Back to Services

KEPRO Peer Reviews and Credentialing

KEPRO offers customizable care management solutions to improve the health and quality of life of our members, while reducing client costs. Our mission is to advance the quality and efficiency of health care through integrated care management solutions tailored to the needs of our customers and stakeholders.

Headquartered in Pennsylvania, KEPRO is a nationally recognized provider of health care management solutions in both state and federal government, as well as commercial clients, providing prior authorization, utilization and specialty review, and case and disease management services.

Interested in Becoming a Peer Reviewer for KEPRO?

You can apply by filling out our Peer Reviewer Application.

Joining our team of peer reviewers indicates a significant interest in continuing the improvement of quality and utilization of health care services for vulnerable populations.

Warning Icon

Please do not email your credentialing/recredentialing applications. Instead, send them through KEPRO's secure fax number:


Peer Reviewer Tools

To access the peer reviewer tools, please visit this page...


What to Expect with Case Review

KEPRO provides liability coverage for peer reviewer activities and the reviewer’s name will remain confidential except in instances where identification is required by law or by specific contract. We provide compensation for our reviewers based on the type of review or service being requested and/or amount allowed by the individual customer for whom the work is being performed. Compensation of services will be made within 45 days of receipt of the completed report and invoice. 

While we cannot guarantee any pre-established volume commitments, your approval as a credentialed peer reviewer will present you with opportunities to work with our organization in both the private and public sector. 


Need assistance or have any questions? Contact:

Judy McBurnie
Credentialing Specialist
P: 717.564.8288 x7090

Mary Magaro
Credentialing Specialist
P: 717.564.8288 x7028

Warning Icon

Please do not email your credentialing/recredentialing applications. Instead, send them through KEPRO's secure fax number:

Find an Answer

Please describe KEPRO data security that ensures member information is protected.

As an organization that is charged with storing and transferring Protected Health Information (PHI), KEPRO is bound by HIPAA regulations, and is accustomed to managing the security and privacy of PHI. KEPRO currently exchanges data successfully and confidentially via secure encrypted means in support of all of our federal, state, and local government programs, and with commercial clients.

KEPRO has been implementing and supporting systems that require medical record, data security, and transmission for more than a quarter of a century, and has always placed primary importance on using systems that allow for fast and efficient connectivity, while still providing the highest level of data and system security. Our proven internal and external policies and protocols ensure compliance with state and federal laws and regulations, as well as any additional security measures you may require.

We have a stringent KEPRO Comprehensive Confidentiality Plan that governs our processes. KEPRO’s Privacy Officer, Security Officer, and the Compliance Officer have ultimate responsibility for oversight of the processes and procedures contained in the KEPRO Comprehensive Confidentiality Plan.

KEPRO's system is secure. Our information systems are secured by an in-depth strategy that utilizes multiple layers of operational, management, and technical controls to protect KEPRO assets. We also employ software programs designed to prevent unauthorized use by staff or outside entities.

All KEPRO information systems employ common security controls such as Firewalls, Anti-virus, Role Based Access, FIPS 140-2 Encryption for mobile devices, and the requirement of strong passwords. Information system users are assigned a security role based upon access requirements relevant to their positions and information/program privileges.

The HIPAA Security Rule requires entities to implement information systems that control access to healthcare and related systems. KEPRO adopts a subset of NIST 800-53 Rev 3 Security controls to maintain compliance with HIPAA. Based on these security standards, KEPRO mitigates risk to its Information system by focusing on such controls as:

  • Log-In Security. HIPAA security requires the use of secure User IDs and the use of passwords. KEPRO requires multiple account authentication processes within its information systems to verify the identities of our end-users. KEPRO's policy requires strong passwords that are changed frequently.
  • Access Control. HIPAA requires one of the following: Context Based Access, Role Based Access, or User Based Access. User Based Access is part of the Log-In Security component. KEPRO's Role Based Access gives individual users access relevant to their function in the organization.
  • Audit Trail. HIPAA requires the use of an audit trail to identify who accesses PHI. KEPRO systems track those who change the patient record, the date and time the record was modified, and the specific information changed. The system includes a read only audit trail that captures each time a system user views a case.
  • Session Time-out. KEPRO information systems account for session inactivity by locking screens after 10 minutes of inactivity.
  • KEPRO's physical space is secure. KEPRO’s computer, telephone, and hardware systems are located in climate controlled rooms with fire-suppression and electronic locking system. We allow only authorized access to the room.
  • KEPRO focuses training on confidentiality and security issues. All KEPRO employees undergo rigorous training on security and confidentiality of PHI. We have successfully provided this training to all staff regardless of their respective roles/duties.

KEPRO Headquarters

See all locations

777 East Park Drive, Harrisburg, PA 17111
Toll-free: 800.222.0771
Phone: 717.564.8288
Fax: 717.564.3862