HEREIN, YOU AGREE NOT TO DUPLICATE, TRANSLATE, PUBLISH, DISTRIBUTE, MODIFY, EXTRACT DATA FROM, OR OTHERWISE COMMERCIALLY EXPLOIT ANY CONTENT.
All contents in this Guide are: Copyright © 2009 Capario Inc. or its licensors. All rights reserved. Capario respects the intellectual property of others, and we ask you to do the same. If you believe some Content in this Guide has been copied in such as way to constitute copyright infringement, please contact Capario via email at mailto:[email protected]
Table of Contents
Overview ... 4
Capario's Secure File Transfer Software ... 4
Name Change ... 4
How Capario SFT Software Works... 4
Security ... 4
Features and Functions of Capario’s SFT Software ... 5
Getting Started ... 6
How to Obtain Capario SFT Software ... 6
System Requirements... 7
How to Obtain Java Runtime Environment ... 7
Installing Capario's SFT Software ... 9
How to obtain a Capario SFT Software Account ... 9
Capario’s SFT Software Commands ... 10
Capario SFT Software Client Help ... 10
Changing your Password... 12
Changing your Password- Continued ... 13
Display Share Folders on the Server ... 14
Upload Files to the Server ... 15
Display your Files on the Server... 17
Download Files from the Server... 18
Download ERA Files from the Server ... 20
Replacing Standard FTP with Capario SFT Software... 21
Overview
Capario's Secure File Transfer Software
In response to the HIPAA Privacy Rule, Capario has migrated all direct FTP Internet submitters to an encrypted connectivity method. As you know, Capario trades production Protected Health Information (PHI) with submitters, payers, and vendors via the FTP protocol over the Internet. To protect our customer’s electronic health information from inappropriate disclosure and misuse, Capario has implemented the Capario Secure File Transfer Software (MSFT) as a secure alternative to FTP.
The Capario SFT software enables customers to send and receive files with Capario over the Internet with Secure Sockets Layer (SSL) encryption technology and is provided by Capario free of charge. Customers will simply install the MSFT software client on their local workstation or server. Capario account managers will be contacting all customers to begin this migration.
Name Change
When ProxyMed became Capario on December 5, 2005 the product name for ProxyMed SFT
(PMSFT) was changed to Capario SFT (MSFT). That name change, for this product, is reflected in this document. For now, however, the server name, file names and directory structure did not change. As shown in this document these all remain as pmsft.
How Capario SFT Software Works
Capario’s SFT software has two components; a client and server piece. Our Customers will install the Java based client piece onto their workstation or network server and then connect to Capario’s SFT server. With the Capario SFT software, file transfers can be scripted, just like regular FTP.
If you are a current FTP user you will have the same subdirectories on the Capario SFT server. This means that accounts on the new Capario SFT server should be configured with the same information that currently exists on the FTP server. As account managers work with customers to migrate to this software, implementation staff will be called upon to configure accounts on the Capario SFT server.
Security
Secure Sockets Layer (SSL) technology is used to encrypt traffic between the Capario SFT software client and Capario’s SFT server. Once users log into the server with a user ID and password they are enabled to manage their passwords, which includes:
Changing their password
Configuring their password to expire
Setting-up notification, via email, of pending password expiration
Features and Functions of Capario’s SFT Software
The Capario Secure File Transfer Software replaces unsecured standard FTP protocol. In addition allows customers to:
Securely send PHI to Capario via the Internet, private lines, or dial-up. Securely receive PHI from Capario.
Maintain confidentiality and privacy by ensuring that production PHI is encrypted as it is
transmitted across the Internet.
Maintain integrity by ensuring that PHI is not modified as it is transmitted across the
Internet.
Getting Started
How to Obtain Capario SFT Software
The Capario SFT software is available, via download, at no charge. The Capario download center can be reached via the Capario web site, see steps below, or follow this link:
http://www.capario.com/resource_center.html
System Requirements
Minimum system requirements for Capario SFT software Any of the following operating systems:
Windows XP, 2000 (sp2+), ME, NT (sp5+), 98, or 95b (Winsock 2.0) Solaris™ Operating Environment
Linux OS on Intel Mac OS X
Java version 1.4.2_02 and above. (Note: Capario SFT is not compatible with Java 1.3.X or
1.4.2_01)
An Internet connection that allows outbound connections to tcp/1023
How to Obtain Java Runtime Environment
To determine the version and/or the existence of Java installed on your computer, open a command prompt and type: java -version. Note: there is a space following java.
