Introduction The purpose of this report is to look back at research and news from the past year in order to identify key data points and trends that will be useful in driving healthcare security in the coming year. Healthcare leaders can use the data here to start conversations, build arguments, and develop strategy. Compiled by Thoropass, this report is meta-research that looks across multiple studies about a particular theme (in this case cybersecurity in healthcare) and pulls threads in order to point toward what will be most salient to healthcare organizations in the coming year. The research comes from a variety of government entities, journalists, and industry leaders, some reporting directly on security in healthcare and some on related topics over the last two years. Thoropass is a compliance and audit solution that eliminates the friction of infosec security so that organizations of every size and industry can aain scalable security across their systems. Thoropass Health—with the help of our Health Advisory Board—is a practice within Thoropass that works with healthcare-related organizations on compliance frameworks (such as HIPAA, HITRUST, and SOC 2), penetration testing, and the ethical use of AI (through ISO 42001, DDQs, etc.) State of Health Security 2025 | 3