Don't enter sensitive information into a tool you don't trust
You shouldn’t enter sensitive data into a generative artificial intelligence (AI) tool if you’re not sure how it will use or store the data. Many tools are available as personal or consumer products, so they may not meet the legal requirements for data handling.
Technology platforms and products (such as MIS and cloud storage) are increasingly using AI. However, many of these are designed to be used by companies and will comply with your data handling requirements.
You should avoid entering data into:
- Consumer products that aren't designed for sharing institutional data
- Tools which don't align with your data practice processes – for example, ones that allow your data to be used for AI training
See the section below for advice around making sure your current suppliers remain compliant.
Personal data: information from which someone can be directly identified, or