Group items tagged

Industry Insiders Discuss HIT and HIPAA Issues March 30, 2009 by Astrid Fiano, Writer A significant part of President Obama's health care reform agenda is the push for implementing more health care technology. In the health care field privacy is always a major concern, and was the impetus of the Health Insurance Portability and Accountability Act of 1996--protecting the privacy of individually identifiable health information in all formats, and the confidentiality provisions of the Patient Safety Act--protecting identifiable information being used to analyze patient safety events. So those in the health care industry now wonder will the Administration's focus on health IT (HIT) present more challenges to privacy concerns? As part of a continuing focus on HIT issues, DOTmed interviewed industry expert Kirk J. Nahra, a partner in the Washington D.C. legal firm of Wiley Rein LLP, specializing in privacy and information security for the health care and insurance industries, and named an expert practitioner by the Guide to the Leading U.S. Healthcare Lawyers. DOTmed also interviewed Lise Rauzi, Vice President, Training Development, for Health Care Compliance Strategies (HCCS). HCCS provides online training compliance for employees. Nahra notes that regardless of the rising concern over privacy and the new HIT legislation, there have already been formal HIPAA security rules on electronic information in place for several years--the health care industry compliance has just been inconsistent. The problem -- to the extent there is one -- is that HIPAA rules are process-oriented, Nahra explained. The rules don't tell an entity what to do, but rather what to evaluate--a standard set of questions, but without a standard set of answers. For example, a covered entity has to have an internal audit, but the rules do not tell the entity how best to carry out that internal audit. Not surprisingly, different businesses have different ideas on how to implement their HIPAA evaluations

67% of French Organisations Hit By One or More Data Breach Incidents Within Last Twelve Months Research from Ponemon Institute Reveals that only 9 Percent of Respondents have an Overall Encryption Plan or Strategy Applied Consistently across the Enterprise PARIS and MENLO PARK, Calif., Sept. 9 /PRNewswire/ -- PGP Corporation, a global leader in enterprise data protection, has announced the results of its inaugural annual study by The Ponemon Institute, identifying the steps French organisations are taking in order to safeguard their confidential data. The 2009 Annual Study: France Enterprise Encryption Trends study, which polled 414 IT security professionals at enterprises and public sector organisations, found that 67 percent of French organisations have been hit by at least one data breach incident within the last year, with 18 percent having been hit by more than five incidents. A massive 92 percent of the data breaches were never disclosed as there was no legal or regulatory requirement to do so. Despite the large number of data breach incidents, 71 percent responded that data protection was a 'very important' or 'important' part of their risk management strategy, with protecting sensitive or confidential information in motion (transfer) or at rest (storage) their top priority.

As health care providers determine how they will take advantage of the $19 billion allocated in the stimulus package to help jumpstart advances in health information technology (HIT), consumer appetite for electronic health records (EHRs), online tools and services is also growing, according to the results of the 2009 Deloitte Survey of Health Care Consumers (www.deloitte.com/us/2009consumersurvey). While only 9 percent of consumers surveyed have an electronic personal health record (PHR), 42 percent are interested in establishing PHRs connected online to their physicians. Fifty-five percent want the ability to communicate with their doctor via email to exchange health information and get answers to questions. Fifty-seven percent reported they'd be interested in scheduling appointments, buying prescriptions and completing other transactions online if their information is protected. Technologies that can facilitate consumer transactions with providers and health plans, like integrated billing systems that make bill payment faster and more convenient, are also appealing to nearly half (47 percent) of consumers surveyed. The survey of more than 4,000 U.S. consumers 18 and over was released today at the Healthcare Information and Management Systems Society (HIMSS) Annual Conference held in Chicago. It is the second annual study examining health care consumers' attitudes, behaviors and unmet needs conducted by the Deloitte Center for Health Solutions offering health care industry leaders and policymakers a timely look at how health care consumerism is evolving. "Consumers are increasingly embracing innovations that enhance self-care, convenience, personalization and control of personal health information," said Paul H. Keckley, Ph.D., executive director, Deloitte Center for Health Solutions. "Consumers want a bigger say in their health care decisions. Consumer demand for HIT and its potential impact on reforming the system has never been stronger." Despite strong con

