Print Edition

  Email News Updates

Ask the Expert: Can a Generative AI Use Policy for the Workplace Help Protect Sensitive Data?



Artificial intelligence is a buzzword for many industries. It has good and bad effects on the future of creating content, finding information, and other uses. So, what does this mean for your business? First, you should know what AI is, and how people typically use it. 

Is Artificial Intelligence a Threat to Your Business? 

Even with the various perks to AI technology, like anything, it can be harmful if used improperly. Artificial intelligence may seem foolproof since it is computer-generated. However, there are often flaws both big and small that can be tough for the human eye to detect. 

False Information 

AI is trained to come up with an answer to your questions. It will spit out an answer, even if it can’t find adequate, true, or complete information on the web. 

This creates the issue of made-up information. AI tools have been known to generate things like fake court cases to support arguments. Since it doesn’t have the reasoning skills of a human being, the answers it comes up with are only designed to look correct. 

These inaccuracies can be hard to spot. That’s why it’s important to fully fact-check AI answers before using it for business purposes. 

Malicious Chatbots 

Online scammers will sometimes create malicious AI chatbots in order to gather sensitive information from victims. It is crucial to establish guidelines for the AI platforms that employees can utilize. This is because these bots have the potential to access company data and compromise your network security. Make sure to include this detail in your AI policy, so your employees know to only use trusted AI platforms and never disclose personal data. 

Sensitive Information 

As previously mentioned, if used improperly, AI can steal personal information. This is why your business AI usage policy should include verbiage about being mindful of data security. 

Since much of how AI works is shrouded in mystery, there are seemingly endless possibilities about how sensitive data fed to the technology can be exploited. Your safest bet is to make it clear that your staff are not to share personal documents, passwords, or any other information you wouldn’t want the world to see with an AI bot. 

Trade Secrets 

This also applies to trade secrets. You wouldn’t post your industry secrets on social media, so you should assume that AI will collect any data you plug into it and potentially get leaked to competitors. 

More AI tools enter the market every month, and user data regulation is sparse for this relatively new technology. So, feeding data into AI is not like writing on your notes app. It’s an online database that poses potential risks if used irresponsibly. 

Preventing Legal and Regulatory Violations 

It may be hard to wrap your head around, but regulating how your staff use AI could prevent them from breaking the law. Outlining acceptable and unacceptable ways to use AI can ensure your recruitment doesn’t violate the Equal Employment Opportunities Act by asking AI to assist in hiring decisions. Some AI tools that might discriminate against candidates include: 

  • Resume scanners that reject candidates that don’t meet exact requirements. 
  • Video interview software that tracks speech patterns and mannerisms 
  • Chatbots that ask candidates questions and reject them based on responses.

You can also ensure your employees adhere to HIPAA compliance by prohibiting them from feeding any patient-specific medical information to AI. 

How to Create a Generative AI Policy For Your Workplace 

To create your AI policy, ask a managed cyber security provider how AI could impact your business. Every industry has different regulations for data protection. An MSP will help you define your unique strategy while allowing your staff to enjoy the benefits of AI.