Steps to


Joining MPOG requires a significant amount of organization and effort. Below are the regulatory, legal and technical steps necessary to join MPOG. 

Sites must fill out the online MPOG Application and identify key personnel.  Once the online application is received by the coordinating center, you will receive a welcome email and the File Checker Software (Step 2).

Key personnel include:

  • Anesthesia Department Chair
  • QI Champion, MD
  • PI Champion, MD
  • Local Technical Support* (Sample Job Posting)
  • Epic Technical Support (if using Epic as AIMS)

*Please note, although MPOG staff can provide technical consultation for implementing MPOG they cannot be the primary developers for technical implementation at your site. 

Can occur while obtaining Legal Documents (Step 3)

File Checker

After completing the online MPOG Application (Step 1), prospective sites receive a link to download MPOG’s File Checker. File Checker is a standalone application that can run on any Windows workstation and does not require the MPOG framework be installed. This allows sites to get quick and accurate feedback on their extract development without the expense of server hardware or SQL Server licensing. 

File Checker will scan extract files built for the MPOG framework to validate they pass the minimum spec (as outlined in the MPOG Import Manager File Specification Guide). If there are spec violations, it will report the file name, row number, and description of the failure. File Checker test results can be exported for further review by MPOG or internal extract development staff. For a complete step by step process, please review our File Checker User Guide.

Please note: File Checker is not capable of detecting any/all potential extract problems, nor can it determine the completeness of the data provided. Successful testing simply indicates a file can be imported into the MPOG framework. Additional validation of this data from within the MPOG Application Suite may reveal problems with extract design and/or completeness.

Intake Form

In order for the Coordinating Center to better understand how your site is organized, sites must complete an intake form. This form is required for all sites applying for MPOG membership.

Security Documentation

MPOG will complete any associated project/security documentation after a site has completed File Checker testing, the Intake Form, and the Business Associate Agreement (BAA). Prospective sites must have all required extract files and validate they meet MPOG’s minimum spec (using File Checker) and complete the Intake Form before moving to Step 4.

Please submit both the completed File Checker results and the Intake Form to

BAA required before Step 5; DUA, IRB, Bylaws, and MPOG Service Agreement required before Step 7

Complete a Business Associate Agreement (BAA)

A BAA is required for all institutions and should be vetted by your legal or contract office.  The BAA must be in place before a site can start the technical implementation (Step 5). The MPOG technical team will NOT be able to assist a site beyond Step 4 until the BAA is complete. 

A BAA is required because the HIPAA Privacy Rule requires that a covered entity obtain satisfactory assurances from its business associate that the business associate will appropriately safeguard the protected health information it receives or creates on behalf of the covered entity. Our legal department requests that sites us the University of Michigan BAA template.

Complete a Data Use Agreement (DUA)

The DUA is a contractual document used for the transfer of data that has been developed by nonprofit, government or private industry, where the data is nonpublic or is otherwise subject to some restrictions on its use. The DUA will need to be vetted by your legal or contract office and must be in place before you transfer data to MPOG (Step 7). MPOG has a DUA Template for institutions located in the state of Michigan, outside the state of Michigan, and Europe

Obtain IRB Approval from Local IRB

There are two IRBs required for MPOG participation:

  1. A centralized ‘umbrella’ IRB has been completed by the University of Michigan as the coordinating center.  This IRB enables the collection of a limited clinical dataset (date of service is included) from the multiple institutions.  This IRB does NOT need to be reproduced or established at each contributing center. As additional centers or data types are added to the MPOG effort, this centralized “umbrella” IRB will be updated with incremental addenda.
  2. The second is an institutional IRB that must be completed by all sites interested in joining MPOG.  Each institution (including the coordinating center) are required to receive a performance site IRB approval from their own IRB to send their institution’s limited clinical dataset to MPOG. The University of Michigan Performance Site Application Example as well as the IRB MPOG Protocol can be used as a model for your institution-specific IRB. 

If your site does not have a local IRB, then MPOG can oversee the IRB for your institution.  If you have any questions about the IRB process or need IRB oversight, please contact for more information.

Review, Sign and Submit MPOG Bylaws

All sites must review the MPOG Bylaws, which are the membership terms for participation, and sign via SignNow. They must be signed by the department chair / head of practice and the anesthesiology PI or quality champion from your site.  Once completed through SignNow, they will be returned to MPOG.

MPOG Service Agreement

MPOG requires a yearly fee for sites outside the state of Michigan to offset the administration fees at the Coordinating Center. In order for MPOG to invoice a site, we must put the MPOG Service Agreement in place at each new site. The service agreement will need to be vetted by your legal or contract office. It must be in place before you upload to MPOG to become an active site. . 

For any questions regarding the regulatory / legal process, please contact Tory Lacca.

Can be done concurrently with Step 2 & 3

The first step in MPOG implementation is to obtain local servers that will house your local MPOG data. These must be separate servers and can be stand alone or virtual servers. See the Server Requirements document and contact with any questions.