IT and business both understand the need to protect regulated customer and business data -- so long as they're in business, analysts say. Here's a look at how some folding businesses are falling short protecting data and the possible liabilities for the IT group and CIO. From HIPPA to Sarbox, a slew of regulations to protect customer and employee data force CIOs to step lively to comply. The punishment for failure to do so is costly and even dire. But once a company folds-and more are folding every week given the economy-what happens to that data? Who in the business and IT could be hit by the splatter if it all hits the fan? "Certain companies have been disposing of records containing sensitive consumer information in very questionable ways, including by leaving in bags at the curb, tossing it in public dumpsters, leaving it in vacant properties and/or leaving it behind in the offices and other facilities once they've gone out of business and left those offices," says Jacqueline Klosek, a senior counsel in Goodwin Procter's Business Law Department and a member of its Intellectual Property Group. "In addition, company computers, often containing personal data, will find their ways to the auction block," she adds. "All too often, the discarded documents and computer files will sensitive data, such as credit card numbers, social security numbers and driver's licenses numbers. This is the just the kind of data that can be used to commit identity theft." Discarded and unguarded data is now low-hanging fruit for criminal harvesters and corporate spies. "Recent client activity supports that competitors are beginning to buy up such auction devices specifically with the intention of trying to salvage the data," says James DeLuccia, author of IT Compliance & Controls. "Hard drives are being removed and sold online, or whole servers are sold via Craigslist and Ebay." In some cases, the courts insist data be sold during a bankruptcy. "Company servers, once I restore

Will monetary value increase the value of user's data on social networks?

Facebook and Twitter have helped make social networking a household word. Now they need to make money. Efforts to monetize the popular Internet services are increasingly a priority within the two companies, with Facebook Chief Executive Mark Zuckerberg and Twitter Co-founder Biz Stone outlining several initiatives at the Reuters Global Technology Summit in New York this week. And analysts and investors, in search of the next Google-like hit, are paying close attention to the breakneck speed at which Facebook and Twitter are adding new users. While the popularity of the two social media firms has yet to translate into the kind of revenue-generating machine that Google Inc developed with its search advertising business, some say Facebook and Twitter have become so central to the Internet experience that they are inherently valuable. "Both are new ways of communicating. And when you have a new way of communicating ... you benefit people enough so that there is going to be value there," said Tim Draper, managing director of venture capital firm Draper Fisher Jurvetson, noting that he regretted not having invested in either firm. In April, Twitter's website attracted 17 million unique visitors in the United States, up sharply from 9.3 million the month before. Facebook grew to 200 million active users in April, less than a year after hitting 100 million users.

Last week, a commercial Twitter spamming tool (tweettornado.com) pitching itself as a "fully automated advertising software for Twitter" hit the market, potentially empowering phishers, spammers, malware authors and everyone in between with the ability to generate bogus Twitter accounts and spread their campaigns across the micro-blogging service. TweetTornado allows users to create unlimited Twitter accounts, add unlimited number of followers, which combined with its ability to automatically update all of bogus accounts through proxy servers with an identical message make it the perfect Twitter spam tool. TweetTornado's core functionality relies on a simple flaw in Twitter's new user registration process. Tackling it will not render the tool's functionality useless, but will at least ruin the efficiency model. Sadly, Twitter doesn't require you to have a valid email address when registering a new account, so even though a nonexistent@email.com is used, the user is still registered and is allowed to use Twitter. So starting from the basics of requiring a validation by clicking on a link which will only be possible if a valid email is provided could really make an impact in this case, since it its current form the Twitter registration process can be so massively abused that I'm surprised it hasn't happened yet. Once a Twitter spammer has been detected, the associated, and now legitimate email could be banned from further registrations, potentially emptying the inventory of bogus emails, and most importantly making it more time consuming for spammers to abuse Twitter in general. If TweetTornado is indeed the advertising tool of choice for Twitter marketers, I "wonder" why is the originally blurred by the author Twitter account used in the proof (twitter.com/AarensAbritta) currently suspended, the way the rest of the automatically registered ones are? Pretty evident TOS violation, since two updates and 427 followers in two hours clearly indicat

"A Texas bank is suing a customer hit by an $800,000 cybertheft incident in a case that could test the extent to which customers should be held responsible for protecting their online accounts from compromises. The incident, which was first reported by blogger Brian Krebs this week, involves Lubbock-based PlainsCapital bank and its customer Hillary Machinery Inc. of Plano. In November, unknown attackers based in Romania and Italy initiated a series of unauthorized wire transfers from Hillary's bank accounts and depleted it by $801,495. About $600,000 of the amount was later recovered by PlainsCapital. Hillary demanded that the bank repay it the rest of the stolen money. In a letter to the bank in December, Hillary claimed that the theft happened only because PlainsCapital had failed to implement adequate security measures. PlainsCapital promptly filed a lawsuit in the U.S. District Court for the Eastern District of Texas asking the court to certify that its security procedures were "commercially reasonable." In its complaint, the bank noted that it had made every effort to recover the stolen money."

