Technical Bulletin #6r- v2 Reviewed October 201 1



Similar documents
Technical Bulletin #6r- v4 Reviewed January 201 5

Technical Bulletin #6r- v5 March 201 6

Technical Bulletin #11. Electronic Data Transmission 2. REVISED: February, ,2,3

Secure Data Transfer

File Transmission Methods Monday, July 14, 2014

Online Banking for Business Secure FTP with SSH (Secure Shell) USER GUIDE

Data Exchange Preparation Procedures_006. Document Control Number

Data Exchange Preparation Procedures

II. Implementation and Service Information

Online Banking for Business Secure FTP with SSL (Secure Socket Layer) USER GUIDE

Quick Reference Guide. Online Courier: FTP. Signing On. Using FTP Pickup. To Access Online Courier.

Compliance and Industry Regulations

System to System Interface Guide

TECHNICAL SPECIFICATIONS GUIDE CANADA SAVINGS BONDS. csb.gc.ca PAYROLL SAVINGS PROGRAM 20$ 40$ 80$ 50 $ 30$ TECHGUIDE-14

HIPAA ASC X12N Version Inbound 837 Transactions. Companion Document

Configure Backup Server for Cisco Unified Communications Manager

REMOTE DATA TRANSMISSION OVERVIEW

STATE OF NORTH CAROLINA DEPARTMENT OF TRANSPORTATION DIVISION OF MOTOR VEHICLES

Georgia State Longitudinal Data System

Shipping Services Files (SSF) Secure File Transmission Account Setup

Revisions to Publication 199, Intelligent Mail Package Barcode. (IMpb) Implementation Guide for: Confirmation Services and

J1 EDI Application Form Instructions

2013 Year End Procedure Notes Accounts Payable for Add-On Software 1099 Processing

U.S. Department of Education 1998 Electronic Access Conferences

SART Data-Sharing Manual USAID Ed Strategy Goal 1

Communications and Connectivity

What IT Auditors Need to Know About Secure Shell. SSH Communications Security

SECURE EDI ENROLLMENT AGREEMENT INSTRUCTIONS

STATE OF HAWAII DEPARTMENT OF HUMAN SERVICES Med-QUEST Division. Electronic Data Interchange (EDI) Manual

Corporate Access File Transfer Service Description Version /05/2015

Connectivity and Communications

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF HUMAN SERVICES, INSURANCE, AND AGING

Electronic Data Interchange (EDI) 5010 Clearinghouse Services Guide

DIRECT DATA FLOW CHANNEL (SECURE FILE TRANSFER)/ IBM CONNECT:DIRECT GUIDE

How to Secure Mainframe FTP

Social Security Administration Publication No EFW2C Tax Year 2008

Privacy Impact Assessment. For Person Authentication Service (PAS) Date: January 9, 2015

Transmit X12 Data to AudaPro via Secure FTP

Insurance Company Financial Responsibilty Electronic Reporting Users Guide

Sanford Health Plan. Electronic Remittance Advice 835 Transaction Companion Guide Trading Partner Information

How to setup FTP and Secure FTP for XD Series

Web Time and Attendance

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at

How to setup Electronic Claims

Secure File Transfer Protocol User Guide

Florida Blue Health Plan

Nebraska Medicaid X12 Submission Requirements Manual using Secure File Transfer Protocol (SFTP) Version 2.1

Electronic Income Withholding Orders Software Interface Specification for States and Employers

Transmit X12 Data to AudaPro via Secure FTP

Guidance for Industry

PREPARATION OF ROYALTY PAYMENT SUMMARY

Lender Integration Guide. Getting Started with B2B. Business to Business File Transfer Solution. LQC Business Systems Technical Publications

HIPAA TRANSACTION 837 INSTITUTIONAL STANDARD COMPANION GUIDE

Obtaining a user account and password: To obtain a user account, please submit the following information to AJRR staff:

Florida Blue Health Plan

MEDICARE PART B CALIFORNIA SOUTH PRE ENROLLMENT INSTRUCTIONS MR002

SECURELINK.COM COMPLIANCE AND INDUSTRY REGULATIONS

HIPAA Transaction ANSI X Companion Guide

GUIDANCE October 31, 2008

Companion Guide Trading Partner Information

National Healthcare Safety Network (NHSN) NHSN Enrollment

Electronic Data Reporting

esnc ACCESS AGREEMENT

File Transfer with Secure FTP

Gentran User s Guide

MOD EPURCHASING CATALOGUES SFTP RETRIEVAL TECHNICAL SPECIFICATION

Business Online Banking Client Setup Form

ACCREDITATION COUNCIL FOR PHARMACY EDUCATION. CPE Monitor. Technical Specifications

