Take a compliance self-assessment provided by the publisher HIPAA Journal. Download Now Are you covered? Half of all PHI breaches come from insider data theft or user negligence. HIPAA requires organizations to keep PHI secure for an extended period of time in order to demonstrate compliance and to respond to information requests.