Bank sues theft victim in pre-emptive strike

Former Booz Allen Hamilton management consultant Melissa Hathaway's much anticipated 60-day review of U.S. cybersecurity policy is scheduled to hit President Obama's desk this Friday. All eyes of the tech security community will be watching. It will signal what approach Obama will take in the complicated task of stemming cyber threats. Obama has said he will make the Internet safer for citizens and businesses, while playing catchup to China and Russia who are far ahead in the cyberwarfare arms race. "We're trying to do cybersecurity in a democracy," says Leslie Harris, President and CEO of the Center for Democracy & Technology. "Doing cybersecurity in China, my guess, is a lot easier." CDT held a press briefing this morning at which it warned that a cybersecurity bill, introduced earlier this month by Sen. John Rockefeller, D-W.Va, and Sen. Olympia Snowe, R-Maine, is the first of several that likely will be proposed once Hathaway's review is out. Harris said CDT agrees with a provision in the Rockefeller-Snowe bill that would create a cabinet-level cybersecurity adviser reporting directly to President Obama, but questions some of the extraordinary federal enforcement powers that could be created. CDT says it doesn't want citizens' civil liberties trampled upon. CDT general counsel Greg Nojeim gave Hathaway high marks for keeping her review process relatively open, in contrast to the Bush administration's penchant for secrecy. "So far the White House review team gets high grades on transparency," Nojeim said. Hathaway has held closed briefings in the past several weeks with Congressional committees, industry groups and privacy organizations, said Nojeim. "But the real test will be whether their recommendations reflect a commitment to transparency in the execution of the program," said Nojeim.

Like this http://cheaptravelbooker.com Like this http://cheaptravelbooker.com like this http://killdo.de.gg travel,hotel,fun,hotel new,new offer,hotel best,best hotel,hotel travel,seo,backlinks,edu,gov,ads,indexing,bookmark,killgoggle,gogglesuck,goggle bookmark,kill goggle,yahoo,bing,indexing,quality links,linkwell,traffic boster,index best

As if you needed another sign that times are tough, here's a fairly reliable measure: The number of cases handled by the advertising industry's best-kept secret -- self-regulation -- are on the rise. Last year the National Advertising Division of the Council of Better Business Bureaus handled 214 cases, up 22% from 2007. And in 2008 ad challenges, in which one advertiser challenges a competitor's claim, rose 31% to 81 cases. Why the increased activity? It's a deadly fight for share of market out there, and in down times advertisers tend to revert to hard-hitting comparative advertising. NAD's purpose is to substantiate these kinds of attack ads, and it can do it faster and cheaper than litigation can. The Federal Trade Commission seems to like the idea of letting advertisers settle their own disputes. When the National Advertising Review Council, the body that sets the policies and procedures for the NAD to enforce, started 38 years ago, then-FTC Chairman Bob Pitofsky wasn't an early convert. "If the truth be known," he said 10 years ago, "there was some skepticism about how the whole thing would work. The FTC had been burned time and time again by unkept promises of self-regulation by other industries. But this group has proved the skeptics wrong. Today, advertising has the best self-regulatory system of any industry in the country." The outgoing chairman of the FTC, William Kovacic, is also a fan. But the current crop of FTC commissioners don't seem as convinced, although they seem somewhat willing to give self-regulation a chance. In issuing guidelines for online behavioral advertising, FTC Commissioner Jon Leibowitz said the industry needs to do a better job of "meaningful, rigorous self-regulation, or it will certainly invite legislation by Congress and a more regulatory approach by our commission."A joint industry task force quickly seized on that statement as an endorsement for self-regulation, and said it supported FTC's goal of a "comprehensive and eff