CFTC Commodity Futures Trading Commission

Georgia Immunization Registry (GRITS)

UCC E-Filing System Frequently Asked Questions (FAQs)

Background, Definitions, and Requirements for Protecting VA Research Information

Instructions For Using Syncovery To Backup Your Mac Computer

JPMorgan Chase Treasury Workstation. Certification Setup Guide Version 2.0

smartoci User Guide Secure FTP for Catalog Loads

CMS Registration and Account Setup

TIGERPAW EXCHANGE INTEGRATOR SETUP GUIDE V3.6.0 August 26, 2015

New GoAnywhere File Transfer Set Up Tasks

Jurisdiction D EDI Customer Profile Instructions

Test Environment for Mailers (TEM) Guide for: Electronic Verification System (evs ) United States Postal Service Document

Getting Started with ERA User Account Guide

File transfer clients manual File Delivery Services

Configuring on Android Devices

AmeriHealth Administrators

Smart Card Authentication. Administrator's Guide

City of Toppenish Online Presentment and Payment Frequently Asked Questions

ICE Futures Europe. AFTS Technical Guide for Large Position Reporting V1.0

J11 EDI Application Form Instructions

Online Payment FAQ s

Canon WFT-E1 (A) Wireless File Transmitter. Network Support Guide

NETWRIX EVENT LOG MANAGER

Royal Mail Business Integration Gateway Specification

Online Presentment and Payment FAQ s

Railroad Medicare Palmetto GBA 837 and 835

Online Presentment and Payment FAQ s

GovDelivery Subscription Management System

NASA Information Technology Requirement

MEDICAID MARYLAND MHA (PMHS) PRE ENROLLMENT INSTRUCTIONS 77062

Emdeon Claims Provider Information Form *This form is to ensure accuracy in updating the appropriate account

Please note that a username and password will be made available upon request. These are necessary to transfer files.

Transcription:

Child Care and Development Fund Procedures for Electronically Transmitting ACF-801 Data Files Technical Bulletin #6r- v2 Reviewed October 201 1 I. INTRODUCTION The purpose of this bulletin is to provide States and Territories instructions for establishing the procedures necessary to electronically transmit the CCDF ACF-801 data file that contains the monthly case-level reports. The data file is transmitted from the States to the Administration for Children and Families (ACF) Child Care Bureau s (CCB) Child Care Bureau Information System (CCBIS). In the past, the Social Security Administration (SSA) provided a pass through from the State/Territory lead agencies to the National Institutes of Health 1 (NIH) the eventual destination of the CCDF data files. The data files are now to be transmitted directly to NIH. In addition, the CCB now approves three alternative methods of electronic transmission: CyberFusion Software Secure File Transfer Protocol (SFTP) CONNECT:Direct Software (C:D) Regardless of which method a lead agency chooses to use, a direct connection to NIH must be established. Each of these methods complies with Federal Information Security Management Act (FISMA) standards. FISMA defines a framework for managing information security that must be followed for all information systems used or operated by a U.S. Federal government agency or by a contractor or other organization on behalf of a Federal agency. This framework is further defined by the standards and guidelines developed by the National Institute of Standards and Technology (NIST) as Federal Information Processing Standards (FIPS) publications and the NIST Special Publications SP-800-series. FIPS Publication 140-2 provides computer security and encryption standards. Additional information may be found on the Computer Security Division website at NIST: http://csrc.nist.gov/ 1 The Child Care Bureau Information System (CCBIS) is located at the National Institute of Health (NIH) computer center in Bethesda, MD. State data files first are transmitted to the NIH TITAN mainframe and then moved to the DEC Alpha Unix Server where they are processed. 1

