In a State with a Medicaid fraud control unit established and certified under subpart C of this part,
(1)
Refer all cases of suspected provider fraud to the unit;
(2)
If the unit determines that it may be useful in carrying out the unit's responsibilities, promptly comply with a request from the unit for—
(i)
Access to, and free copies of, any records or information kept by the agency or its contractors;
(ii)
Computerized data stored by the agency or its contractors. These data must be supplied without charge and in the form requested by the unit; and
(iii)
Access to any information kept by providers to which the agency is authorized access by section 1902(a)(27) of the Act and § 431.107 of this subchapter. In using this information, the unit must protect the privacy rights of recipients; and
(3)
On referral from the unit, initiate any available administrative or judicial action to recover improper payments to a provider.
(b)
The agency need not comply with specific requirements under this subpart that are the same as the responsibilities placed on the unit under subpart D of this part.