Financial fraud last year caused 7.5 percent of all adults in the United States to lose money, largely because of data breaches. That's the finding of a survey conducted by Stamford, Conn. research firm Gartner. The survey polled 5,000 U.S. adults and also found that when compared with average consumers, nearly twice as many people who lost money to fraud changed their shopping, payment, and e-commerce behavior. In particular, victims of electronic checking and/or savings account transfer fraud were nearly five times more likely to change banks because of security concerns. "Fraud victims are also more cautious about which brick-and-mortar stores they shop at and how they pay for goods when they get there, demonstrating more awareness of the risk of data breaches," said Avivah Litan, vice president and distinguished analyst at Gartner, in a news release. High-tech crimes, such as data breaches (which typically involve hacking into enterprise systems) and phishing attacks against consumers, are the most prevalent causes of payment card fraud. Gartner found that financial losses were highest with new-account, credit card and brokerage fraud, with average losses per incident totaling $1,097, $929 and $900, respectively. However, victims of brokerage, credit card and debit/ATM card fraud find it easiest to recover their losses, receiving an average of 100 percent, 86 percent, and 77 percent of the funds stolen, respectively.

The first sign that something was wrong seemed harmless: A new Dell credit card arrived in my mail one afternoon. More landed in the mailbox the next day. Macy's. Bloomingdale's. Crate and Barrel. Radio Shack. Then later: Visa Sony, Toys R Us and Lowe's cards turned up. I didn't request any of these cards. My first call to Dell revealed what I suspected. Someone had applied for a credit card using my name. I felt violated and vulnerable. Then, it hit me: I've become a statistic, a victim of identity theft. A thief had taken my name, my credit and my identity and managed to spend more than $8,000 (money that, I'm grateful, I didn't have to pay). I still don't know who the culprit was or how it happened. All I know is that if this happened to me - a Sun Sentinel consumer affairs and watchdog reporter - it can happen to anybody. Thieves move quickly Identity theft is the fastest growing crime in the United States, according to the Federal Trade Commission, which enforces identity theft laws. Experts estimate 10 million Americans become victims of identity fraud each year. Last year, businesses lost $56.6 billion to ID theft, the commission said. I've spent hours on the phone talking to fraud investigators, credit bureaus and bank staff as I've tried to sort out the mess that is now mine to clean up. I was exhausted every time a call ended. Individual investigations, conducted by fraud departments for each of the credit card companies that issued accounts in my name, took months to complete before concluding I was a victim of ID fraud. But there is a bright side to this story. I thought I knew how to protect myself. But what I've learned through this experience has taught me that you can never be too careful. I also learned some hard lessons along the way about how best to safeguard my personal information in the future - and respond, if my identity is targeted again.

The latest phishing scam on Facebook has raised the question yet again as to whether the social networking site is dropping the ball on security measures and properly responding to privacy complaints. Facebook faced consumer fraud charges was investigated by New York Attorney General Andrew Cuomo in 2007 for allegedly responding too slowly to user complaints about harassment, pornography, or nudity from the social networking site. As a result, Facebook agreed to settlement requirement requiring it to respond to such complaints within 24 hours. But in a recent string of phishing attacks in which hackers have broken into a user's Facebook account and hit up his or her friends for money with the online chat tool, pretending to be stranded or robbed, a complaint has emerged that the privacy team at Facebook hasn't responded to users in a timely manner. Mark Neely, a Sydney-based management consultant, became aware that his Facebook account was hacked when friends called him to see if he was all right - the hacker had contacted them via Facebook chat saying that Neely had been robbed at gunpoint in London and would need them to wire him money so he could return to Australia. Neely says he filled out two online complaint forms and e-mailed the privacy team at Facebook, but it took them more than 40 hours to respond to him. In the meantime, his friends continued to call him about being contacted by the hacker. Facebook spokesman Barry Schnitt disputes Neely's figure, saying it only took 30 hours to respond. "In this case, we have restored access to the account to the rightful owner, are identifying the means by which the account was compromised (likely malware), and building in technical protections in the Facebook system to address this particular type of scheme," Schnitt said

