Body
About
Generative AI is a type of artificial intelligence that can learn from and mimic large amounts of data to create content based on prompts. The University supports responsible experimentation with Generative AI tools, but there are important considerations to keep in mind when using these tools, including information security and data privacy, compliance, copyright and academic integrity.
There are several risks to using these services that all members of the community should be aware of:
- Bias- AI algorithms learn from historical data, and can perpetuate biases
- Privacy concerns- improper handling of sensitive data can result in privacy violations
- Socioeconomic inequality- ensuring equitable access is crucial to prevent further inequality
- Social manipulation and deepfakes- AI can be misused to spread disinformation and propaganda, and can be leveraged for phishing
- Misleading or inaccurate content- these tools may create citations to content that does not exist, or content that contains copyrighted materials.
Protect Sensitive Data
The use of confidential data with publicly available Generative AI tools is prohibited without prior review from IT Security & Compliance.
Confidential data includes the following:
- FERPA Data- Grades, Student Birth dates and Other Personal Information, Disciplinary Records, Parents' Information, etc.
- GDPR Data- Any Personal Information Pertaining to EU Residents. (There are similar regulations for residents of Canada, the UK, Argentina, Australia, and other countries.)
- GLBA Data- Federal Student Aid Awards, Students' and parents' Tax Returns and Other Financial Information, SSNs, etc.
- PA-BPINA Data- SSNs, Drivers' License Numbers, Bank Account Numbers. (PA-BPINA is Pennsylvania's Breach Notification Law. All 50 states have similar laws covering their residents' data.)
- University Confidential Data- Sensitive financial, operational, and institutional information.
- HIPAA Data- Medical and Treatment Records- Dept. of Health & Human Services requires a Business Associates Agreement for any cloud storage.
- PCI-DSS Data- Credit Card Numbers, CVV2 Codes, Expiration Dates- All electronic storage of cardholder data is prohibited by La Salle's merchant agreements
AI Services
IT is actively reviewing current and future technologies to incorporate them into our technology architecture.
| Service |
Status |
| Copilot (also known as Bing Chat) |
Approved: Available under Microsoft Campus Agreement for all faculty, staff, and students (18+) |
| Microsoft 365 Copilot |
Not Available: Not currently available under contract. |
| Zoom AI Companion |
Approved: Zoom AI Companion Meeting Summary and Smart Recordings |
Procuring Tools
All Generative AI software (including add-ons or modules for existing applications) that will be used with confidential data must be reviewed and approved IT Security & Compliance, even if the software is free.