Generative AI
The following guidelines pertain to the use and procurement of generative artificial intelligence (AI) tools. As technology advances, we have witnessed the emergence of public generative AI tools that offer exciting possibilities for our learning, teaching, work and personal lives. Some examples are Gemini, ChatGPT, CoPilot, DALL-E, Midjourney and Stable Diffusion. These systems can generate content, provide insights, summarize and help streamline our tasks. However, it is crucial to exercise caution when using generative AI.
Guidelines for the use of generative AI tools
It is important to note that these guidelines do not constitute a new University policy; rather, they leverage existing University policies. You can find more information about generative AI on the VCU Libraries website. Generative AI is a rapidly evolving technology, and the University will continue to monitor developments and incorporate feedback from the VCU community to update our guidelines accordingly.
You should not enter data classified as confidential (Category 1) or sensitive (Category 2) into publicly-available generative AI tools, in accordance with the University’s Information Security Policy and associated Business Partner Security Standard. Information shared with generative AI tools is not private and will be accessible by external parties hosting the GenAI-based tools.
- Confidential and sensitive data may include but are not limited to non-public research data, finance, HR, student records, medical information, credit card information, personal details such as ID numbers or addresses, etc.
- Refer to VCU’s Data Classification Standard for more information or use VCU’s Data Classification Tool for help classifying data.
AI-generated content can be inaccurate, misleading or entirely fabricated and may contain copyrighted material. Cross-check the generated content against reliable sources and do not blindly rely on AI-generated outputs without verifying their validity. Additionally do not upload content that infringes the intellectual property or other legal rights of any third party.
Familiarize yourself with the terms of service and privacy policies of the public Generative AI system you intend to use. Ensure that you are comfortable with how your data will be handled and stored. Be mindful of any rights the platform may claim over the content generated using their system. Similarly, be mindful of any data use and sharing policies these platforms impose on their users.
Review the Plagiarism and Copyright section in "Generative Artificial Intelligence (Gen AI) and Teaching & Learning Tool" from VCU Office of the Provost-Faculty Affairs. We expect that guidance and policies will be updated as we better understand the implications of using generative AI tools.
Generative AI has made it easier for malicious actors to create sophisticated scams at a far greater scale. Continue to follow security best practices and report suspicious messages to infosec@vcu.edu
Tools procured on behalf of VCU that store, process or transmit VCU data must have the appropriate privacy and security protections in place. Avoid using third-party technology tools that have not been vetted and approved by the university because they have not undergone a review for security, privacy, or accessibility.
Generative AI tools purchased with VCU funds must be assessed for risk by the VCU IT Governance process prior to purchase and use.
If you have procured or are considering procuring generative AI tools or have questions, contact IT Governance at itgov@vcu.edu