If Java is not installed, or if you need to update your version, you can obtain the correct Java Run Time Environment for free. Follow these steps:
Go to:
http://www.java.com
Free Download
Installation Agreement From this point you will either be prompted to download and install a new version of the Java Runtime Environment or your current version will automatically be updated.
To install, review and click Yes. Note this screen may change as Sun updates their versions.
Installer
Installation screen shows download progress.
Installing Capario's SFT Software
Capario will send you the Secure File Transfer software in a compressed file. These set-up and configuration steps are the basis for all examples shown in this User Guide.
Installation and Configuration Create a new folder C:\pmsft\
Copy MSFT compressed file into pmsft folder and unzip Capario’s SFT server address is: pmsft.proxymed.com:1023
Examples in this User Guide User ID scodon
Passwords userpa$$1 and $pain2003
Folders on the client: As part of the implementation we recommend that current Capario FTP customers and new customers adopt the following directory structure:
Claim files to be located in the directory: C:\pmsft\claims
Report files to be located in the directory: C:\pmsft\reports
Network installation, of course, will use their directory locations.
Folders on Capario’s SFT server: Reports and Claims
How to obtain a Capario SFT Software Account
Capario’s SFT Software Commands
Capario SFT Software Client Help
PMSFT Software Commands
The following are five commonly used MSFT commands.
For the commands below C:\PMSFT> represents the local, working, PMSFT directory.
Note there is one (1) space between java and -jar and between each argument.
C:\PMSFT>java -jar filetransfer.jar changepassword pmsft.proxymed.com:1023 <User> <OldPass> <NewPass>
C:\PMSFT>java -jar filetransfer.jar queryshares pmsft.proxymed.com:1023 <User> <Pass>
C:\PMSFT>java -jar filetransfer.jar queryfiles pmsft.proxymed.com:1023 <User> <Pass> <Share> <FileMask>
C:\PMSFT>java -jar filetransfer.jar sendfiles pmsft.proxymed.com:1023 <User> <Pass> <Share> <SourceDir> <FileMask> <True or False>
Using True will move files from your local directory to the Capario SFT server Using False will copy files from your local directory to the Capario SFT server
C:\PMSFT>java -jar filetransfer.jar retrievefiles pmsft.proxymed.com:1023 <User> <Pass> <Share> <TargetDir> <FileMask> <True or False>
Using True will move files from the Capario SFT server to your local directory Using False will copy files from the Capario SFT server to your local directory
Command Guidelines for File Names, User IDs and Passwords
For users running Microsoft Operating systems: File names, User IDs and Passwords that contain special characters should be entered using "double" quote marks.
For users running UNIX Operating systems: File names, User IDs and Passwords that contain special characters should be entered using 'single' quote marks.
For any operating system, file names can not contain any spaces. Command Parameters Defined
IP Address The host address and port (use pmsft.proxymed.com:1023 )
User The unique user name on Capario's system. This is your eight (8) digit client ID. Use single quotes when entering your User Name.
OldPass Used when creating a new password. Refers to password being changed. Use single quotes when entering a password.
NewPass Used when creating a new password. Refers to the new password. Use single quotes when entering a password.
Pass The user's current password. Use single quotes when entering a password. Share This is the key to a folder on Capario's system (example Claims).
SourceDir Path to the file upload folder on your local computer. TargetDir Path to the file download folder on your local computer.
Changing your Password
Capario’s SFT Password Guidelines
The Capario’s SFT site requires a password to authenticate each File Transfer User ID for access to Capario's network. Passwords are case sensitive and must:
Consist of 8-15 characters Contain at least 4 letters
Contain at least 4 non-alphanumeric characters or numbers. See below for acceptable non-alphanumeric characters.
