The "Insurance Data Protection Act" aims to significantly restrict the ability of federal financial regulators, including the Federal Insurance Office (FIO) and the Office of Financial Research (OFR) , to directly collect data from insurance companies. It specifically repeals the FIO's direct subpoena and enforcement authority and exempts insurance companies from the OFR's direct subpoena power. Under this Act, before any financial regulator can collect data from an insurance company, it must first coordinate with relevant federal and state agencies or public sources to determine if the information is already available. If the data can be obtained from these existing sources in a timely manner, the regulator is mandated to acquire it from them . Direct collection from an insurance company is only permitted if the data is unavailable elsewhere and the regulator complies with the requirements of the Paperwork Reduction Act . Furthermore, the bill strengthens confidentiality protections for insurance data. It clarifies that sharing nonpublic data with a financial regulator does not waive any existing privileges, and prior confidentiality agreements remain applicable. Any data obtained by a financial regulator may only be shared with State insurance regulators through an information-sharing agreement that upholds federal law and preserves all privileges.