I understood your point. At least I thought I did. I thought you were proposing that each hospital have a seperate physical LAN for patient data. Now I see your poroposal is even more absurd. You propose that a seperate WAN be created just for hostpitals. In order to make this secure, it would obviously mean running seperate physical connections, which couldn't be run to the same endpoints, meaning of course the investment of billions of dollars including the cost of new buildings, land, construction, security personnel, etc.
I suppose if by "not much of a cost difference" you mean embark on a multi-billion to trillion dollar project that will take decades to complete, then yes. The best part of your idea? It would mean people attack a diffent network, which also would have the same heartbleed style issue, since having a different network doesn't make things magically secure. Great idea though!
You have to decide if you want security or not. If you connect something to the Internet, it is not secure. This is why the military has networks that are not connected to the Internet.
To address your point about heartbleed still being an issue - it would be an 'internal' issue and as such, on a network not connected to the Internet, would not be an entrance point for anyone outside the network and it's much easier to police who does what on your own network than across the Internet.
You think only in terms of cost and not in terms of requirements. On top of that you are, of course, pulling the costs out of your ass but whatever - obviously you feel that whatever the cost would be it wouldn't be worth it to have the level of security provided, even comparing those out of your ass estimates versus the mufti-trillion dollar a year medical industry in the US.