Information Security

The Information Security team supports Texas Woman's University by providing cybersecurity services, education and expertise to support confidentiality, integrity and availability for data across our campuses.

Announcements

November 21, 2024

Guidance for Use of Artificial Intelligence

The Texas Department of Information Resources (DIR) released guidance on responsible use of artificial intelligence (AI) systems. While these tools potentially offer significant efficiencies and value to state agencies, they also carry inherent risks that can be particularly perilous in the public sector. As a state agency, Texas Woman's University will follow state guidance. Key factors include the following:

Risks that agencies should consider include:

    • Lack of Transparency and Accountability
    • Data Privacy and Security Concerns
    • Inaccurate Outputs
    • AI Manipulation
    • Bias and Fairness

Given these risks, it is critical that state agencies implement AI responsibly.  Risk mitigation strategies could include:

    • Be transparent about the utilization of AI tools, particularly when members of the public interact with them.
    • Understand to what extent the tools access and use agency-owned data and ensure that the appropriate access controls are in place to restrict the use of personally identifiable information (PII) or any sensitive data within the AI tool.  Limit and review who can upload, modify, or delete data that AI systems reference and implement strong data governance policies to ensure appropriate access controls.
    • Include a human review of the outputs for factual accuracy and establish processes for employees to regularly monitor the outputs and modify usage of the tools as needed to ensure they have a positive impact on agencies and the Texans we serve.
    • Develop AI policies and governance frameworks, such as the NIST AI Risk Management Framework, to ensure the responsible adoption and use of AI.
    • Before procuring a tool, include agency security and privacy subject matter experts, and any other internal stakeholders with an interest in the tool, to ensure the necessary perspectives are given an opportunity to weigh in on its risks and benefits to the agency.

Additionally, as state agencies adopt new AI tools, they should consider the records retention and Public Information Act (PIA) implications of deploying AI tools that generate high volumes of new data. Establishing and operationalizing retention policies for the data generated by AI tools may help alleviate costs associated with storage as well as voluminous responses to PIA requests.

Finally, please be aware that the 89th Legislative Session will likely introduce new laws and regulations aimed at governing the use of AI in the public sector. Any applications or systems you select now may be subject to future regulatory requirements, and it is important agencies keep this in mind when purchasing AI tools.

Previous announcements

See previous announcements

Tools and resources

Page last updated 9:54 AM, December 3, 2024