Acceptable non-alphanumeric characters are:
! # $ % & ( ) + , - . / : < ? @ > = _ ~
Note the following when creating your password. Passwords:
Cannot be the same as the Practice ID Cannot include spaces or CTRL Character Cannot include these characters:
Changing your Password- Continued
To change your password, navigate to the pmsft directory. The command prompt will be: C:\PMSFT> Type the change password command based on this syntax:
java -jar filetransfer.jar changepassword pmsft.proxymed.com:1023 scodon "userpa$$1" "$pain2003"
Where: scodon = ClientID, userpa$$1 = Old Password, $pain2003 = new password
In this example the password is being changed from userpa$$1 to $pain2003.
Note: Double quotes are not part of password. See page 11 regarding double quotes for users of Microsoft Operating systems.
Display Share Folders on the Server
To display your shares (folders) on the MSFT server, navigate to C:\pmsft directory The command prompt will be: C:\PMSFT>
Type the queryshares command based on this syntax:
java -jar filetransfer.jar queryshares pmsft.proxymed.com:1023 scodon "$pain2003" Where scodon= User ID and $pain2003 = password
Upload Files to the Server
To upload files by MOVING them to the MSFT server, navigate to C:\pmsft. The command prompt will be: C:\PMSFT>
Type this sendfiles command based on this syntax:
java -jar filetransfer.jar sendfiles pmsft.proxymed.com:1023 scodon "$pain2003" claims c:\pmsft\claims "*.clm" true
Where scodon= User ID, $pain2003 = password
In this example we are uploading local claim files from c:\pmsft\claims\*.clm to the claims folder on the server and deleting the claim files on the local computer. (i.e. we moved the files)
To upload files by COPYING them to the MSFT server, navigate to C:\pmsft. The command prompt will be: C:\PMSFT>
Type this sendfiles command based on this syntax:
java -jar filetransfer.jar sendfiles pmsft.proxymed.com:1023 scodon "$pain2003" claims c:\pmsft\claims "*.clm" false
Where scodon= User ID, $pain2003 = password
In this example we are uploading local claim files from c:\pmsft\claims\*.clm to the claims folder on the server and leaving a copy of the file on the local computer. (i.e. we copied the file)
Display your Files on the Server
To display files in a particular folder on the Capario SFT server, navigate to C:\pmsft directory The command prompt will be: C:\PMSFT>
Type this queryfiles command based on this syntax:
java -jar filetransfer.jar queryfiles pmsft.proxymed.com:1023 scodon "$pain2003" claims "*.clm" Where scodon= User ID, $pain2003 = password, claims = Folder on the PMSFT sever. *.clm = claim
files
Since this is a test account we are viewing recently uploaded claim files. You would probably modify this command to view available report files on the Capario SFT server.
In this example we are searching for all .clm files in the PMSFT claims folder.
Download Files from the Server
To download files by MOVING them from the Capario SFT server, navigate to C:\pmsft. The command prompt will be: C:\PMSFT>
Type this retrievefiles command based on this syntax:
java -jar filetransfer.jar retrievefiles pmsft.proxymed.com:1023 scodon "$pain2003" reports c:\pmsft\reports "*" true
Where: scodon= User ID, $pain2003 = password, "*"= files on the PMSFT server
In this example we are downloading report files, using "*",to the local directory, c:\pmsft\reports, and deleting the files on the server. (i.e. we moved the files)
System response:
To download files by COPYING them from the Capario SFT server, navigate to C:\pmsft. The command prompt will be: C:\PMSFT>
Type this retrievefiles command based on this syntax:
java -jar filetransfer.jar retrievefiles pmsft.proxymed.com:1023 scodon "$pain2003" reports c:\pmsft\reports "*" false
Where scodon= User ID, $pain2003 = password, "*"= files on the PMSFT server
In this example we are downloading report files, using "*", to the local directory c:\pmsft\reports, and leaving a copy of the files on the server. (i.e. we copied the files)
System will respond with:
Download ERA Files from the Server
If you are using Capario SFT to retrieve ERAs, the methods are same as for Reports. The difference is that Capario SFT will place ERAs in a separate directory. In addition you will need to designate your local ERA directory.