It's funny. Was it just a month ago that we were enjoying the holiday respite, wondering what 2009 would have in store for us? Mind you, I didn't have any delusions. After the breaches, news events and regulatory issues of 2008, I didn't think we were going to turn the calendar page and emerge in a new world of a healthy economy and soaring consumer confidence. But neither did I think, four weeks later, we'd already have our first major security breach of the year - Heartland Payment Systems (HPY) and that it would so dominate our industry's attention. I get it, though, why we're so enamored of this case. It speaks to our biggest fears, first of all, that unknown electronic assailants can sneak into our systems and pry away our customers' names and critical information. Then there's the unknown enormity - we truly don't know how big this breach was. And, finally, it hits home. For you, the banking institution, you're the one left replacing your customers' cards and explaining why. For me, the banking customer ... well, mine is one of the banks doing the explaining. Needless to say, we're monitoring accounts closely. So, we were among the first to break the Heartland story when it first broke last Tuesday, and we've continued to follow it closely. After the initial media surge, where we saw news outlets and solutions providers tripping over one another to opine over what they think happened to Heartland and what it all means, here is what I believe we've learned so far from the case: 1) The Damage Goes Far Beyond the Breach. Heartland execs absolutely did the right thing by stepping forward last week and saying "We were breached," but the company has suffered for it ever since. The market responded to the news by gutting the company's value from over $14 per share last Tuesday to a low of just under $8 this week. Reputationally, you just can't measure the damage - Heartland is now synonymous with "breach," and that's a tough tag to shake. Unable to answer quest

Is it time for Web publishers and their users to have the privacy talk? At most Web sites, privacy policies are ridiculously long and convoluted scrolls of legalese that only a hearty privacy watchdog would read. For most users it remains a mystery just how publishers collect, use and share the data trails consumers leave behind while traversing a site. But publishers now are partnering more deeply with third party ad networks who plant their own cookies in their users' browsers and hit them again with ads out on their own networks with other publishers. How should a site broach the topic of privacy and ownership of data with its own customers? The industry-funded Future of Privacy Forum is hoping to get at this issue in a new research initiative that explores different ways sites can communicate with users about their online advertising experience and how a use's data trail is recorded and used. The study will try to find ways that publishers can raise user awareness about the use of online behavioral data and be more transparent about how it is harvested and shared.

The problem with securing data and insuring its safety is that there is simply so much more stored electronically these days that opportunities for outside hackers or insiders to steal valuable, confidential information off a company's computer systems are growing exponentially, according to those in the insurance industry who make it their business to cover this expanding exposure. Indeed, "you can take out more data in a thumb drive now than people could take out in a super-computer 10 years ago," according to Kevin Kalinich, co-national managing director for Professional Risk Solutions at Aon. The risk of a data breach is very real for companies large and small across almost any industry, noted Mr. Kalinich. He cited a report from the University of California, Berkeley, that more data has been aggregated and stored in the last three years than in the entire history of mankind. He also noted that between 75 and 85 percent of Fortune 2000 companies have suffered a "material data breach," meaning there is a growing market for those selling insurance coverage for liability and repair costs, as well as loss control services. Companies that take an "it won't happen to me" approach to securing data need only look at news headlines to see that organizations are often hit by breaches, and as more data is being stored electronically, the potential for, and impact of possible breaches increase. Princeton, N.J.-based credit and debit processing company Heartland Payment Systems reported that it had been compromised in 2008 in a breach that involved up to 100 million records, which would be tops for number of records accessed in a breach. The Heartland incident would displace the 2007 breach of TJX, in which over 45.6 million credit and debit card numbers were stolen. The TJX breach, in turn, took the record set by a breach of CardSystems Solutions in 2005.

The Kaiser Permanente hospital in Bellflower has been hit with a $187,500 fine for failing for a second time to prevent unauthorized access to confidential patient information, state pubic health officials said today. [Updated at 3 p.m.: A spokesman for the hospital said the fine was part of the ongoing investigation into employees improperly accessing the medical records of Nadya Suleman and her children. Disciplinary action has been taken against the employees, said Jim Anderson, a hospital spokesman. All the incidents occurred in January; a previous post said they had occurred in April and May.] State officials said Kaiser Permanente Bellflower Medical Center compromised the privacy of four patients when eight employees improperly accessed records. This is the second penalty against the hospital, officials said. The hospital was fined $250,000 in May for failing to keep employees from snooping in the medical records of Nadya Suleman, the woman who set off a media frenzy after giving birth to octuplets in January. The fine was the first penalty imposed and largest allowed under a new state law enacted last year after the widely publicized violations of privacy at UCLA Medical Center involving Farrah Fawcett, Britney Spears, California First Lady Maria Shriver and other celebrities. "We are very concerned with violations of patient confidentiality and their potential harm to the residents of California," said Dr. Mark Horton, director of the California Department of Public Health. "Medical privacy is a fundamental right and a critical component of quality medical care in California."

