BFCC QIO Medicare MOA Instructions

In order to participate in the Medicare program, federal law requires certain providers to have a Memorandum of Agreement (MOA) with a Quality Improvement Organization (QIO). MOAs are informational and outline the QIO’s and provider’s responsibilities during the review process.

Medicare providers in the Centers for Medicare & Medicaid Services (CMS) Areas 2, 3 and 4 (District of Columbia, Delaware, Florida, Georgia, Maryland, North Carolina, South Carolina, Virginia, West Virginia, Alabama, Arkansas, Colorado, Kentucky, Louisiana, Mississippi, Montana, North Dakota, New Mexico, Oklahoma, South Dakota, Tennessee, Texas, Utah, Wyoming, Iowa, Illinois, Indiana, Kansas, Michigan, Minnesota, Missouri, Nebraska, Ohio and Wisconsin) need to return a signed MOA to KEPRO by July 31, 2014.

Please download the MOA form and return the signed document to KEPRO by July 31, 2014:

  • Email as an attachment to, or
  • Fax to 216.654.1547 (Attn: MOA Coordinator)

We also request that you download the Provider Update form and return the completed form with your MOA so that we can update our records and better serve you.

Read more about MOA requirements.

Read More

Consonance Capital Partners Completes Acquisition of KEPRO

Medical Review and Care Management Company Is Poised for Accelerated Product Innovation and Growth

New York, NY, May 29, 2014 – Consonance Capital Partners, the private equity arm of Consonance Capital, a leading healthcare-focused investment firm, announced today that it has completed the acquisition of KEPRO from The Pennsylvania Medical Society. Founded in 1985, KEPRO is a leading medical management and cost containment solutions provider for government and private sector clients in the healthcare sector. Terms of the transaction were not disclosed.

Stephen McKenna, Managing Partner of Consonance Capital Partners, said, “KEPRO is an established national brand with an unparalleled reputation for quality in the medical management space, an area that will continue to experience strong demand as a result of shifting reimbursement models and changing regulatory requirements. We believe that KEPRO, with its world class employee base and talented management team, is poised for the next level of growth, and our investment and support for the business will help facilitate that success.”

Commenting on the transaction, Joe Dougher, President and CEO, KEPRO, said, “We are excited to work with Consonance and believe KEPRO will now be better positioned to capitalize on the many growth opportunities we are seeing in the market. We are confident that Consonance’s national reach as well as its financial and healthcare-specific industry expertise will solidify our commitment to our government and private sector customers, while improving outcomes for their members. This partnership will also enable us to accelerate our pace of expansion and contribute to the development of innovative products and services to complement our integrated suite of medical review and care management solutions.”

Consonance Capital Partners was advised by Latham & Watkins LLP, Foley & Lardner LLP, and Hogan Lovells US LLP. The Pennsylvania Medical Society was advised by McNees, Wallace & Nurick LLC. Fairmount Partners acted as the investment banker for the transaction.

About Consonance Capital

Consonance Capital is a healthcare investment firm that invests broadly across the healthcare landscape. Private investments, which include growth equity, leveraged buyouts, and recapitalizations, are made under the direction of Consonance Capital Partners, a private equity manager led by Mitchell Blutt, MD, Benjamin Edmands, Stephen McKenna, and Nancy-Ann DeParle.  Public investments are made under the direction of Consonance Capital Management, a long/short public equity manager. Consonance Capital was established in 2005 and is located in New York City.

About The Pennsylvania Medical Society

The Pennsylvania Medical Society is comprised of 20,000 physicians and medical students working together to represent physicians in public venues, including the government, insurance companies, and the media, in order to advocate for patients and advance public health, public policy, medical science, education, and ethics. It also provides members with timely information, expert services, and professional support on medical practice issues.

Read More

KEPRO Awarded CMS Beneficiary and Family-Centered Care (BFCC) Contracts

Ohio KEPRO  (KEPRO) was recently awarded three CMS Beneficiary and Family-Centered Care (BFCC) contracts that encompasses 34 states across the nation.  The Centers for Medicare and Medicaid Services (CMS) recently began restructuring the Quality Improvement Organization (QIO) Program to improve patient care, health outcomes, and save taxpayer resources.  This first phase of the restructuring awarded five areas of Beneficiary and Family-Centered Care (BFCC) QIO contractors to support the program’s case review and monitoring activities separate from the traditional quality improvement activities of the QIOs. 

