Best Practices When Using ChatGPT/IUI

Posted By: Tom Morrison Community,

ChatGPT and other Artificial Intelligence interfaces (being added all the time), generically referred to as “Intelligent User Interfaces (IUI)” could cause problems for employees in three contexts. First, there are situations where the mere use of IUI could violate an employer’s policy. Second, the use of IUI is permissible by the employer, but it's used in a particular way that could lead to a violation of a law or rule. Third, the worker relies on incorrect information from IUI.

With IUI being so new, many employers have not considered the potential risks and implications of using this in the workplace. It is highly recommended that you either amend current policies or add another strict policy around IUI.

There are many considerations employers should look at when allowing employees to use IUI or other AI chatbots in connection with the workplace.  Here are several implications, potential risks, and best practices for the responsible use of IUI and other AI in the business environment:

Understand IUI’s Weaknesses:

o   IUI is a very new technology (for the general population), and it makes mistakes. You should never use its responses without human review and editing.

o   Never accept the responses it provides to be 100% complete, accurate, or true. You should never use it for fact checking or research.

o   IUI and other AI are not designed to replace human intelligence or decision-making.

o   Potential biased responses are another weakness. This is because of the vast amounts of data it uses when forming responses.

o   Understanding the purpose and limitations of IUI can help employees use it more effectively. Remembering this can help us avoid unrealistic expectations.

Protect Your Company’s Intellectual Properties and Trade Secrets:

o   Always be aware of any exposure of employee or customer data. Limit the potential risk of data misuse or leakage.

o   Never use intellectual properties or trade when using IUI, whether unintentionally or intentionally. Information entered into IUI has risks of becoming accessible in the public domain.

o   Never use Controlled Unclassified Information (CUI) in your questions. If you are in the Defense Industrial Base, you have a contractual obligation to protect CUI. If leaked from IUI, that could result in a legal issue with the Department of Defense.

o   Emails and your internet searches are continuously being analyzed using AI. Any sensitive information you draft into an email or use in search engines has potential risks of becoming public information.

o   Restricting access to only authorized personnel, implementing strict access controls, and monitoring and auditing user permissions will help prevent unauthorized access to sensitive information.

Protect Your Personal Information:

o   Personal information or Personally Identifiable Information (PII) should never be used with IUI. By using personal information, you are potentially putting all of your personal information at risk. This can include addresses, phone numbers, social security numbers, financial information, family members, etc.

o   Personal information used in emails or search engines can also risk having your personal information used for the wrong reasons.

o   Other countries have started regulating IUI and even banning its use because of the potential risks.

o   Once you give a piece of information to IUI, it cannot be deleted under any circumstances. It's out there forever.

User Awareness and Training:

o   Employees should be made aware of the implications of AI analyzed email, what to watch for, and how to protect your company’s trade secrets and intellectual properties.

o   Employees should be trained in how to properly use IUI and how not to use IUI.

o   Add IUI and other AI to your existing or new Acceptable Use Policies (AUP). This policy will detail what is acceptable use and what is unacceptable use for the employees.

Article provided by MTI supplier member, Throughput-Bluestreak, a technology provider to the heat treating industry.  For more information on Bluestreak, visit www.go-bluestreak.com.