Safe Use of GenAI
How Can I Stay Safe While I Use GenAI?
The use of GenAI services has seen a massive surge in the recent past, and the potential risks of GenAI use have increased proportionally. In order to stay secure in your use of GenAI, here are general principles that can be followed. For specific information on a particular GenAI service, see the GenAI Services Page.
AI Guidelines
Understand the Software
Know the limitations, security and privacy policies, and pricing of any generative GenAI software you use.
Use GenAI as a Tool
Acknowledge what GenAI can and can't do, using it to supplement, not replace, human work.
Prioritize Accuracy
Take time to understand how GenAI works, and practice with small projects. Avoid large-scale, customer-facing services.
Follow University Guidelines
Always refer to the Academic Integrity Policy, Data Use, Privacy, and Security Policy and CES Honor Code.
Seek Guidance
Ask your department CSR or OIT representative for clarification on AI usage. If you are unsure who your department CSR is, visit the "Who is my department CSR?" resource on the side of this page.
Stay Informed
Keep up to date with guidelines and updates communicated by campus leadership.
Don't Share Nonpublic Institutional Data
Don't share data with any GenAI service without a business contract to ensure data privacy. The University does not currently have any contracts with specific GenAI vendors.
Don't Rely Solely on GenAI
Always cross-check AI-generated results to make sure they are accurate and appropriate.
Don't Expose Sensitive Data
Don't enter Nonpublic Institutional Data into the GenAI service. Nonpublic Institutional Data includes personally identifiable employee data, FERPA-covered student data, HIPAA-covered patient data, and may include research that is not yet publicly available. Refer to BYU's Data Use, Privacy, and Security Policy.
Don't Violate Privacy Regulations
Don't violate any privacy and policy agreements, including the sharing of Nonpublic Institutional Data. Nonpublic Institutional Data includes personally identifiable employee data, FERPA-covered student data, HIPAA-covered patient data, and may include research that is not yet publicly available. Refer to BYU's Data Use, Privacy, and Security Policy.