University of Utah AI Policy

Because there’s no universal standard for AI use in education, instructors must proactively guide students by setting clear boundaries, explaining appropriate use, and adapting policies as tools evolve.

We highly recommend including a statement in your syllabus detailing expectations around use of generative AI tools with regards to academic honesty. This may look like:

It is expected that students adhere to University of Utah policies regarding academic honesty, including but not limited to refraining from cheating, plagiarizing, misrepresenting one's work, and/or inappropriately collaborating.

This includes the use of generative artificial intelligence (AI) tools without citation, documentation, or authorization.

Any student who engages in academic dishonesty or who violates the professional and ethical standards for their profession/discipline may be subject to academic sanctions as per Policy 6-410, Student Academic Performance, Academic Conduct, and Professional and Ethical Conduct.

Because there’s no universal standard for AI use in education, instructors must proactively guide students by setting clear boundaries, explaining appropriate use, and adapting policies as tools evolve.

Begin your course with an open discussion about AI. Clarify how tools like Microsoft Copilot can support—but not replace—student learning.

Ask students to reflect on how they used AI in an assignment: What prompt did you use? What worked well? What did you revise or reject?

Consider giving students the option to complete assignments with or without AI tools. Offer both “AI-assisted” and “AI-free” versions to promote transparency, build ethical use habits, and allow students to practice discernment and responsibility.

GitHub Copilot Not approved Does not currently meet the compliance requirements for business use.

Currently, approved enterprise tools can only be used with public data, as defined by Rule 4-004C. These tools are not approved for use with restricted or sensitive data.

Can AI be listed as an author?

No.

Specific journals and research disciplines have different requirements concerning the use of AI in the writing process. In general, “authors who use AI tools in the writing of a manuscript, production of images or graphical elements of the paper, or in the collection and analysis of data, must be transparent in disclosing in the Materials and Methods (or similar section) of the paper how the AI tool was used and which tool was used”

Authors are responsible for ensuring that AI generated outputs are appropriate and accurate. “Authors should carefully review and edit the result because AI can generate authoritative-sounding output that can be incorrect, incomplete, or biased”

In general, “authors who use AI tools in the writing of a manuscript, production of images or graphical elements of the paper, or in the collection and analysis of data, must be transparent in disclosing in the Materials and Methods (or similar section) of the paper how the AI tool was used and which tool was used”

Currently, approved enterprise tools can only be used with public data, as defined by Rule 4-004C. These tools are not approved for use with restricted or sensitive data.

First, be sure to understand your data classification (Rule 4-004C) and explore what solutions are already available or could be created using a tool listed as approved on Tools and Infrastructure. If you want to use a different AI tool, complete the AI Tool Form. Tools must go through a procurement and security review process.

This ensures vendors and the use of institutional data are evaluated by IT, information security, legal counsel, and other stakeholders as necessary. Stakeholders will work with you to confirm the following:

* Grants/sponsors permit the use of AI.

* A confidentiality agreement, data use agreement, data sharing agreement, and/or a business associate agreement are completed as required.

* The vendor won't train on data.

* Data flows through and is stored in only permitted locations.

When considering the use of generative AI in scientific writing, users must accept responsibility and accountability for the content produced by such tools.

Because generative AI has been found to plagiarize and fabricate material, authors who rely upon AI generated material without confirming the accuracy of the information will open themselves up to findings of academic and research misconduct should fabrication, falsification or plagiarism be contained within those AI materials.

The National Institutes of Health (NIH) has prohibited “scientific peer reviewers from using natural language processors, large language models, or other generative Artificial Intelligence (AI) technologies for analyzing and formulating peer review critiques for grant applications and R&D contract proposals”

Utilizing AI in the peer review process is a breach of confidentiality because these tools “have no guarantee of where data are being sent, saved, viewed, or used in the future”

Using AI tools to help draft a critique or to assist with improving grammar and syntax of a critique draft are both considered breaches of confidentiality.

In general, “authors who use AI tools in the writing of a manuscript, production of images or graphical elements of the paper, or in the collection and analysis of data, must be transparent in disclosing in the Materials and Methods (or similar section) of the paper how the AI tool was used and which tool was used”

Any quoted material should be appropriately cited and attributed (ICMJE, 2023).

Consequently, if AI tool output is used as a source in research or authoring documents, the output must be verified, and the AI tool cited.

Be transparent when you use Copilot or other generative AI tools.

Always cite the use of generative AI tools.

AI-detection tools have repeatedly proven to be unreliable and inaccurate, often yielding false alarms flagging student work. They are not on the list of UIT-approved AI tools and could expose FERPA-secured data to significant security risks.

This includes the use of generative artificial intelligence (AI) tools without citation, documentation, or authorization.

Any student who engages in academic dishonesty or who violates the professional and ethical standards for their profession/discipline may be subject to academic sanctions as per Policy 6-410, Student Academic Performance, Academic Conduct, and Professional and Ethical Conduct.

Consequently, if AI tool output is used as a source in research or authoring documents, the output must be verified, and the AI tool cited.

It is important that when the AI output is used it is reviewed and edited to correct bias that may be present.

Monitor and verify outputs before using them, check sources, and be mindful about when generative AI use is inappropriate.

Be transparent when you use Copilot or other generative AI tools.

As an instructor, you have a duty to your students to ensure their information is protected.

To ensure your data is best protected, we highly recommend using Microsoft Copilot over other generative AI tools like ChatGPT.

Microsoft Copilot Chat is the only approved AI chatbot for use for university business.

Generative AI chatbots like DeepSeek and similar services are not approved for use.

Sensitive or restricted data, including patient information and confidential university records, should never be entered into any AI chatbot, including Microsoft Copilot Chat.

Before using any tool with university data, please review Rule R4-004C: Data Classification and Encryption.

Currently, approved enterprise tools can only be used with public data, as defined by Rule 4-004C. These tools are not approved for use with restricted or sensitive data.

Approved enterprise tools are configured to prevent training on university data.

First, be sure to understand your data classification (Rule 4-004C) and explore what solutions are already available or could be created using a tool listed as approved on Tools and Infrastructure. If you want to use a different AI tool, complete the AI Tool Form. Tools must go through a procurement and security review process.

Users are prohibited from disclosing protected health information (PHI) because certain legally required contracts, such as a Health Insurance Portability and Accountability Act (HIPAA) Business Associate Agreements, are not in place under the U’s Microsoft Copilot license.

Users also should never input other legally restricted data, such as confidential information, student data, privileged communications, trade secrets, personally identifiable information like health or financial data, or unpublished intellectual property.

The University of Utah, a hub for innovation and excellence, encourages the responsible advancement and use of AI to support research and education and drive societal impact.

Existing policies designed to protect university data and research apply when using AI tools. The following guidelines provide additional context on how to interpret policies with respect to AI. As the academic, professional, and legal landscapes related to AI change over time, revisions or new policies may be adopted to help community members meet university expectations.

The advancement and use of AI is expected to comply with all relevant standing policies at the University of Utah.

Other AI-powered tools and platforms are in use within our institution, but their approval and governance vary by application and department.

The University of Utah is currently working on campus-wide agreements for additional AI solutions.

The U is streamlining its review process for acquiring new tools.

University leaders are analyzing usage data to understand community needs and shape a long-term, cost‑effective service model that retains as many capabilities as possible.