The purpose of this article is to review the Health Insurance Portability and Accountability Act (HIPAA), the Privacy Rule, the Security Rule, and common issues encountered by researchers related to these federal privacy and security requirements. This article discusses the misconceptions that researchers may hold about HIPAA, including the process for reviewing protected health information when preparing to conduct a study, potential constraint on participant recruitment, and application of HIPAA to a researcher's clinical population. We also present ways to reframe the negative connotations associated with this regulation and provide tips for researchers about how to work with HIPAA when planning and conducting a study and reporting on study findings. Finally, we suggest that the principles of HIPAA be considered when conducting studies in international settings.