To the extent that an entity is engaged in activities of a financial institution (as defined in section 3401 of title 12), or is engaged in authorizing, processing, clearing, settling, billing, transferring, reconciling, or collecting payments, for a financial institution, this part, and any standard adopted under this part, shall not apply to the entity with respect to such activities, including the following:
(1) The use or disclosure of information by the entity for authorizing, processing, clearing, settling, billing, transferring, reconciling or collecting, a payment for, or related to, health plan premiums or health care, where such payment is made by any means, including a credit, debit, or other payment card, an account, check, or electronic funds transfer.
(2) The request for, or the use or disclosure of, information by the entity with respect to a payment described in paragraph (1)—
(A) for transferring receivables;
(B) for auditing;
(C) in connection with—
(i) a customer dispute; or
(ii) an inquiry from, or to, a customer;
(D) in a communication to a customer of the entity regarding the customer's transactions, payment card, account, check, or electronic funds transfer;
(E) for reporting to consumer reporting agencies; or
(F) for complying with—
(i) a civil or criminal subpoena; or
(ii) a Federal or State law regulating the entity.
(Aug. 14, 1935, ch. 531, title XI, §1179, as added Pub. L. 104–191, title II, §262(a), Aug. 21, 1996, 110 Stat. 2030.)