Back to Solutions & Strategies

Quality Oversight

Since 1985, KEPRO Board Certified physicians and clinicians have performed millions of Peer Review cases for organizations that demand the most diligent services.

KEPRO Reviewers Have Clinical Expertise Spanning a Breadth of Disciplines. 

Our board certified physicians and clinicians are here to support your outsourcing requirements for medical peer review. Our peer review panel of experienced providers can perform specialty-matched reviews in all disciplines and provide clinical decision-making support. Using nationally recognized criteria, our panel will determine medical necessity or appropriateness of treatment. 

The benefits of outsourcing medical peer reviews include: 

  • Access to all specialty physicians
  • Removal of all opportunities for conflict of interest
  • Facilitating a culture of cohesiveness among hospital physicians
  • Objectivity and consistency of reviews
  • Defendable conclusions
  • Useful and actionable findings 

Support for all state and federal regulatory requirements (including CMS) plus accrediting bodies such as URAC, NCQA, and JCAHO. 

KEPRO’s panel of more than 500 board-certified, active, unrestricted, licensed, specialty-matched reviewers and allied health professionals render medical necessity and experimental/investigational treatment determinations. We also can call on more than 3,200 board certified (as appropriate), active, unrestricted, licensed health care providers that support specialty match review. 

KEPRO Ensures Credibility, Compliance and Responsive Service. 

KEPRO’s program complies with all DOL and State Department of Insurance requirements that are appropriate for employer groups. KEPRO provides: 

  • Qualified operational staff with an in depth knowledge of the IRO industry
  • Compliance with accrediting agency standards and DOL/ERISA guidelines
  • Quality management oversight
  • Turnaround times that comply with state and federal requirements
  • Credible, well documented review determinations
  • Processes that meet the needs of the client

KEPRO Focuses on Finding the Right Reviewers for Your Specific Situation.

We accept requests by mail, phone, fax, or online, using our proprietary, web-based system, which we use to support all of our integrated care management solutions. Once all information, including supporting documentation is entered into our system, we select reviewers based on: 

  • Same or similar specialty, dictated by medical condition, procedure, or requested treatment
  • Not involved in the initial review
  • No conflict of interest or financial affiliation with the member or the involved facility/provider

Our Reviewers Apply Nationally Recognized Clinical Criteria. 

To make evidence-based determinations, specialty reviewers may employ MCG® or InterQual®, both of which can withstand legal scrutiny. As active providers, they also consider current acceptable practice guidelines. The reviewer may render a decision to uphold the denial, modify the determination, or approve the request by reversing the original determination. 

We record the following information in the case and in the determination letter: 

  • Specific rationale
  • Why criteria were not met if the initial denial was upheld
  • State specific requirements depending on type of plan 

We also include clinical criteria used in making the determination: 

  • Date(s) of service being denied
  • Date of the notice
  • Statement of KEPRO authority and responsibility to perform the review

KEPRO Ensures Credible Quality Reviews On Time, Every Time. 

Our specialty reviews have the built-in integrity to withstand the most intense professional scrutiny. We are URAC accredited in health utilization management and meet all regulatory requirements, including the most recent AHCA specifications. And we’re licensed to perform review in 27 states requiring licensure. Having all the bases covered in advance lets us focus on delivering determinations with the speed, efficiency, and exemplary service you expect from KEPRO.

Find an Answer

Please describe KEPRO data security that ensures member information is protected.

As an organization that is charged with storing and transferring Protected Health Information (PHI), KEPRO is bound by HIPAA regulations, and is accustomed to managing the security and privacy of PHI. KEPRO currently exchanges data successfully and confidentially via secure encrypted means in support of all of our federal, state, and local government programs, and with commercial clients.

KEPRO has been implementing and supporting systems that require medical record, data security, and transmission for more than a quarter of a century, and has always placed primary importance on using systems that allow for fast and efficient connectivity, while still providing the highest level of data and system security. Our proven internal and external policies and protocols ensure compliance with state and federal laws and regulations, as well as any additional security measures you may require.

We have a stringent KEPRO Comprehensive Confidentiality Plan that governs our processes. KEPRO’s Privacy Officer, Security Officer, and the Compliance Officer have ultimate responsibility for oversight of the processes and procedures contained in the KEPRO Comprehensive Confidentiality Plan.

KEPRO's system is secure. Our information systems are secured by an in-depth strategy that utilizes multiple layers of operational, management, and technical controls to protect KEPRO assets. We also employ software programs designed to prevent unauthorized use by staff or outside entities.

All KEPRO information systems employ common security controls such as Firewalls, Anti-virus, Role Based Access, FIPS 140-2 Encryption for mobile devices, and the requirement of strong passwords. Information system users are assigned a security role based upon access requirements relevant to their positions and information/program privileges.

The HIPAA Security Rule requires entities to implement information systems that control access to healthcare and related systems. KEPRO adopts a subset of NIST 800-53 Rev 3 Security controls to maintain compliance with HIPAA. Based on these security standards, KEPRO mitigates risk to its Information system by focusing on such controls as:

  • Log-In Security. HIPAA security requires the use of secure User IDs and the use of passwords. KEPRO requires multiple account authentication processes within its information systems to verify the identities of our end-users. KEPRO's policy requires strong passwords that are changed frequently.
  • Access Control. HIPAA requires one of the following: Context Based Access, Role Based Access, or User Based Access. User Based Access is part of the Log-In Security component. KEPRO's Role Based Access gives individual users access relevant to their function in the organization.
  • Audit Trail. HIPAA requires the use of an audit trail to identify who accesses PHI. KEPRO systems track those who change the patient record, the date and time the record was modified, and the specific information changed. The system includes a read only audit trail that captures each time a system user views a case.
  • Session Time-out. KEPRO information systems account for session inactivity by locking screens after 10 minutes of inactivity.
  • KEPRO's physical space is secure. KEPRO’s computer, telephone, and hardware systems are located in climate controlled rooms with fire-suppression and electronic locking system. We allow only authorized access to the room.
  • KEPRO focuses training on confidentiality and security issues. All KEPRO employees undergo rigorous training on security and confidentiality of PHI. We have successfully provided this training to all staff regardless of their respective roles/duties.

KEPRO Headquarters

See all locations

777 East Park Drive, Harrisburg, PA 17111
Toll-free: 800.222.0771
Phone: 717.564.8288
Fax: 717.564.3862