Security and Privacy Statement on Artificial Intelligence

The use of generative artificial intelligence (AI) tools, like ChatGPT, has increased rapidly over the past few months and will continue to grow. While Ohio State considers how AI tools can be utilized in our educational spaces, Digital Security and Trust within the Office of Technology and Digital Innovation (OTDI) is working to better understand how these systems protect the security and privacy of information they collect, especially as it pertains to university data.   

University faculty, staff, students, and affiliates should not enter institutional data into any generative AI tools, including ChatGPT. Ohio State's institutional data is information created, collected, maintained, transmitted, or recorded by or for the university to conduct university operations. The Institutional Data Policy (IDP) establishes the need to protect institutional data and requires that all institutional data is assigned one of four security classification levels. More information about the IDP and protecting our data can be found on OTDI’s website.  

Those who wish to use Chat GPT or another AI platform for personal use should be aware of what information they are giving the platform. ChatGPT’s privacy policy states that they have access to all information entered into the system, including account information and any inputs used to generate a response. This data could be breached and used by cybercriminals to create malware, phishing email campaigns, or other cyber scams.  

We are all responsible for keeping our institutional data secure, especially as AI becomes more widely available. If you ever have concerns about your Ohio State account being compromised, you can reach out to the IT Service Desk online or by calling at (614) 688-4357 (HELP).  

The Teaching and Learning Resource Center has created a comprehensive resource to guide AI use in our academic environments. Questions about AI usage pertaining to information security and privacy considerations can be directed to the Digital Security and Trust team at