Back to full list

KEPRO Awarded Additional Contract for Florida Preadmission Screening and Resident Review

HARRISBURG, PA – KEPRO announced today that it will be serving more citizens of Florida through the Preadmission Screening and Resident Review (PASRR) program on behalf of Florida’s Agency for Persons with Disabilities.

Through this new contract, KEPRO will be expanding its current PASRR Level II Evaluations and Determinations work to include the management of the program on behalf of the Agency for Persons with Disabilities (APD) to ensure individuals with intellectual or developmental disabilities receive appropriate care.

"We’re excited about our new partnership with the Agency for Persons with Disabilities," said KEPRO President and CEO Joseph A. Dougher. "With our experience serving the citizens of Florida for nearly 10 years through our PASRR program, we’ll be able to quickly and efficiently take over management of PASRR for the agency to ensure that all individuals are receiving the care and services they need."

Since 2007, KEPRO has been supporting the state in ensuring that no individual with a serious mental illness is inappropriately placed in a nursing home by completing PASRR Level II evaluations and determinations for the Florida Department of Children and Families. When nursing home level of care is found to be needed, the program will work to ensure that the patient’s mental health needs are also met.

"This collaboration between APD and KEPRO will allow the agency to continue to protect the health and safety of those that we serve," said APD Director Barbara Palmer. "I am looking forward to our newly-formed partnership."

With the new contract, KEPRO’s Florida PASRR program will now include individuals with intellectual or developmental disabilities. KEPRO will be responsible for coordinating any specialized services recommended as a result of the PASRR Level II Evaluation process. KEPRO will also provide training and consultation services related to PASRR evaluations to APD staff, Nursing Facility providers, hospitals, and other agency staff upon request.

A new website was created for the APD program to provide members and clinical professionals with the information and resources they need. To learn more about the program or to access resources, visit

To learn more about the services and solutions KEPRO offers, visit

You can also get health tips, information about our organization or learn about exciting job opportunities by following us on Twitter, on  Facebook or on LinkedIn.

Media Contact: Paige Nauman, Communications Associate,, 717.564.8288 x7041


KEPRO, the nation’s largest CMS-designated quality improvement organization and care management organization, offers innovative and outcomes-focused solutions to reduce the utilization of health care resources and optimize the quality of care for public and commercial clients. KEPRO’s comprehensive, member-centric care management solutions go far beyond traditional utilization and case management by coordinating the care provided to members with acute, chronic and complex conditions across the continuum, and identifying members who are at the highest risk for future services, but have not yet had an acute event. Tailored programs maximize members’ quality of life, and realize greater cost savings for members and clients.

Headquartered in Pennsylvania, KEPRO also has offices in Alabama, Florida, Illinois, Maine, Maryland, Massachusetts, Minnesota, Ohio, Oregon, South Carolina, Tennessee, Virginia, and West Virginia. KEPRO is URAC accredited in case management and health utilization management. We are also National Institute of Standards and Technology (NIST) and Federal Information Security Management Act (FISMA) certified.



Back to full list

Find an Answer

Please describe KEPRO data security that ensures member information is protected.

As an organization that is charged with storing and transferring Protected Health Information (PHI), KEPRO is bound by HIPAA regulations, and is accustomed to managing the security and privacy of PHI. KEPRO currently exchanges data successfully and confidentially via secure encrypted means in support of all of our federal, state, and local government programs, and with commercial clients.

KEPRO has been implementing and supporting systems that require medical record, data security, and transmission for more than a quarter of a century, and has always placed primary importance on using systems that allow for fast and efficient connectivity, while still providing the highest level of data and system security. Our proven internal and external policies and protocols ensure compliance with state and federal laws and regulations, as well as any additional security measures you may require.

We have a stringent KEPRO Comprehensive Confidentiality Plan that governs our processes. KEPRO’s Privacy Officer, Security Officer, and the Compliance Officer have ultimate responsibility for oversight of the processes and procedures contained in the KEPRO Comprehensive Confidentiality Plan.

KEPRO's system is secure. Our information systems are secured by an in-depth strategy that utilizes multiple layers of operational, management, and technical controls to protect KEPRO assets. We also employ software programs designed to prevent unauthorized use by staff or outside entities.

All KEPRO information systems employ common security controls such as Firewalls, Anti-virus, Role Based Access, FIPS 140-2 Encryption for mobile devices, and the requirement of strong passwords. Information system users are assigned a security role based upon access requirements relevant to their positions and information/program privileges.

The HIPAA Security Rule requires entities to implement information systems that control access to healthcare and related systems. KEPRO adopts a subset of NIST 800-53 Rev 3 Security controls to maintain compliance with HIPAA. Based on these security standards, KEPRO mitigates risk to its Information system by focusing on such controls as:

  • Log-In Security. HIPAA security requires the use of secure User IDs and the use of passwords. KEPRO requires multiple account authentication processes within its information systems to verify the identities of our end-users. KEPRO's policy requires strong passwords that are changed frequently.
  • Access Control. HIPAA requires one of the following: Context Based Access, Role Based Access, or User Based Access. User Based Access is part of the Log-In Security component. KEPRO's Role Based Access gives individual users access relevant to their function in the organization.
  • Audit Trail. HIPAA requires the use of an audit trail to identify who accesses PHI. KEPRO systems track those who change the patient record, the date and time the record was modified, and the specific information changed. The system includes a read only audit trail that captures each time a system user views a case.
  • Session Time-out. KEPRO information systems account for session inactivity by locking screens after 10 minutes of inactivity.
  • KEPRO's physical space is secure. KEPRO’s computer, telephone, and hardware systems are located in climate controlled rooms with fire-suppression and electronic locking system. We allow only authorized access to the room.
  • KEPRO focuses training on confidentiality and security issues. All KEPRO employees undergo rigorous training on security and confidentiality of PHI. We have successfully provided this training to all staff regardless of their respective roles/duties.

KEPRO Headquarters

See all locations

777 East Park Drive, Harrisburg, PA 17111
Toll-free: 800.222.0771
Phone: 717.564.8288
Fax: 717.564.3862