As Artificial Intelligence becomes more integrated in our daily lives, one of the primary concerns some may have involves data protection and privacy. This is understandable given how generative AI sources its data through user input, web scraping, and analyzation of collected data. The rapid improvement of AI in the past 2 years can be attributed to the vast amounts of data various models have been able to collect and the efficiency at which algorithms can recognize patterns to make determinations. However, there have been multiple news stories covering how confidential corporate data has been entered into a model, such as ChatGPT, and disseminated elsewhere, exposing confidential material. This creates a risk for your organization, so how can you manage this? By creating a clear organizational policy around the use of generative AI.
When beginning to build a policy on the use of AI there are multiple elements to consider. For the purpose of this newsletter, we’ll be discussing risk and data management, but it is important to also consider ethical principles and guidelines in the policy to ensure fairness and lack of bias.
Identifying and mitigating risks associated with AI is crucial. The policy should include:
- Risk Assessment: Conduct a thorough risk assessment before AI deployment.
- Incident Response: Establishing protocols for responding to AI-related incidents.
- Continuous Monitoring: Implementing systems for ongoing monitoring of AI performance and risks.
Clear guidelines on what data is permitted to be entered into AI should be outlined to all staff. It is best practice to ensure that company data, such as sales figures, personal information, and proprietary technologies are not entered into AI. Once data is entered into a publicly available model, it cannot be removed.
A list of approved tools should also be created. This provides staff with an understanding of which tools have been permitted by the organization and removes ambiguity. As new tools are introduced and more applications integrate AI, this should be reviewed regularly.
It is possible to use network filtering tools to block access to unauthorized tools/websites. Granular controls allow flexibility with regards to how strict this is, such as creating a block list or filtering specific sub-categories.
Microsoft Copilot is an artificial intelligence tool that is integrated with a user’s Microsoft account. When logged into their computer, Copilot is active across a range of applications such as Edge, Outlook, Word, Teams, and more. Focused on productivity, Copilot can assist with tasks such as taking notes during a Teams meeting, providing summaries in documents, and generating drafts when provided a prompt. Like many other AI models, Copilot leverages publicly available data and adapts to the information provided to it by the user, creating a customized response. However, what sets Copilot apart, aside from its deep Microsoft integration, is how it complies with data and privacy regulations.
Data privacy is a core tenant of Copilot, and this commitment is visible in how it was designed and the granular options available to users. Copilot is designed to collect only data that is absolutely necessary for it to function. Data that is collected is encrypted both at transit and at rest, ensuring unauthorized users cannot access the data. Users also have the option to control the amount of data collected. This includes opting out of categories of data collection, and the ability to have all collected data deleted if you so choose.
An organizational AI policy is not a static document but a dynamic framework that evolves with technological advancements and societal expectations. By incorporating these essential elements, organizations can ensure they harness the power of AI responsibly and effectively, while safeguarding the interests of all stakeholders.
The annual Bowl for Kids’ Sake event supporting Big Brothers Big Sisters of North Simcoe is happening from April 3 to 5! This year’s theme is A Night at the Movies, and everyone is encouraged to put their best costume together representing your favourite movie. Events are happening in Midland, Penetanguishene, and Springwater. To learn more and register your team: Bowl for Kids Sake 2025 | Big Brothers Big Sisters of North Simcoe
This year members of the CSOLVE team participated in the Push-Up Challenge! The Push-Up Challenge is a free fitness event focused on pushing for better mental health for all Canadians. Participants take on 2,000 push-ups, representing the ~2,000 lives lost to suicide each day, worldwide. Fundraising during the event helps CMHA to support recovery from mental illness and foster positive mental health outcomes. To learn more: The Push-Up Challenge
