Despite strict privacy laws, like the Health Insurance Portability and Accountability Act (HIPAA), intended to safeguard your personal medical information, medical identity theft is on the rise and that could be a prescription for financial disaster. A law passed in 2009 requires health care providers and other entities covered by HIPAA to inform the U.S. Department of Health and Human Services (HHS) and affected individuals of a medical data breach affecting 500 or more people.