The American Medical Informatics Association and the American Health Information Management Association have called for an update to the Health Insurance Portability and Accountability Act (HIPAA) in order to improve patient access to their health data. The groups suggest establishing a new health data set to include clinical, biomedical, and claims data maintained by healthcare providers, or revising HIPAA’s existing “designated record set” definition to require health IT products to provide patient data digitally. The groups are also calling for clarity on regulatory guidance related to third-party legal requests for patient information.
Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is
