What is Secure File Transfer Protocol (SFTP) Mode?
SFTP is a secure version of the File Transfer Protocol (FTP), which facilitates an encrypted and secure stream of data between your system and Passport through the means of SFTP servers. This mode ensures protection for your data, PII, passwords, and any other sensitive information from being transferred over the network.
- It is our client's responsibility to coordinate any SFTP integration efforts with their HRIS third-party service. ProviderTrust will provide file specs and SFTP login credentials, but it is ultimately the client’s responsibility as they control the flow of data. It is a best practice for clients to be engaged in the SFTP setup process.
How does SFTP mode work?
When your HRIS application connects with the Passport system via our SFTP servers, the application will auto-navigate to the account's home directory. Your home directory is determined by the username and password you have--think account permissions. From here, the application can freely access any subordinate folders, but only within its pre-designated permissions.
How do I set up SFTP for my Organization?
1. Set up Username/Password
To gain access to your secure SFTP site, you will need to request an SFTP username and password from the Client Care support team or Implementation Project Manager.
To place this request, please call 615-938-7878 or email us at firstname.lastname@example.org. You should expect your credentials securely delivered within 5-7 business days.
2. Enter the correct URL into your FTP client*
*A File Transfer Protocol client (FTP client) is a software utility that establishes a connection between a host computer and a remote server, typically an FTP server. Examples of these include Filezilla, Transmit, CyberDuck, etc.
3. Select folders for File Delivery
Within your account, you will find an "integration" directory along with sub-directories to select for delivering your files.
Example destination directory: integration/provider_update
Our Implementation and Client Care Team will provide a more customized list of the specific folder or folders that will be used for your specific business needs. The names of the sub-directories are predefined and generally correspond with: 1)The types of data being transferred, and 2)The mode of import within the system. The general rule is to use update folders only.
If you are unsure about the type of folder or import mode to select, please contact our support team.
4. Select folders for File Pickup
Data exported from Passport will be returned to the "Reports" sub-directory. For example, you may expect exclusion monitor alerts or primary source-verified license data back from the Passport System.
Below is an outline of the sub-directory folders you may need. You will see other folders but they are not to be used without specific direction from your implementation project manager or client success team member. The general rule is to use update folders only.
|Integration/Sub-directory name||Import Data File Type||Import Mode|
|credential_update||credential data||add / update mode|
|discipline_mapping_update||discipline data||add / update mode|
|facility_update||facility data||add / update mode|
|hierarchy_update||hierarchy data||add / update mode|
|jobcodes||job codes file||n/a|
|provider_update||provider data||add / update mode|
|test_files||Test data used during onboarding or trial runs||n/a|
|uniqueid_update||unique id change||add / update mode|
|unit_update||unit data||add / update mode|
|user_update||user data||add / update mode|
|vendor_update||vendor data||add / update mode|
SFTP Port: 22
Files are imported approximately hourly. After the imported data is processed, the file will be automatically deleted from the server for an added layer of security.
You are also welcome to set up a designated contact to receive a status email for all processing updates. Please reach out to email@example.com to update your contact list.
If the import was unsuccessful, you will need to securely log in to Passport or VendorProof to view the summary of errors. When you've reviewed and updated the errors, please upload the file again either manually in product or by dropping in the SFTP sub-directory. This will ensure it is processed. Without corrections and re-uploading, the data in your system will not update.
- What is the Protocol Type (SSH, SFTP, FTPS, FTPS)?
- What is the authentication level (Password or Public Key)?
- What is the file encryption (Pretty Good Privacy (PGP) Encryption or none)?
All data, regardless of how the files are encrypted, is encrypted in transit and at rest. Machines are encrypted at rest by Amazon Web Services (AWS) and data is encrypted in transit by SFTP protocol. Files can be unencrypted from the client to our systems, and for the Passport and VendorProof applications, we also support an optional PGP file encryption with Passport and VendorProof applications only. If supplied with a PGP Key, it is important to note that the client will have to save their files in a specific format: The file must have a suffix of .pgp or .gpg - This allows the Passport or VendorProof applications to recognize the need for decryption, then normal file processing can begin.
Please note that if you wish to send us a test file, this file will need to be decrypted prior to pushing it to the SFTP. We are unable to review encrypted files sent to us to the "test_files" directory.
- What if I need to change my SFTP password?
Password changes require direct requests from our support team.
- What is the password for the connection?
Please request passwords from our support team. We will send them securely to your IT contact.
- What is the User Name for the Connection?
Please request usernames from our support team. We will send them securely to your IT contact.
- What is the Destination Directory?
This will depend on the file type and configurations established during onboarding. Please request information for your specific organization from ProviderTrust. We will send it securely to your IT contact.
- What is the Host Name/URL?
- What is the IP Address and Port?
Port: 22, IP Address: 220.127.116.11
- Does ProviderTrust need to allowlist our IP address?
No, at this time, we do not allow list any clients' IP addresses but you may need to allowlist the IP address above for successful file transfers.
- What is the desired Outbound File Name?
We do not have a file naming requirement, however, we often find it helpful for both parties to include a reference to the company, file type, and date & time stamp.
For example: Test Hospital - Provider File - January 1st, 2020
- What is the Desired Scheduling for the report (E.G. Mondays at 9:00 am or every day at 12:00pm)?
This is largely dependent on the business and user needs. We can accept files 24/7 but often the business contacts will work with ProviderTrust on a frequency and time to meet their needs.
- What are the supported file types to send data to ProviderTrust?
Comma Separated Values (.CSV), Pipe Separated Values (.PSV), and PGP Encrypted files (.PGP)
- What is the file type for reports coming out of ProviderTrust back to the client?
Comma Separated Values (.CSV)
- Do you have a technical contact?
Our Implementation and Client Care Team will designate a point of contact for any initial setup and questions. If any further questions require escalation outside of our team, we will coordinate closely and quickly with you to resolve your concerns.
For instructions on how to view and correct your file errors, refer to the support article: Failed Files Troubleshooting.