Comprehensive instructions for establishing and using the three ACF-801 data transmission methods are detailed in Section II of this Bulletin. The final section provides contact information for obtaining additional assistance. Required certification and registration forms for CyberFusion, CONNECT:Direct, and Secure FTP are included in the Appendix. II. TRANSMISSION INSTRUCTIONS CCDF grantees need to be aware of the following as they decide which method to use: CyberFusion CyberFusion is a secure file transfer software that allows secure integration of data across different computing systems. One agency in each State has been provided a CyberFusion license by the SSA. Child Care programs will have to coordinate with the agency that holds the CyberFusion license in their State to establish a transmission connection for submitting ACF-801 data files directly to NIH. CyberFusion meets FISMA security requirements. Secure File Transfer Protocol (SFTP) When securely transmitting ACF-801 data using Secure FTP, lead agencies must use software that meets FISMA security requirements and is FIPS 140-2 certified with the FIPS mode enabled. This will allow for the encryption of the data and secure transmission of confidential information. A list of Secure FTP software that is FIPS 140-2 certified is available at: http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401vend.htm. It is the responsibility of each State to ensure that the installed version of the Secure FTP software is configured correctly to meet the security requirements. The lead agency must certify that the Secure FTP software utilized and configured by the State meets FISMA FIPS 140-2 security requirements. The required Certification Form (Appendix) must be completed and returned to CCARC prior to implementing a Secure FTP process. CONNECT:Direct (C:D) Even though CONNECT:Direct software no longer is supported by the SSA, States that purchased their own CONNECT:Direct license may continue to use it to transmit their ACF-801 data files to NIH. States continuing to use CONNECT:Direct must modify their process to transfer files directly to NIH and not through the SSA. Child care programs must coordinate with the agency that has the C:D license in their State to put in place a direct connection to NIH. The ACF s Office of Information Services (OIS) has confirmed that specific versions of CONNECT:Direct meet 2

FISMA security requirements. Additional details about C:D FISMA compliance can be found on the NIST web site: http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/140val-all.htm Regardless of the method that a State uses, there are five steps to follow for ensuring a smooth data transmission process: 1. Notify the Child Care Automation Resource Center (CCARC) which transmission method will be used for future data submission 2. Establish effective internal information flow procedures 3. Establish the Dataset Naming Convention 4. Establish the connection with NIH 5. Perform the Data Transmission Link and Loop Tests Once these five steps are completed, and the connection with NIH has been established and tested, the State/Territory may begin submitting real monthly ACF-801 data files. 1. Notify CCARC CCARC has been tasked by CCB to track and support grantee ACF-801 data transmission activities and once a State/Territory has decided which of the three transmission options it will use, it must contact CCARC staff and inform them of that choice (see contact information in Section III). Documents that States must complete and return before a submission test can be scheduled are included in the Appendix. 2. Establish Internal Information Flow Procedures Before initiating the transmission set up procedures outlined below, it is essential first to establish effective information flow procedures between the State child care data center and the State IT site. States are encouraged to develop a procedure for transmitting the ACF-801 data to the State IT center. This procedure ensures that State child care data files are sent to the appropriate individual at the State IT site for on-time transmittal to CCBIS. Once the data file has been sent to NIH and the data are processed by CCBIS, a Summary Assessment Report (SAR) is generated and sent via e-mail to the designated personnel at your State site. Your State should identify those individuals that should receive the SAR and provide CCARC the e-mail addresses of these individuals. The Summary Assessment Report that is sent to States via e-mail after data have been submitted, received, and processed by CCBIS, serves as an important tool for assessing the quality of the data. Technical Bulletin # 9r: Using the ACF-801 Data Assessment Reports (online at time of this revision at: http://www.acf.hhs.gov/programs/ccb/report/formhelp/techbull/tb09_r1_sec1.htm) provides guidance on the interpretation and application of these reports. 3

