In this example HIPAA doesn’t prevent them from being able to stop you and deny you entry unless you fill out the paperwork and have your temperature checked, but since they now have personally identifiable information and PHI (personal health information) about you they may be subject to needing to control that data securely via HIPAA-compliant controls (for example, if the data resides in a a database, forcing multi-factor authentication for access to the database, protecting it with a properly configured firewall, establishing clear logs that identify who accessed information, when, and what they accessed, controls and alerts around unauthorized access, etc).