Purpose
This policy is to define security requirements around the usage of generative AI tools. Generative AI tools are evolving quickly and can provide a wide range of services from content creation to problem solving, however it is important to protect the security of University data.
Scope
This policy applies to all faculty, staff, and student employees
Procedures
One of the inherent risks of generative AI tools is that they will use information submitted by users and add it to their knowledge base. Any information submitted could be provided later to someone outside of the organization.
Therefore, it is important only to enter public information into a generative AI tool
Do not use any generative AI tools with
- Information legally classified as breach notifiable and where Virginia Wesleyan University is required to self-report to the government and/or provide notice to the individual if the information is inappropriately accessed. This includes information such as Social Security Numbers and credit card numbers.
- Information regulated or restricted by federal and/or state regulatory or legal requirements, contractual requirements, or University policy. This includes information such as employee information, grades, course schedules, FERPA-protected information, etc.
- Information that must be protected due to privacy, ethical, or proprietary constraints. Data of this type includes, but is not limited to, intellectual property and any data or documents that are not intended for public access or distribution.
Related Policies and Procedures
* This policy is subject to change at the discretion of the University.