(a) A managed care organization to which this subchapter applies shall:
(1) adopt a plan to prevent and reduce fraud and abuse; and
(2) annually file the plan with the office of inspector general for approval.
(b) The plan must include:
(1) a description of the organization’s procedures for:
(A) detecting and investigating possible acts of fraud or abuse;
(B) mandatory reporting of possible acts of fraud or abuse to the office of inspector general; and
(C) educating and training personnel to prevent fraud and abuse;
(2) the name, address, telephone number, and fax number of the individual responsible for carrying out the plan;
(3) a description or chart outlining the organizational arrangement of the organization’s personnel responsible for investigating and reporting possible acts of fraud or abuse;
(4) a detailed description of the results of fraud and abuse investigations the organization’s special investigative unit or the entity with which the organization contracts under § 544.0352(a)(2) conducts; and
(5) provisions for maintaining the confidentiality of any patient information relevant to a fraud or abuse investigation.

Text of section effective on April 01, 2025