If an investment/application with ePHI (Electronic Protected Health Information) requests any API keys for U-M GPT, the Michigan Medicine IA Cybersecurity Risk Team will be consulted via a standard work process triggered when the API key is requested from ITS.
U-M GPT, U-M Maizey, and U-M GPT Toolkit Services are approved for use with ePHI. Given these tools are designed to be used exclusively within our organization - where usage data are not passed along to outside/external developers or development models - we recommend U-M users always choose these AI resources rather than using public services.
Other available AI services (e.g. Google Gemini) are not secured or authorized to use U-M ePHI or other regulatory data types. Access to the Llama and Claude large language models are still available for Michigan Medicine users; however, these models ARE NOT currently approved for ePHI.
Users are accountable for the secure and compliant use of regulated and sensitive data within these systems, per U-M policies including U-M SPG 601.33, 601.27 and 601.07.
By using U-M GPT, U-M Maizey, and/or the U-M GPT Toolkit, you are agreeing to the guidelines and principles below:
- You will not use information derived from the service to inform clinical care or direct clinical support decisions.
- You understand all applicable data security and appropriate use policies at U-M and Michigan Medicine and will follow them.
- You understand responses provided by the service have not been validated and you are responsible for appropriate validation before use of any information returned.
- You will not leverage the service to run automated workflows.
Additional Resources
For Michigan Medicine-specific questions, please contact: [email protected]