HIPAA, the Health Insurance Portability and Accountability Act is now over five years old and the only way to describe it is toothless. After 2000, according to the department of Health and Human Services (HHS), there have been no fines and only two prosecutions.
It appears the HHS has no intention of protecting the privacy of your health records. The result is more medical identity theft. And the health industry is well aware that there is no need to fear a toothless law. Compliance among companies has dropped every year and is now down to only 39%.

During this next year let the new congress know that you would like HIPAA enforced and your information kept private.