If you work in a psych facility and you intentionally disregarded the patient's wishes regarding visitors...yeah, that was a big mistake. Psych facilities are very sensitive to patients' privacy and wishes regarding visitors. The rules are often far stricter than that of your average medical hospital, and they don't make allowances for "it's Christmas/holidays/family." If they patient says No Visitors, the answer is No Visitors, even if God shows up at the door. I'm not sure how the policies run on a psych unit in a medical facility, but I imagine they are also probably a little tighter than just your average M/S floor.
Also, a HIPAA violation doesn't have to be only for personal/malicious gain to qualify as a HIPAA violation. A lot of HIPAA violations are done out of ignorance or innocence.
I'll admit it is hard to deal with family members at times, especially around the holidays...so while I'm not saying it was an excuse, I can see how and why this happened and I'm not unsympathetic. I'm sorry you are dealing with this.
Hopefully nothing will come of this and no complaint will be filed. To help those chances, I'd do your darndest to ensure that you comply with whatever wishes this patient has for his privacy for the rest of his stay (because keep in mind he can always file one later). And don't grovel over it either--if you haven't already done so, make a sincere apology to him, but then let the topic go.
I would work with your manager to do whatever it takes to keep your job. But honestly, if they start throwing out that you did violate HIPAA, I'd call your malpractice insurance
and arrange for a lawyer to protect yourself. If it happened as you said, I don't think this was HIPAA-violation worthy.
Best of luck.