*Please note, a site may purchase servers before the BAA is completed.  The MPOG technical team may assist with setting up the servers but cannot move forward with any of the technical build (Step 5) until all files have met File Checker requirements and the BAA (Steps 2 & 3) is complete.

Dependent on Steps 1-4

After you have extracted files, checked them using the File Checker Software, finalized the BAA, and obtained the servers, your site can start the data configuration. Depending on your Anesthesia Information Management System (AIMS), your institution may need to develop and/or configure the data interfaces necessary to transfer your institution’s data to the central MPOG registry.

MPOG has already developed configurable data interfaces for several AIMS systems including:

  1. Centricity
  2. Cerner
  3. Epic

Your institution will need to configure the data interface to manage its institution-specific AIMS content. If your institution uses an AIMS that has data interface capabilities already developed by MPOG (see list above), the technical effort required to contribute data to MPOG is markedly reduced. If your institution uses an AIMS that does not have an existing MPOG data interface, your institution will have to develop the data interface and content mapping routines, which will require significantly more work.

For Hospitals using Epic, the MPOG users guide is located in the Epic UserWeb on Galaxy, see your Epic TS for details. The MPOG Import Manager Playbook can help guide prospective institutions through the setup of MPOG should your institution not use Epic, Cerner or Centricity.

Import Manager File Pipeline 

Additionally, there are data elements that are located outside the AIMS system, such as laboratory values, demographics information, preoperative/postoperative data, mortality, and billing data (professional fee and hospital discharge). See minimum data requirements page for a list of data elements required. 

Dependent on Steps 1 – 5

Once your site’s technical team have extracted and imported one month* of data into your MPOG local database, contact the coordinating center to schedule a meeting with an MPOG QI Coordinator

*Please Note: Importing more than one month of data initially will cause additional and duplicative work at a later date.

The Clinical Onboarding process is separated into the following steps:

    1. Variable Mapping: Maps AIMS variables to standardize MPOG concepts.
    2. Data Diagnostics: Review diagnostics to ensure MPOG data is representative of your EHR documentation; diagnostics assist in identifying mapping or extract issues before uploading to MPOG.
    3. Case Validation: Answers a series of questions in the case validation tool to validate data is pulled into your local database accurately.
      • If errors are found in steps 2 and/or 3 additional mapping updates and technical troubleshooting is likely to occur.
    4. Once the site QI Champion and MPOG Coordinator have established that one month of data has been cleaned, two additional months of data should be extracted/imported into your MPOG local database.
    5. Repeat Steps 1 – 3 on the additional two months worth of data
    6. Continue importing data into your local database until there are at least six months of data present.  Once this data has been cleaned and validated, you are ready to submit to the MPOG Central Test Database.

Dependent on Steps 1 – 6

Once the data from your institution’s AIMS, institutional data sources, and surgical outcome registries are imported and validated in your local MPOG database, they are ready for submission to the MPOG Central – Test database. Once submitted to “Test”, the MPOG research and quality directors will review the data. If any data quality issues are found upon review, a site will need to repeat portions of the clinical onboarding process to improve the data prior to uploading to the MPOG Central Database. MPOG provides utilities to help automate the two steps involved in submitting data to MPOG:

  1. PHI Scrubbing:  Your institution local servers include PHI elements that are NOT sent to the central MPOG repository. Prior to their removal, they are converted into hashed identifiers in accordance with the National Security Agency’s Secure Hashing Algorithm-256 (SHA-256). This hashing process eliminates the ability to re-identify the patient once the data is sent to MPOG. The MPOG Application Suite will also remove all protected health information (PHI) other than date of service / surgery prior to data transfer. The MPOG Application Suite will also remove all protected health information (PHI) other than date of service / surgery prior to data transfer. This includes name, date of birth, address, social security number, etc. For a complete list, please refer to HIPAA’s official PHI elements list. In addition, the suite will remove all public provider identifiers such as doctor name, doctor number (i.e. NPI), pager number, etc. However, all AIMS-generated system identifiers that are not publicly visible can and should be transmitted.
  2. Data Transfer: Your site will transfer a limited dataset to the MPOG Central – Test database using the provided transfer utility.

After approval of your site’s data in the MPOG Central-Test database, your site will be contacted by an MPOG QI Coordinator to provide next steps. In some circumstances, the data is approved immediately and you are ready to submit to the MPOG Central Production Database. In other circumstances, there may be minor changes required to the mapping or extract to meet the minimum requirements for submission to the MPOG Production environment. Either way, the QI Coordinator will provide direction and ultimately approve the site for upload to MPOG Central Production. To upload to Production, repeat PHI scrubbing and when uploading data choose “production” in the transfer utility. 

All data at the MPOG Central repository is kept within a high-security data center owned by the University of Michigan.  For more information on data security, see our Security Guidelines page.

Congratulations! Your institution is now an active member of MPOG. There are two options for participation. For more information, visit the Service Tiers webpage.

For any inquiries please email