SFTP Setup Documentation v1
![[Deleted User]](https://w7.vanillicon.com/v2/7dff26a9d468db847108da180a72c800.svg)
What
Your facility is implementing Bluesight’s ControlCheck software solution to automate the reconciliation process for controlled substances and identify patterns in the documentation, usage and handling of these medications. This reconciliation requires data from both the automated dispensing cabinets and electronic health record, and your facility has elected to use SFTP to automate the delivery of the required reports to the Bluesight server. The Bluesight application url is app.bluesight.com.
How
The Bluesight for Controlled Substances’ SFTP server uses public/private key authentication and allows access only from known IP addresses. The server resides within Amazon Web Services’ Elastic Compute Cloud (EC2) and is accessible at sftp.secure.bluesight.com. SSH access to the service is limited to Kit Check authorized users and systems within our private network. Our Processing Service monitors for new files, identifies the originating facility, and uploads the file to an encrypted bucket in Amazon’s Simple Storage Service (S3) for processing by our PHI Service.* Once the file is successfully loaded into S3, the facility file is deleted from the SFTP directory by the Processing Service.
Facility Specifics
Initiating facility:
- Username is <Hospital Name>
- Provide SSH-RSA public/private key pair
- If you are unsure how to generate an SSH-RSA key pair on Windows follow these instructions: https://www.ssh.com/academy/ssh/putty/windows/puttygen
Be sure to select RSA as the key type, a passphrase is not necessary. - If you are using Mac/Linux you can run the command
ssh-keygen -t rsaa passphrase is not necessary. - Once generated you will provide the public key to Bluesight.
- This is an example of the formatting expected for the public key (this is a fake example key):
- If you are unsure how to generate an SSH-RSA key pair on Windows follow these instructions: https://www.ssh.com/academy/ssh/putty/windows/puttygen
- Provide a Public IP range for each machine that will be sending files
- If both source system file transfers will originate from the same machine, one IP range is expected
- Provide file naming convention for each file type and source system
- File Format: CSV pipe-delimited is preferred
- File Name: The file name should follow the schema and can only contain letters, numbers, and underscores.
- bluesight_healthsystem_hospitalname_sourcesystem_date.csv
- Upload cadence: daily (preceding 24 hours) running Monday 12:00:00am through Sunday 11:59:59pm)
Destination server:
- Host name is sftp.secure.bluesight.com
- Port: 22
- IP addresses 18.204.100.14 and 18.204.149.26
- Uploads will be placed in the default directory upon login: ./uploads/<folder_name>
*For more information on the PHI Service and data security within Bluesight, please see the “PHI Guide: Architecture and Handling of Protected Health Information (PHI) in Bluesight for Controlled Substances.”