Cybersecurity
AI Guidelines
Artificial Intelligence Guidelines
Purpose
Generative artificial intelligence (AI) describes algorithms that can be used to create new content, including audio, code, images, text, simulations, and videos. The rise in capabilities and ease of access of ChatGPT and other AI services provides exciting potential as a tool for research, programming, data processing and other applications. However, when using publicly available AI services, as with any technology, Clemson University employees, students and affiliates are obligated to protect and preserve the data we use at Clemson University every day.
This page is provided as a resource on University policies and responsibilities for University employees, students and affiliates as they explore these new technologies and their capabilities. This page will be regularly updated as additional guidance and regulations are developed.
AI Risks
- Entered data is retained and used to train models which can lead to a data breach.
- Generative AI tools may produce erroneous responses that seem credible, sometimes referred to as “hallucinations”.
- Generative AI systems could be trained on copyrighted, proprietary, or sensitive data, without the owner’s or subject’s knowledge or consent.
AI Best Practices
- Enter only public data into an AI system. Opt out of sharing data for AI learning whenever possible.
- Verify any results through authoritative sources.
- Consider legal, regulatory, and ethical obligations when using AI.
- Be transparent in disclosing and citing the use of AI tools.
Related University Policies and Guidance
Clemson University has multiple policies that help protect University data. University employees, students and affiliates must not enter Internal Use, Confidential, or Restricted institutional data into publicly available generative AI tools. This includes details like student information, personnel records, confidential University information from contracts or grants, and any proprietary or non-public intellectual property. Make sure that the information you submit is Public and doesn’t contain any personally identifiable or sensitive data.
Below are some of the relevant policies and standards that can help ensure that privacy and security are maintained, and guide decision making.
| Policy and Guidance | Key points relevant to AI |
|---|---|
| Acceptable Use of IT Resources Policy |
|
| Data Classification Policy |
|
| IT Vendor Management Policy |
|
| FERPA |
|
| Academic Catalog |
|
| Research Misconduct Policy |
|
| Information Security Policy |
|
Need help?
- Submit an assessment to the IT Vendor Management Program Team to evaluate the AI service.
- Consult your Data Steward.
- Report information security incidents at ithelp@clemson.edu.
External Resources
These resources are provided for informational use only and may not reflect Clemson University’s regulations or recommendations.
- White House Executive Order Fact Sheet on Safe, Secure and Trustworthy AI
- NIST Trustworthy and Responsible AI Resource Center
- “Artificial Intelligence and the Future of Teaching and Learning: Insights and Recommendations (May 2023), U.S. Department of Education, Office of Educational Technology
- MalwareBytes AI Security Risks
- A fit for purpose and borderless European Artificial Intelligence Regulation
Responsible Division
CCIT and University Compliance & Ethics
Reviewed Date
March 7, 2024
