(1) An entity that is subject to or regulated under the insurance code of 1956, 1956 PA 218, MCL 500.100 to 500.8302, is exempt from this act.

  (2) An entity that owns, is owned by, or is under common ownership with an entity described in subsection (1), and maintains the same cybersecurity procedures as that other entity, is exempt from this act.