QIOs historically have provided numerous quality improvement functions, including providing an infrastructure for national quality improvement initiatives across the continuum of care; today’s announcement highlights CMS’ efforts to restructure the QIO Program to gain efficiencies, to eliminate any perceived conflicts of interest, and to better address the needs of Medicare beneficiaries using BFCC QIOs to focus on providing patients a voice through conducting quality of care reviews, discharge and termination of service appeals, and other areas of required review in various provider settings.

KEPRO will be providing review of some or all of the professional activities of providers and practitioners in the QIO areas to Medicare beneficiaries; such reviews are for purposes of determining whether services are or were reasonable and medically necessary, whether the quality of the services meets professionally recognized standards of care, and, for inpatient services, whether the proposed services could be effectively provided more economically on an outpatient basis or in a different type of inpatient facility.  These reviews are integral to the determination whether items and services should be payable under the Medicare program.  “We are pleased and honored that CMS has selected KEPRO as the prime vendor to lead this initiative.  KEPRO has been serving as a Quality Improvement Organization for over 28 years and we are excited to continue and expand our partnership with CMS”, stated Joseph Dougher, KEPRO’s President and CEO.  

CMS and KEPRO will introduce the program changes with the beginning of its five year, 11th Statement of Work – the QIO contracts cycle – on Aug. 1, 2014. 

Read More

Find an Answer

Please describe KEPRO data security that ensures member information is protected.

As an organization that is charged with storing and transferring Protected Health Information (PHI), KEPRO is bound by HIPAA regulations, and is accustomed to managing the security and privacy of PHI. KEPRO currently exchanges data successfully and confidentially via secure encrypted means in support of all of our federal, state, and local government programs, and with commercial clients.

KEPRO has been implementing and supporting systems that require medical record, data security, and transmission for more than a quarter of a century, and has always placed primary importance on using systems that allow for fast and efficient connectivity, while still providing the highest level of data and system security. Our proven internal and external policies and protocols ensure compliance with state and federal laws and regulations, as well as any additional security measures you may require.

We have a stringent KEPRO Comprehensive Confidentiality Plan that governs our processes. KEPRO’s Privacy Officer, Security Officer, and the Compliance Officer have ultimate responsibility for oversight of the processes and procedures contained in the KEPRO Comprehensive Confidentiality Plan.

KEPRO's system is secure. Our information systems are secured by an in-depth strategy that utilizes multiple layers of operational, management, and technical controls to protect KEPRO assets. We also employ software programs designed to prevent unauthorized use by staff or outside entities.

All KEPRO information systems employ common security controls such as Firewalls, Anti-virus, Role Based Access, FIPS 140-2 Encryption for mobile devices, and the requirement of strong passwords. Information system users are assigned a security role based upon access requirements relevant to their positions and information/program privileges.

The HIPAA Security Rule requires entities to implement information systems that control access to healthcare and related systems. KEPRO adopts a subset of NIST 800-53 Rev 3 Security controls to maintain compliance with HIPAA. Based on these security standards, KEPRO mitigates risk to its Information system by focusing on such controls as:

  • Log-In Security. HIPAA security requires the use of secure User IDs and the use of passwords. KEPRO requires multiple account authentication processes within its information systems to verify the identities of our end-users. KEPRO's policy requires strong passwords that are changed frequently.
  • Access Control. HIPAA requires one of the following: Context Based Access, Role Based Access, or User Based Access. User Based Access is part of the Log-In Security component. KEPRO's Role Based Access gives individual users access relevant to their function in the organization.
  • Audit Trail. HIPAA requires the use of an audit trail to identify who accesses PHI. KEPRO systems track those who change the patient record, the date and time the record was modified, and the specific information changed. The system includes a read only audit trail that captures each time a system user views a case.
  • Session Time-out. KEPRO information systems account for session inactivity by locking screens after 10 minutes of inactivity.
  • KEPRO's physical space is secure. KEPRO’s computer, telephone, and hardware systems are located in climate controlled rooms with fire-suppression and electronic locking system. We allow only authorized access to the room.
  • KEPRO focuses training on confidentiality and security issues. All KEPRO employees undergo rigorous training on security and confidentiality of PHI. We have successfully provided this training to all staff regardless of their respective roles/duties.

KEPRO Headquarters

See all locations

777 East Park Drive, Harrisburg, PA 17111
Toll-free: 800.222.0771
Phone: 717.564.8288
Fax: 717.564.3862