Established information flow procedures will help States move forward more easily to implement their chosen data transmission method. 3. Establish the Dataset Naming Convention You must use the following dataset naming convention for the file being transmitted to CCBIS. If you do not follow this exact naming convention, CCBIS will not be able to process your ACF- 801 data file: VVG1IWI.PCCIS.NDM.xx.HUB.Yyyyy.Dmmdd.Thhmm where xx is the two-letter postal code abbreviation for your State, and yyyy, mmdd and hhmm respectively, are the four digit year, the two digit month and day, and the military time (based on a 24 hour clock) of the transmission. For example, if you are submitting a data file for Alabama s ACF-801 data on July 15, 2010 at 1:15 pm then the dataset name should be: VVG1IWI.PCCIS.NDM.AL.HUB.Y2010.D0715.T1315 4. Establish the Connection with NIH The State Network Systems Administrators will need to work with OIS/NIH personnel to successfully establish a connection to NIH. CCARC will help facilitate this process by providing technical information and OIS/NIH contact information. 5. Perform the Data Transmission Link and Loop Tests You must perform two separate tests on your data transmission process before you can transmit the first actual data. Test data file transmission connection: The first test verifies that there is a file transmission connection between the State and NIH. This test involves transmitting the test data file from your State site to NIH Successful completion of this test confirms that your site connects and transmits the file. NOTE: Use the following dataset name for the test data file: VVG11WI.PCCIS.NDM.xx.HUB.Tyyyy.Dmmdd.Thhmm Notice that there is a "T" instead of a "Y" that indicates the year. The T indicates that this is a data file to test the connection between the State's data transmission site and NIH and should not be processed. Test data file transmission loop: The second test is called a loop test because it checks that all aspects of the data transmission connection between sites are working properly. 4

Inform CCARC when you are ready to perform the loop test. Once the date is established, start the test by extracting and creating the ACF-801 data file and then transmit it to your State data center site. That site, in turn, transmits the data file to CCBIS using the naming convention described in Step 3 above. NOTE: When you begin the loop test, be sure to enter 111111 in the report period data element for the monthly summary record field. Using this entry tells the system that you are transmitting test data that should not be saved. III. RESOURCES FOR ASSISTANCE The Child Care Automation Resource Center (CCARC) is your primary initial point of contact as you move forward to initiate or change the transmission of the ACF-801 report. CCARC staff will provide basic information and refer you to other resources as needed. In addition, if you have general questions, contact CCARC: Toll free: 1-877-249-9117, E-mail at: ccarc@childcaredata.org. Technical Assistance Specialists are available from 9:00 am to 5:00 pm prevailing Eastern Time. 5

APPENDIX Required CCDF Data Transmission Forms Registration Forms: CyberFusion CONNECT:Direct Certification Form Secure FTP

INSTRUCTIONS FOR COMPLETING THE ACF-801 STATE REGISTRATION FORM FOR FILE TRANSMISSION USING CYBERFUSION 1. Date: Date the form is completed and sent. 2. State: Name of the State requesting connection to NIH via CyberFusion. 3. State CCDF Program Contact: The State person that is the primary data contact. 4. State System Contact: The State person responsible for maintaining/setting up CyberFusion identifiers. (This person will be contacted if there is a connection problem such as an incorrect IP address.) 5. State Network Contact: The State person responsible for maintaining/updating network connections. (This person will be contacted if there is a network problem.) 6. Platform: Indicate the type of platform where CyberFusion is hosted. 7. State IP address: State IP address used for establishing connection via CyberFusion. 8. State PORT #: State PORT number. 9. State Compression (optional): Identify compression if used by the State. 10. Encryption: As configured by NIH HIPAA encryption. (Default = RJ) 11. State ID and Password: Check Yes or No if a State requires an ID/Password. If Yes, the System Contact Person listed above will be contacted to obtain this information. The form must be signed by the ACF-801 primary State contact. Once the form is completed and signed, fax it to (301) 692-0700, Attention: CCARC or email (ccarc@childcaredata.org).

ACF-801 STATE REGISTRATION FORM FOR CYBERFUSION Items 1-3 are to be completed by the State CCDF Program contact for ACF-801. Additional information may be required at the time the file transmission test is done with your State. 1. DATE: / / 2. STATE: 3. STATE CCDF PROGRAM CONTACT: TELEPHONE: Email Items 4-12 are to be completed by a system contact. 4. STATE SYSTEM CONTACT: TELEPHONE: Email 5. STATE NETWORK CONTACT: TELEPHONE: Email 6. CYBERFUSION PLATFORM (circle one or write in): MVS or UNIX 7. IP ADDRESS: 8. PORT #: 9. COMPRESSION (optional): 10. ENCRYPTION: NIH has configured HIPAA encryption. (Default = RJ) 11. Does your State require ID Password: Yes No SIGNATURE: State CCDF Program Contact PLEASE FAX (301-692-0700) OR EMAIL (ccarc@childcaredata.org) SIGNED FORM FOR ACF USE ONLY: CONTACT REC D DATE

