Guidelines for Use of Generative Artificial Intelligence (AI) Tools with Bryant University Data
Introduction
Generative AI tools offer substantial benefits for academic research, teaching, and administrative operations. However, their use also raises concerns about data privacy and security. These guidelines aim to ensure that the university community utilizes these tools responsibly and in compliance with legal and ethical standards.
Scope
These guidelines apply to all faculty, staff, and student workers and cover the use of generative AI tools in all university-related work and activities.
Data Privacy Principles
When using generative AI tools, adhere to the following principles to protect sensitive information:
- Minimize Data Exposure: Only input data that is essential for the task at hand. Do not include sensitive or confidential information.
- Anonymize Data: Anonymize data by removing or altering personal identifiers.
- Understand Tool Capabilities: Be aware of the data privacy and security measures of the AI tool being used. Ensure its policies align with university standards and legal requirements as described in Bryant's Acceptable Use, Data Classification, Data Encryption, Digital Privacy, and Storage Guidelines. These and other information security guidelines can be found on the IS policies page.
Acceptable Data Types for Input
- Public Information: Data that is publicly available or intended for public dissemination. Examples include published research, public datasets, and open-source materials.
- Non-sensitive Internal Data: Internal data that is not confidential or personally identifiable. Examples include publicly available course descriptions or schedules.
Responsibilities
- Users: Faculty, staff, and student workers are responsible for understanding and adhering to these guidelines. They should ensure that the data they input into generative AI tools complies with the guidelines listed earlier in this document.
- University: The university provides free access to LinkedIn Learning which delivers numerous courses on AI as well as courses on data protection, cybersecurity, and related topics. These resources will help the Bryant community understand generative AI tools and the safeguards required to keep data safe. In addition, training and informational material will be regularly distributed and updated by Bryant's Information Services division as well as the Center for Teaching Excellence. Any specific questions can be forwarded to Bryant’s IS Service Desk.
Caution
The University considers any violation of the directives outlined within this document to be an objectionable offense. Failure to comply may subject the violator to disciplinary or legal action by the University.
Exceptions
The Divisional Vice Presidents will review and approve any exceptions to directives outlined within this document as needed.
As of the time of publication of this guideline, Microsoft Bing Chat Enterprise (now referred to as simply Copilot) is the only known generative AI tool designed with several features to protect data and ensure that the information processed is not uploaded to the generative AI database. Key protections include:
- Data Isolation: Data input into Copilot is isolated and not used for database training or improving the service.
- Security Measures: Copilot implements robust security measures to safeguard data, including encryption in transit and at rest.
- Compliance Standards: The service complies with industry standards and regulations to ensure data privacy and security.
Due to these features and the fact that this version of Copilot is part of our Microsoft campus agreement and available to all faculty, staff, and students, it is recommended that Copilot be used as the primary generative AI tool at Bryant.
The Service Desk has created a video tutorial on the use of Copilot.
Conclusion
The responsible use of generative AI tools is essential for maintaining data privacy and security. By adhering to these guidelines, the Bryant community can leverage the benefits of these technologies while upholding our commitment to ethical and legal standards.
For questions or more information about these guidelines, please contact the IS Service Desk.
Policy Review and Revisions
Last Reviewed | Last Updated | Summary |
---|---|---|
4/2/2024 | 4/2/24024 | Add video tutorial and convert raw links to embedded links. |
3/25/2024 | 3/25/2024 | Instituted policy. |