1. We recognise the range of Generative AI tools available to support business processes at the University, and the opportunity this represents for us. We are equally aware that the use of AI for this purpose is fast-developing and that we must identify and manage emerging risks as an institution and act in compliance with our Information Security Policy and IT Acceptable Use Policy. This guidance relates to the use of AI within business operations. Staff or student use of AI for the purposes of learning and teaching is not covered by this guidance. Information to support these activities can be found here.
2. The responsible use of Generative AI tools by staff at the University of Essex will comply with all laws and regulations applicable to the use of Generative AI including the UK GDPR and the Data Protection Act 2018.
3. For the purposes of this guidance:
4. Staff using Generative AI in their work must ensure that they comply with our Information Security Policy and IT Acceptable Use Policy and follow the principles below:
5. The use of approved Generative AI tools may be considered for the following purposes:
6. The potential uses of Generative AI are far reaching. The following are examples of how Generative AI might be used to support University business processes:
7. Generative AI tools may not be used for the following purposes:
8. The approved Generative AI tools where we have an established contractual agreement and are licenced to the University is Zoom AI Companion and MS Copilot. Staff using these tools should be logged in from their work account. These are Generative AI tools with whom we have an established contractual agreement and are licenced to the University. Staff wishing to use a Generative AI tool not listed on this page must request that this is considered by the Deputy CTO via the DITS Helpdesk in the first instance.
9. When using Copilot Chat (the free version of Copilot) you must sign in with your work account when analysing data to enable these necessary protections. You can sign in using your Essex credentials by clicking on the Copilot logo in Edge:
Alternatively, you can sign in at https://copilot.cloud.microsoft.com using your preferred browser. Whichever method you choose you should see the following logo at the top of the page:
This indicates that Enterprise Data Protection is enabled – do not proceed if you do not see this logo as it means that EDP is not switched on.
Further information on EDP can be found at: Enterprise data protection in Microsoft 365 Copilot and Microsoft 365 Copilot Chat | Microsoft Learn.
10. Generative AI usage by staff must comply with our Information Security Policy and all relevant legal requirements.
11. Non-compliance with this guidance and the Information Security Policy may result in the revocation of access to Generative AI tools and network access.
12.On an annual basis, the AI Advisory Group will: