Bill Summary
The "Insurance Data Protection Act" aims to enhance the confidentiality protections surrounding data collected from insurance companies by federal financial regulators. Key provisions of the bill include:
1. **Prohibition on Direct Data Collection**: It prevents the Federal Insurance Office and other financial regulators from collecting data directly from insurance companies, reinforcing a protective stance on the data privacy of these entities.
2. **Amendments to Subpoena Authority**: The legislation repeals the authority of financial regulators to issue subpoenas specifically for insurance company data, thereby limiting their ability to compel data disclosure.
3. **Confidentiality Provisions**: The bill mandates that any data shared by insurance companies with financial regulators does not waive any legal privileges related to that data, ensuring ongoing confidentiality. It also maintains that existing agreements regarding data privacy remain intact after data is shared.
4. **Data Collection Coordination**: Before collecting data from insurance companies, financial regulators must coordinate with other relevant federal agencies and state insurance regulators to determine if the requested data is available from those sources, thereby minimizing redundant data requests.
5. **Regulatory Framework**: The legislation requires that if data cannot be obtained from other agencies, financial regulators may collect it directly from insurance companies but must adhere to strict guidelines consistent with the Paperwork Reduction Act.
Overall, the act emphasizes the importance of protecting sensitive data held by insurance companies and fosters collaboration among different regulatory bodies to streamline data collection efforts while safeguarding confidentiality.
Possible Impacts
The "Insurance Data Protection Act" could affect people in several ways:
1. **Privacy of Personal Data**: By prohibiting federal regulators from collecting data directly from insurance companies, the Act enhances the privacy of individuals' personal information. This means that sensitive data related to policyholders (e.g., health information, financial records) would have stronger protections against unauthorized access and sharing, reducing the risk of data breaches and misuse.
2. **Regulatory Oversight and Transparency**: The limitations imposed on financial regulators in collecting data may hinder their ability to effectively monitor and respond to potential risks in the insurance industry. This could impact consumers by potentially reducing the effectiveness of regulatory oversight, leading to less transparency in the market and potentially allowing harmful practices to go unchecked.
3. **Impact on Insurance Pricing and Availability**: The restrictions on data collection may make it more challenging for regulators to assess and address systemic risks within the insurance sector. This could lead to less informed decision-making regarding insurance pricing, which may result in higher premiums or reduced availability of certain types of insurance coverage for consumers, particularly in high-risk areas.
[Congressional Bills 119th Congress]
[From the U.S. Government Publishing Office]
[H.R. 3437 Introduced in House (IH)]
<DOC>
119th CONGRESS
1st Session
H. R. 3437
To prohibit the Federal Insurance Office of the Department of the
Treasury and other financial regulators from collecting data directly
from an insurance company.
_______________________________________________________________________
IN THE HOUSE OF REPRESENTATIVES
May 15, 2025
Mr. Fitzgerald (for himself, Mr. Flood, Mr. Meuser, Ms. De La Cruz, Mr.
Timmons, Mr. Garbarino, Mr. Ogles, Mr. Moore of North Carolina, Mr.
Donalds, Mr. Huizenga, Mr. Williams of Texas, Mr. Norman, Mr. Nunn of
Iowa, Mr. Loudermilk, Mr. Grothman, Ms. Hageman, and Mr. Moolenaar)
introduced the following bill; which was referred to the Committee on
Financial Services, and in addition to the Committee on Agriculture,
for a period to be subsequently determined by the Speaker, in each case
for consideration of such provisions as fall within the jurisdiction of
the committee concerned
_______________________________________________________________________
A BILL
To prohibit the Federal Insurance Office of the Department of the
Treasury and other financial regulators from collecting data directly
from an insurance company.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Insurance Data Protection Act''.
SEC. 2. REPEAL OF SUBPOENA AND ENFORCEMENT AUTHORITY.
Section 313(e) of title 31, United States Code, is amended by
striking paragraph (6).
SEC. 3. CONFIDENTIALITY BY FEDERAL INSURANCE OFFICE.
Section 313(e)(5) of title 31, United States Code, is amended--
(1) in subparagraph (A), by inserting after ``Office'' the
following: ``, or the sharing of any nonpublicly available data
and information with or by the Office among any other Federal
agency, any State insurance regulator (or any agent of such a
regulator), or any other entity,'';
(2) in subparagraph (C)(ii), by inserting ``any privilege
described in subparagraph (A) or'' after ``including''; and
(3) in subparagraph (D), by inserting ``including the
exceptions under that section,'' after ``United States Code,''.
