NEIT WISP 2.1 Change Log
Faculty and Staff Policy for the Use of Generative AI
Purpose
This update to the WISP is intended to provide guidance to New England Institute of Technology related to the use of Generative Artificial Intelligence (AI), by Staff & Faculty on campus.
Scope/Applicability
This policy applies to all Faculty and Staff.
Policy
As there is an increase in popularity of generative AI tools, NEIT has developed these procedures and accompanying Guidelines to assist in their use, including the prohibition on entering Internal, Private, and Restricted data into Generative AI tools.
Definitions
- Internal Data – Internal data is institutional data used to conduct university business and operations. It may only be accessed and managed by users whose role, function, or assignment requires it. Unless otherwise indicated, internal is the default level for institutional data.
- Private Data – Private data is institutional data classified as private due to legal, regulatory, administrative, or contractual requirements; intellectual property or ethical considerations; strategic or proprietary value; and/or other special governance of such data. Access to and management of private data requires authorization and is only granted to those users as permitted under applicable law, regulation, contract, rule, policy, and/or role.
- Restricted Data – Restricted data is institutional data that requires the highest level of protection due to legal, regulatory, administrative, contractual, rule, or policy requirements. Access to and management of restricted data is strictly limited as unauthorized use or disclosure could substantially or materially impact the university’s mission, operations, reputation, finances, or result in potential identity theft.
- Generative AI Tool – A computer-based deep learning model that generate texts, images, or other outcomes in response to requests or prompts. Examples include, but are not limited to ChatGPT by OpenAI, Claude by Anthropic, Gemini by Google DeepMind, Microsoft CoPilot, Stability AI’s Stable Diffusion, etc.
- FERPA (Family Educational Rights and Privacy Act) data classification refers to the safeguarding of student education records, ensuring their confidentiality and privacy. Under FERPA, educational institutions must protect identifiable information like grades, enrollment status, and personal details from unauthorized access or disclosure. FERPA grants students rights to access, review, and correct their records, while requiring institutions to obtain consent before sharing such information with third parties, unless legally exempt.
- GLBA – the Gramm-Leach-Bliley Act (Privacy of Consumer Financial Information), a federal law that requires financial institutions to protect the privacy and security of customer information. GLBA addresses the safeguarding and confidentiality of customer information held in the possession of financial institutions such as banks and investment companies and higher educational institutions with a financial connection to the Title IV Program.
Procedures: Acceptable Use of Generative AI
- Those who use Generative AI in their work are responsible for reviewing work for accuracy.
- New England Tech staff and faculty must disclose the fact that Generative AI has been used in the creation of content associated with New England Tech work deliverables.
- Surveys which use AI tools for analysis must disclose this information.
Prohibitions
Do not enter FERPA, GLBA, Internal, Private, or Restricted data into generative AI tools.
Violations
- Reports of allegations associated with violations of this policy will be referred to Executive Vice President, who should then report violations to DOTS.
Additional Information & Related Documents
Interpretation & Revision
Any questions of interpretation regarding this policy should be referred to DOTS, who, along with the Executive Vice President, will be the final authority regarding the interpretation of this policy. This policy was drafted by representatives from DOTS, General Council and the Executive Vice President.