HITRUST and HIPAA are both relevant to healthcare data security but have different standards. HIPAA relates to federal laws that protect health information, while HITRUST is a control framework. HIPAA requires healthcare providers to adhere to three types of security safeguards, with penalties for non-adherence. HITRUST incorporates several compliance frameworks, with options for certification. Compliance with HITRUST doesn’t guarantee HIPAA compliance, as potential variations may necessitate additional actions.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is