A law designed to keep college students' grades private often is used for a much different purpose -- to shield universities from potentially embarrassing situations. Some critics say a number of schools are deliberately misreading the Family Educational Rights and Privacy Act in order to keep scandals and other unflattering news from hitting the media. "Some schools have good-faith misunderstandings of the law, but there are others that simply see this as a handy excuse to hide behind," says Frank LoMonte, executive director of the Student Press Law Center, which provides student journalists with legal help. Legal experts say part of the problem is that the law is loosely defined. In addition, the potential consequences of violating the law -- namely, that schools would lose their federal funding -- prompt university officials to be conservative in their decisions about releasing information. Those complaints rankle advocates of student privacy, who say that, if anything, the three-decade-old law should be expanded. "Most of these kids are adults, and they should be able to make their own decisions," says Daren Bakst, president of the Council on Law in Higher Education. Congress already reworked the law to clarify when universities can disclose student information, especially involving health and safety matters. Those changes, adopted in January, followed the 2007 shooting rampage at Virginia Tech by a mentally troubled student.

If you've been advertising online for a long time, you may have gone through stages: sticking with banner ads at first, and then going with search engine advertising, and maybe putting your ads on a publisher network belonging to a search engine or an advertising company. Most of the time you probably tried to put your ad in a matching context. That might be the wrong approach. I've written before about behavioral advertising, also known as behavioral targeting. You can read my first article about it here. If the topic of behavioral targeting intrigues you, you might also want to read about behavioral retargeting. Before I plunge into the content and focus of this article, though, let me give you a quick definition. Behavioral advertising is a form of online advertising that follows the user around. For example, a web surfer who has just priced some flights on an airline's website might be shown a travel-related ad when he surfs to the next website in which he's interested, which might be for the local pizza joint. The theory behind behavioral advertising is, in a sense, pretty simple. Most people are bombarded with ads most of the time, especially when web surfing. As a result, we tune them out. Because of the usual advertising practices, we might be better at tuning out ads that are in the same context as the content we're reading. In other words, someone reading content on a web site about where the best ski slopes are just might have completely ignored an ad for your lovely Aspen getaway. To rise above this clamor, it's necessary to hit web surfers with a surprise, something that doesn't fit the normal context. Think about it: aren't you more likely to stare at someone talking into a banana than a cell phone? That's the theory, but it's new enough that researchers and marketers are still doing surveys to prove or disprove it. The most recent one was conducted by BL Labs and released by ad network BlueLithium. You'd probably expect it to

making best indexing in goggle and bing. RADJASEOTEA is a master of backlinks. You want indexing in goggle and bing. LOOK THIS www.fiverr.com/radjaseotea/making-best-super-backlink-143445

Online crime is increasingly hitting small and mid-size companies in the U.S., draining those entities' bank accounts through fraudulent transfers. The problem has gotten so bad that a financial services group recently sent out a warning about the trend, and the Federal Deposit Insurance Corporation (FDIC) issued an alert today. "In the past six months, financial institutions, security companies, the media and law enforcement agencies are all reporting a significant increase in funds transfer fraud involving the exploitation of valid banking credentials belonging to small and medium sized businesses," says a bulletin sent on Aug. 21 to member financial institutions by the Financial Services Information Sharing and Analysis Center, (FS-ISAC). The FS-ISAC is part of the government-private industry umbrella working with the Department of Homeland Security and Treasury Department to share information about critical threats to the country's infrastructure. The member-only alert described the problem and told its members to implement many of the precautions and monitoring currently used to detect consumer bank and credit card fraud.

"Facebook CEO Mark Zuckerberg has just written an open letter to Facebook users regarding a privacy overhaul that is due to hit the site in the next few weeks. Soon, users will be able to selectively choose, on a per-post basis, who can see the content they post to the site. Facebook is also going to remove regional networks entirely, largely because some of those networks (like China) consist of millions of users, which makes them useless from a privacy standpoint. If these changes sound familiar, it's because Facebook actually announced them way back in July. Zuckerberg also notes that Facebook now has 350 million users ? it has added a whopping 50 million of them in the last two and a half months. Alongside the regional network change, privacy controls will be simplified. As Facebook rolls out the new privacy settings, users will be presented with a page designed to walk them through the new options. Depending on your current privacy level, Facebook will make recommendations, though you'll be able to change them as usual. "