To download ERA files by MOVING them from the Capario SFT server, use the following syntax from the C:\PMSFT prompt:
java -jar filetransfer.jar retrievefiles pmsft.proxymed.com:1023 scodon "$pain2003" era c:\pmsft\era "*" true
Where scodon= User ID, $pain2003 = password, "*"= files on the PMSFT server
In this example we are downloading the files, "*", from the era folder to the local directory c:\pmsft\era and deleting the files on the server. (i.e. we moved the file)
To download ERA files by COPYING them from the Capario SFT server, type the following command: java -jar filetransfer.jar retrievefiles pmsft.proxymed.com:1023 scodon "$pain2003" era
c:\pmsft\era "*" false
Where scodon= User ID, $pain2003 = password, "*"= files on the PMSFT server
Replacing Standard FTP with Capario SFT Software
Scripting
This section assumes that current FTP submitter customers have configured scripts to upload and download PHI files. A modified version of these scripts can be used to upload and download files using Capario SFT software.
FTP Commands
ftp -n -s:scriptfile.txt pmsft.proxymed.com:1023 Sample FTP command to connect to an FTP site user scodon
$pain2003
put c:\claim1.clm /claims/claim1.clm
get /reports/report.clm c:\reports\report.clm quit
Additional FTP script file to log in, upload to the claims share and download from the report share
PMSFTS Commands
The following are Capario SFT software scripts used to 'put' or upload files and 'get' or retrieve files.
MSFT software command to connect, log in and upload or 'put' claim files java -jar filetransfer.jar sendfiles pmsft.proxymed.com:1023 scodon "$pain2003" claims c:\claims1.clm False
Where scodon= User ID, $pain2003= password
MSFT software command to connect, log in and retrieve or 'get' report files java -jar filetransfer.jar retrievefiles pmsft.proxymed.com:1023 scodon pari$2003 reports c:\reports reports.clm False
Password Management
Set-up Password
When the Capario administrator creates a new customer account, the password issued will be for 'one-time' use only which will force the user to change their password the first time they enter the system. See "Changing Your Password" section above. Any attempted operation, other than changing your password, will result in the following screen:
Password Expiration
Password 'Lock-Out'
As an added security feature, user accounts can be configured to 'lock-out' after a specified number of unsuccessful log-in attempts. Once an account is locked out, the user must contact Capario to unlock it. Here is a 'lock-out' message:
The Capario Secure File Transfer account for user id scodon has been locked due to repeated failed attempts to access the account. Please contact a Capario Customer Advocacy representative to resolve this issue. We are sorry for the inconvenience.
If you have a script configured with the correct password, and your account gets locked out, this might be the result of malicious network activity. You should conduct an internal investigation to determine why your account was locked out.
Reports
Reports delivered back to the Client will have the specific client identification attached to the front of the file name.
Reports to be delivered back to the Client will have the client identification prefixed to the file name.
The general format would be:
<Client ID>.<CYYMMDDHHMISS>.<Extension>. Sample File Name: 99999999.20030523164439.rec where:
CC Century YY Year
MM Month as 2 digits with left zero if needed. For example March would be 03.
DD Day of month HH Hour of the day
MI Minute SS Second
ERAs
ERAs delivered back to the Client will have the specific client identification attached to the front of the file name, if not present during initial transfer.
ERAs to be delivered back to the Client will have the client identification prefixed to the file name. The general format would be:
<Client ID>.<CCYYMMDDHHMISS>.<Extension>. Sample File Name: 99999999.20030523164439.XXX where:
CC Century YY Year
MM Month as 2 digits with left zero if needed. For example March would be 03.
DD Day of month HH Hour of the day
MI Minute SS Second
XXX ERA File name extension.
Delivery Conventions
Error Codes
These are some of the common error codes used by the Capario SFT application, with a description. PMSFT Code Description 0 Command Succeeded 1 Command Unknown 64
Wrong number of arguments. In this case the pmsft client was unable to parse the command line to the correct number of arguments. A possible solution is to place double quotes around all command line arguments.
66 File(s) not found
67 Authentication failed or Server Denied Login 73 Unknown host
74 IO Exception 77 Path Access Error
120 Authentication failed or Server Denied Login 121 Password not changed
122 The account has been locked. User had more than 6 unsuccessful login attempts 123 Account requires password
131 Invalid Port
