Sort of, but this kind of hypocrisy in US legislation is common. I've turned up only a few articles/links on this matter.
Apparently this falls under IRC 6039G, which appears to have nothing to do with HIPPA?
Notwithstanding any other provision of law, not later than 30 days
after the close of each calendar quarter, the Secretary shall
publish in the Federal Register the name of each individual losing
United States citizenship (within the meaning of section 877(a))
with respect to whom the Secretary receives information under the
preceding sentence during such quarter.
It's not that uncommon for citizenship changes, in either direction, to be public record. In some countries they're even pro-forma passed as laws through parliament, which of course then becomes public record. (In Denmark, at least, only the parliament has the right to grant or revoke Danish citizenship for any reason, an old restriction intended as a protection against the King arbitrarily doing so. In practice the immigration authorities draw up lists of people, and Parliament rubber-stamps the lists a few times a year, reading them into the legislative record.)
Another reason to make them public is that otherwise there's no way to determine if someone is actually a U.S. citizen, since there's no central register. For example, someone with a birth certificate showing they were born in the U.S. is a U.S. citizen by birth... unless they've renounced it. So to determine if someone is a citizen you need: 1) a copy of their birth certificate; and 2) a list of renunciations so you can check that they aren't on it. Sort of like how key revocation works in crypto— you can't actually haul back the original documents, so you have to publish a revocation list.
It's a revenue offset for the actual HIPAA-y part of HIPAA.
IE HIPAA will cost the govt money, which will be offset by such and such provisions for raising revenue, including changes to the rules for taxing expatriates who renounced their citizenship for tax avoidance purposes.
Looking at the law [1] it seems to be part of Section V, entitled "Revenue Offsets".
According to sources I could find online [2], it looks like prior to the law, people who gave up their citizenship were not required to report it to the IRS, even if they were doing so in order to avoid taxes (which is illegal [3]).
As far as as HIPAA, I was slightly surprised too (although I must say, not very surprised). The long title of HIPAA is "An Act To amend the Internal Revenue Code of 1986 to [lots of stuff about health care] and for other purposes." This definitely falls into the "for other purposes."
I don't know about the wording of the law but in the actual implementations I've done it does provide a measure of privacy and accountability. HIPAA-compliant companies are required to keep your data from being seen by anybody you haven't allowed to see it and for like the programmers working on the HIPAA system who might be exposed to your data you're required to not provide raw access to the data and keep a auditing log of who saw it and when.
Apparently this falls under IRC 6039G, which appears to have nothing to do with HIPPA?
http://www.taxalmanac.org/index.php/Internal_Revenue_Code:Se...