SEC. 4. LIMITATION ON SUBPOENAS BY THE OFFICE OF FINANCIAL RESEARCH.
Section 153(f)(1) of the Financial Stability Act of 2010 (12 U.S.C.
5343(f)(1)) is amended, in the matter preceding subparagraph (A), by
inserting after ``financial company'' the following: ``(other than an
insurance company, as defined in section 201(a))''.
SEC. 5. CONFIDENTIALITY BY FINANCIAL REGULATORS.
(a) In General.--The Financial Stability Act of 2010 (12 U.S.C.
5311 et seq.) is amended by adding at the end the following:
``Subtitle D--Treatment of Data Collected From Insurance Companies
``SEC. 181. TREATMENT OF DATA COLLECTED FROM INSURANCE COMPANIES BY
FINANCIAL REGULATORS.
``(a) Definitions.--In this section:
``(1) Covered entity.--The term `covered entity' means a
nonbank financial company that is an insurance company.
``(2) Financial regulator.--The term `financial regulator'
means the Commission, the Commodity Futures Trading Commission,
the Council, the Federal banking agencies, and the Office of
Financial Research.
``(3) Insurance company.--The term `insurance company' has
the meaning given the term in section 201(a).
``(b) Advance Coordination.--
``(1) In general.--
``(A) Pre-collection.--Before collecting any data
or information pursuant to this title or title II from
a covered entity, a financial regulator shall
coordinate with each relevant Federal agency, State
insurance regulator, and other Federal or State
regulatory agency, and with any publicly available
source, to determine if the data or information to be
collected is available from, and may be obtained in a
timely manner by, that agency, regulator, or regulatory
agency, individually or collectively, or that publicly
available source.
``(B) Determinations.--
``(i) Information available.--If a
financial regulator, under subparagraph (A),
determines that the data or information
described in that subparagraph is available,
and may be obtained in a timely manner, from an
agency, regulator, regulatory agency, or source
described in that subparagraph, the financial
regulator shall obtain the data or information
from that agency, regulator, regulatory agency,
or source.
``(ii) Information unavailable.--If a
financial regulator, under subparagraph (A)
determines that the data or information
described in that subparagraph is not
available, the financial regulatory may collect
that data or information from the applicable
covered entity only if the financial regulator
complies with the requirements of subchapter I
of chapter 35 of title 44, United States Code
(commonly referred to as the `Paperwork
Reduction Act'), in collecting that data or
information.
``(2) Authority to provide information.--Notwithstanding
any other provision of law, for the purposes of paragraph (1),
each relevant Federal agency and State insurance regulator or
other Federal or State regulatory agency may provide to a
financial regulator data or information described in that
paragraph.
``(c) Confidentiality.--
``(1) Retention of privilege.--The sharing by a covered
entity of any nonpublicly available data or information with a
financial regulator under this title or title II shall not
constitute a waiver of, or otherwise affect, any privilege
arising under Federal or State law (including the rules of any
Federal or State court) to which the data or information is
otherwise subject.
``(2) Continued application of prior confidentiality
agreements.--Any requirement under Federal or State law to the
extent otherwise applicable, or any requirement pursuant to a
written agreement in effect between the original source of any
nonpublicly available data or information and the source of
that data or information to a financial regulator, regarding
the privacy or confidentiality of any data or information in
the possession of the source to a financial regulator, shall
continue to apply to that data or information after the data or
information has been provided under this section to the
financial regulator.
``(3) Information-sharing agreement.--Any data or
information obtained by a financial regulator may be made
available to State insurance regulators, individually or
collectively, through an information-sharing agreement that--
``(A) shall comply with applicable Federal law; and
``(B) shall not constitute a waiver of, or
otherwise affect, any privilege under Federal or State
law (including any privilege described in paragraph (1)
and the rules of any Federal or State court) to which
the data or information is otherwise subject.
``(4) Agency disclosure requirements.--Section 552 of title
5, United States Code, including the exceptions under that
section, shall apply to any data or information submitted to a
financial regulator by a covered entity under this section.''.
(b) Technical Amendment.--The table of contents in section 1(b) of
the Dodd-Frank Wall Street Reform and Consumer Protection Act (Public
Law 111-203) is amended by inserting after the item relating to section
176 the following:
``Subtitle D--Treatment of Data Collected From Insurance Companies
``Sec. 181. Treatment of data collected from insurance companies by
financial regulators.''.
<all>