Implementing an AI Policy in your Organization

AI applications and business productivity gains are much discussed and written about. On Tuesday, May 21, the EU Council finally approved the AI Act. Generative AI is often referred to as a “superpower” that is revolutionizing the working world. From creating and summarizing emails and texts to converting them into PowerPoint slides or checking programming code for errors – the application possibilities are diverse. Employees regularly use AI applications such as ChatGPT, Deepl, Midjourney or Dall-E. Without concrete AI strategies or guidelines for use in the company.

Security and Compliance

To minimize compliance risks, we strongly recommend implementing an AI policy within your organization. This policy should set uniform standards and clearly define which AI technologies may be used, for what purposes, and which areas are excluded. A central aspect is data protection. For example, when personal data is entered during prompting, whether as text or image, this information is processed by the AI provider to generate a result. Often, these prompts are reused by the provider for training purposes. A legal basis, such as consent, is necessary for entering personal data, which in most cases will not be available. When prompting, it should be ensured that only anonymous data is used. The AI policy also ensures that other compliance risks, such as copyright issues or the protection of trade secrets, are minimized.

Support with Implementation

Our consultants are glad to assist you in developing and implementing a tailored and actionable AI policy for your company. We offer customized templates and a comprehensive questionnaire that ensures a quick and precise implementation. Please feel free to contact us for further information.