Using AI Securely

The University of Richmond is exploring and implementing the potential of AI in education and research. Our faculty hub has been offering workshops and seminars demonstrating the capabilities and benefits of integrating AI into the classrooms. 

It is important for the UR community to understand using ChatGPT and other Generative AI tools requires responsible usage, awareness of potential biases, balance with human interactions, privacy and security considerations and continuous learning.

  • Data & Security Compliance
    • When providing information to ChatGPT and other Generative AI tools, it is important to understand UR’s data and privacy regulatory standards.

      Service Is the service consumer or enterprise focused? Where is the information stored or processed? Does the service have a current UR Contract? What kinds of information is appropriate for the service?
      Adobe Firefly Enterprise Third Party Cloud Yes (Part of Creative Cloud) Public, non-identifiable information
      ChatGPT 3.5 Consumer Third Party Cloud No Public, non-identifiable information
      ChatGPT 4.0 Consumer Third Party Cloud No Public, non-identifiable information
      Dall-E Consumer Third Party Cloud No Public, non-identifiable information
      Google Bard (Personal Google Accounts) Consumer focused  Third Party Cloud No Public, non-identifiable information
      Google Bard (UR) Consumer focused Third Party Cloud No, not enabled Public, non-identifiable information
      Microsoft Bing Chat (Consumer)  Consumer Third Party Cloud No Public, non-identifiable information
      Midjourney Consumer Third Party Cloud No Public, non-identifiable information
  • Guidance
    • When providing information to ChatGPT and other Generative AI tools, it is important to understand UR’s privacy and consent guidelines.
      • AI data usage should include limitation and purpose specification requirements
      • Anonymize the AI data where possible
      • Minimize the amount, granularity and storage duration of personal information when engaging with AI systems
      • Maintain privacy notices
      • Provide a copy of user’s data upon request, giving notice when major changes in personal data processing occurs
      • Consent may be used or required in specific circumstances
      • Ensure consent to provide AI data usage is properly obtained, recorded and proper actions are taken if it is withdrawn
    • Reference: https://owasp.org/www-project-ai-security-and-privacy-guide/
  • Regulation