You can file a complaint with HHS Office of Civil Rights. This can be done on-line. The medical facility will most likely be investigated and then perhaps fined for violating the HIPAA Privacy Rule. Unfortunately, there is no private lawsuit cause-of-action given by the HIPAA law. However, the State of Ohio does recognize a tort cause-of-action for violation of privacy related to unauthorized disclosure of medical records. The big problem is proving damages by the hospital's illegal action. It's tough to put a price on family discord. A consultation with a privacy attorney may be indicated.
This post is not meant to: 1) contain my signature; 2) contain legal advice; 3) create an attorney/client relationship; or 4) guarantee confidentiality.
You probably do not have a case against the hospital, the authorization form gave your girlfriend rights to your information but did not explicitly require the hospital not to inform your next of kin, nor did it cut off their rights to make decisions for you.
In addition, under hipaa, you as an individual have no private right of action. Therefore your sole recourse is to lodge a report with the hospital's privacy officer and with the office of civil rights of HHS.
I am licensed in New Mexico and Pennsylvania, and therefore any discussion of issues related to other states must considered within that context. In addition, my comments are not intended to create a legal representation but merely to respond to the limited facts presented by the question. Any opinion herein is not meant as a precise statement of legal rights or as a recommendation of any particular course of action. A more complete legal review can be obtained through local counsel.