INSTRUCTIONS FOR COMPLETING THE ACF-801 STATE REGISTRATION FORM FOR FILE TRANSMISSION USING CONNECT:Direct Items 1-4 to be filled out by State contact for ACF-801 data (See #3 below): 1. Date: Date the form is prepared. 2. State: Name of the State requesting C:D connection to NIH. 3. State Contact, phone number, and e-mail: Primary State Child Care person who has program/policy responsibility for creating and submitting ACF-801 data. (This person will be contacted if there is a problem with the format and contents of the data.) 4. State Application Contact, phone number and e-mail: State person who is responsible for creating C:D Process and electronically submitting the data file from State C:D site to TITAN. (This person will be contacted if there is a problem with the file transmission.) Items 5-10 to be filled out by CONNECT:Direct contact: 5. State C:D Contact, phone number and e-mail: State person responsible for maintaining/setting up C:D software. (This person will be contacted if there is a C:D problem such as an incorrect Node id.) 6. State C:D Node ID: State's CONNECT:Direct Node ID. 7. Platform: Place an "X" for the appropriate platform where C:D is running 8. State IP Address: State IP address used for establishing connection via Connect:Direct 9. State Network C:D Contact, phone number and e-mail: State person responsible for maintaining/updating C:D network definitions. (This person will be contacted if there is a network problem.) 10. State point of entry security (requires ID/Password)?: Check Yes or No if point of entry security is set-up at the State s network system. If Yes, then call CCARC for instructions on how to provide your ID and Password. NOTE for ACF-801 data file transmission using CONNECT:Direct: The State MUST ensure that encryption is enabled while transferring ACF-801 data files.

ACF-801 STATE REGISTRATION FORM FOR CONNECT:DIRECT Items 1-4 to be filled out by State contact for ACF-801 data (See #3 below): 1. DATE: / / 2. STATE: 3. STATE CONTACT: TELEPHONE NUMBER ( ) E-MAIL: 4. STATE APPLICATION CONTACT: TELEPHONE NUMBER ( ) E-MAIL: Items 5-10 to be filled out by a CONNECT:Direct contact: 5. STATE C:D CONTACT: TELEPHONE: ( ) - E-MAIL: 6. STATE C:D NODE ID 7. PLATFORM: MVS UNIX 8. STATE IP Address: 9. STATE NETWORK C:D CONTACT: TELEPHONE: ( ) - E-MAIL: 10. STATE POINT OF ENTRY SECURITY (requires ID / Password)?: YES NO PLEASE FAX (301-692-0700) OR EMAIL (ccarc@childcaredata.org) COMPLETED FORM FOR ACF USE ONLY: CONTACT REC D DATE

ACF-801 STATE CERTIFICATION FORM FOR FILE TRANSMISSION USING SECURE FILE TRANSFER PROTOCOL (SFTP) When securely transmitting ACF-801 data via Secure FTP, lead agencies must certify that they are using software that meets FISMA security requirements and is FIPS 140-2 certified with the FIPS mode enabled. This will allow for the encryption of the data and secure transmission of confidential information. A list of Secure FTP software that is FIPS 140-2 certified is available at: http://csrc.nist.gov/groups/stm/cmvp/documents/140-1/1401vend.htm. Complete and return this certification form to the Child Care Bureau, care of the Child Care Automation Resource Center (CCARC): Mail: CCARC C/O GDIT 2600 Tower Oaks Boulevard, Suite 600 Rockville, MD 20852 E-mail: ccarc@childcaredata.org Fax: 301-692-0700 Secure FTP Transmission Security Certification (STATE/TERRITORY NAME) has elected to use the following Secure FTP software to transmit the required monthly ACF-801 data files to the NIH computer center, Child Care Bureau Information System (CCBIS). We certify that the Secure FTP software we are using is configured correctly to meet FISMA FIPS 140-2 security requirements and has the FIPS mode enabled. ADMINISTRATOR NAME (Please print) ADMINISTRATOR ADDRESS PHONE E-MAIL SFTP CONTACT NAME (Individual who manages the SFTP access/transmission process) SFTP CONTACT PHONE SFTP CONTACT E-MAIL ADMINISTRATOR SIGNATURE DATE: NOTE: If you need additional information please contact CCARC at 1-877-249-9117

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information