TOPEKA – Governor Laura Kelly announced Thursday that in order to stay ahead of the progression of generative artificial intelligence (AI) technology, she has directed Executive Branch agencies to adopt a statewide generative AI policy, according to a media release from her office.
Click here to view the full policy
The policy, created and introduced by the Kansas Office of Information Technology Services (OITS), outlines how Kansas can responsibly embrace and use the technology while also protecting the State of Kansas.
"It is essential that we be proactive in finding the best way to use any technology that can pose risks to Kansans’ data and privacy,” Governor Laura Kelly said. "With the adoption of this policy, Kansas serves as a model for what an enterprising, effective government can do to stay at the forefront of technological advancements."
The policy comes as state and federal elected officials across the country grapple with the challenges of generative AI, which are computer-based tools used to automate certain tasks. With this policy, Kansas is staying ahead of the curve as many states continue to consider ways to regulate the use of generative AI.
"The full potential of generative AI has yet to be seen,” said Interim Chief Information Technology Officer and Chief Information Security Officer Jeff Maxon. “We have only scratched the surface in our understanding of what this technology can do. With the adoption of this policy, it allows agencies to safely explore how we can use generative AI to enhance our work and, ultimately, better serve Kansans.”
The policy serves as the primary governing document for the usage of generative AI for users or related activities by the entities. This policy applies to all business uses involving the State of Kansas, including but not limited to the development of software code, written documentation (i.e., policy, legislation, or regulations), and correspondence (such as memorandums, letters, text messages, and emails), research, the summarization and proofreading of documents, and the making of business decisions.
The policy outlines that responses created from generative AI outputs must be reviewed for accuracy, appropriateness, privacy, and security before being acted upon or disseminated. It also lays out that state information and/or Restricted Use Information (RUI) shall not be provided when interacting with generative AI.
Agencies are to ensure contractors disclose in their contracts the use of generative AI or integrations with generative AI platforms. Contractors are also prohibited from using State of Kansas RUI or other confidential data in generative AI queries or for building or training proprietary generative AI programs unless explicitly approved. Contractors utilizing generative AI to build software must demonstrate positive control over all data input into the system.
Software code generative by generative AI shall only be implemented after the entity has identified and mitigated all business and security risks related to its use. All usage of software code generated by generative AI shall be annotated.