Insurance Data Protection Act

(1) in subparagraph (A), by inserting after Office the following:, or the sharing of any nonpublicly available data and information with or by the Office among any other Federal agency, any State insurance regulator (or any agent of such a regulator), or any other entity,;

(2) in subparagraph (C)(ii), by inserting any privilege described in subparagraph (A) or after including; and

(3) in subparagraph (D), by inserting including the exceptions under that section, after United States Code,.

The Financial Stability Act of 2010 (12 U.S.C. 5311 et seq.) is amended by adding at the end the following:

In this section:

The term covered entity means a nonbank financial company that is an insurance company.

The term financial regulator means the Commission, the Commodity Futures Trading Commission, the Council, the Federal banking agencies, and the Office of Financial Research.

The term insurance company has the meaning given the term in section 201(a).

Before collecting any data or information pursuant to this title or title II from a covered entity, a financial regulator shall coordinate with each relevant Federal agency, State insurance regulator, and other Federal or State regulatory agency, and with any publicly available source, to determine if the data or information to be collected is available from, and may be obtained in a timely manner by, that agency, regulator, or regulatory agency, individually or collectively, or that publicly available source.

If a financial regulator, under subparagraph (A), determines that the data or information described in that subparagraph is available, and may be obtained in a timely manner, from an agency, regulator, regulatory agency, or source described in that subparagraph, the financial regulator shall obtain the data or information from that agency, regulator, regulatory agency, or source.

If a financial regulator, under subparagraph (A) determines that the data or information described in that subparagraph is not available, the financial regulatory may collect that data or information from the applicable covered entity only if the financial regulator complies with the requirements of subchapter I of chapter 35 of title 44, United States Code (commonly referred to as the ‘Paperwork Reduction Act ’), in collecting that data or information.

Notwithstanding any other provision of law, for the purposes of paragraph (1), each relevant Federal agency and State insurance regulator or other Federal or State regulatory agency may provide to a financial regulator data or information described in that paragraph.

The sharing by a covered entity of any nonpublicly available data or information with a financial regulator under this title or title II shall not constitute a waiver of, or otherwise affect, any privilege arising under Federal or State law (including the rules of any Federal or State court) to which the data or information is otherwise subject.

Any requirement under Federal or State law to the extent otherwise applicable, or any requirement pursuant to a written agreement in effect between the original source of any nonpublicly available data or information and the source of that data or information to a financial regulator, regarding the privacy or confidentiality of any data or information in the possession of the source to a financial regulator, shall continue to apply to that data or information after the data or information has been provided under this section to the financial regulator.

Any data or information obtained by a financial regulator may be made available to State insurance regulators, individually or collectively, through an information-sharing agreement that—

(A) shall comply with applicable Federal law; and

(B) shall not constitute a waiver of, or otherwise affect, any privilege under Federal or State law (including any privilege described in paragraph (1) and the rules of any Federal or State court) to which the data or information is otherwise subject.

Section 552 of title 5, United States Code, including the exceptions under that section, shall apply to any data or information submitted to a financial regulator by a covered entity under this section.

The table of contents in section 1(b) of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Public Law 111–203) is amended by inserting after the item relating to section 176 the following: