Generative Artificial Intelligence (AI) Guidance
Generative artificial intelligence (AI) tools offer many capabilities and efficiencies that can greatly enhance our work. When using these tools, members of the University community must also consider issues related to information security, privacy, compliance, and academic integrity.
Below are some guidelines on using and procuring generative AI tools such as OpenAI’s ChatGPT, Microsoft’s Bing, and Google’s Bard. Please note that these guidelines are not a new University policy, but are extensions of existing University policies.
1. Protection of University Data
The use of confidential data with publicly available generative AI tools is prohibited without prior security and privacy review. This includes personally identifiable employee data, FERPA-covered student data, HIPAA-covered patient data, and may include research that is not yet publicly available. Some grantors, including the National Institutes of Health, have policies prohibiting the use of generative AI tools in analyzing or reviewing grant applications or proposals. Information shared with publicly available generative AI tools may expose sensitive information to unauthorized parties or violate data use agreements. (Please see Policy 601 for definitions of confidential data and its use for more information.)
2. Responsibility for Content Accuracy and Ownership
AI-generated content may be misleading or inaccurate. Generative AI technology may create citations to content that does not exist. Responses from generative AI tools may contain content and materials from other authors and may be copyrighted. It is the responsibility of the tool user to review the accuracy and ownership of any AI-generated content.
3. Academic Integrity
For guidance on how generative AI tools intersect with academic honesty, it is recommended that instructors contact the Chicago Center for Teaching and Learning. (See Academic Honesty & Plagiarism in the Student Manual for University policy.)
4. Procuring and Acquiring Generative AI Tools
Generative AI systems, applications, and software products that process, analyze, or move confidential data require a security review before they are acquired, even if the software is free. This review will help ensure the security and privacy of University data. Please contact IT Services at itrisk@uchicago.edu before acquiring or using any tools, add-ons, or modules that include generative AI technology with University confidential data, even if they are free. For more information, see the Policy on the Use of External Services and the Policy of Procurement and Engagement.
Generative AI Tools for the UChicago Community
Before acquiring or using any generative AI technology tools, add-ons, or modules with University confidential data, please complete the Generative AI Tool Review form. Below are tools that have been vetted by the University.
Zoom AI Companion
On February 20, IT Services will enable new Zoom generative AI features, called Zoom AI Companion. These features include:
- Meeting Summary: Allows meeting hosts to initiate an AI-generated summary of their meetings. When the host enables this feature in a meeting, participants can receive a summary after the meeting ends.
- Smart Recording: Processes cloud meeting recordings to create “smart” chapters, highlights, summaries, and next steps.
(Note: due to the cloud recording policy, UChicago Medicine, Biological Sciences Division, and student accounts are ineligible to use smart recording unless they have received a prior exception from their privacy office.) - Team Chat Thread Summary: Condenses chat discussions on the Zoom Team Chat tool and summarizes messages in a thread within the Zoom desktop application.
For more information, view the FAQ.
GitHub Copilot Business
The University is contracting with Microsoft for GitHub Copilot Business, an AI-powered software coding assistant developed by GitHub, OpenAI, and Microsoft. The University community has expressed interest in AI applications with code generation capabilities and the GitHub Copilot Business agreement offers this service while providing data protection through the University’s Microsoft contract.
There is a cost per user, and users must be part of an existing enterprise GitHub organization. To request this feature, unit leaders should contact IT Services.
Contacts
If you have questions about the guidelines, please contact:
- Kevin Boyd, Chief Information Officer, at cio@uchicago.edu
- Matt Morton, Chief Information Security Officer, at ciso@uchicago.edu
- Dipti Ranganathan, Chief Privacy Officer, at privacy@uchicago.edu