That sounds like an explicit HIPA violation and is very much against the law for both the hospital to share the data and Facebook to do that linking. It sounds tin foil hat conspiracy to me.
its most definitely not a tin foil hat conspiracy, refer [1]. a quick google will yield many more.
regarding the HIPAA violations it is true that hospitals cant share the data, that may be the only saving grace for now but are you certain there is no loophole that can be exploited? or may be introduced in next budget? Also its definitely not illegal for FB to do the linking should they come across such data. I'd accuse you of naivety if you assume that not the direction they want to head into.
there are many scenarios I can think of that make the problems exponentially worse especially for people in countries without a well functioning justice system. IMHO the best course of action is to starve the beast.
