Attestation Language
Attestations for the Use of Generative AI Tools in Education, Training, Research, and Clinical Care
CUIMC
December 2024
Using generative artificial intelligence in learning and training activities, in research, and in the practice of
medicine and health care delivery carries immense promise, which must be balanced with acknowledgement
of unknowns and new potential risks. As generative AI tools such as Columbia University’s Enterprise ChatGPT
become available, there is a new set of competencies and considerations providers and the care team,
researchers, educators, learner and staff and administrators must learn and incorporate into their use of AI.
First, in addition to our Columbia University policy on Generative AI we have guiding principles for the use of
AI in care delivery, use in research, and education and training. We must strive to use AI in ways that ensure
equity, safety, privacy, efficiency and effective outcomes. We at Columbia commit to building the structures
needed to enable wide use of AI that nonetheless respects these principles.
Next, we must all come to know that the content, outputs, suggestions, analyses, recommendations and
information produced by generative AI may be false, misleading or untrue. Everything must be examined for
hallucination, bias, mistakes and substandard recommendations.
For those of us practicing patient care, we must all acknowledge that medical decision-making, care delivery
and diagnosis or treatment recommendations are the sole responsibility of the provider and the care team. AI
does not replace the provider's sole and ultimate responsibility to the patient to do no harm and to deliver the
standard of care. Please see here for trainings on Generative AI and the use of Generative AI in healthcare
delivery.
Finally, training, research, and patient care have special and sacred rules about maintaining patient privacy.
Columbia maintains a list of approved Generative AI tools that are HIPAA compliant and therefore it is
permitted to use with Protected Health Information (PHI). These approved AI tool like Columbia University’s
Enterprise GPT, meets our stringent data security standards,. The list of approved AI tools is available here.
Any information put into these approved tools is protected. It is transmitted and stored using data encryption.
No data will leave the "walled garden" of Columbia University’s secure instance. Regardless, it is your
responsibility to treat the data you have control over - data you enter or receive from these tools - according
to our high standards of data privacy and security (like to data security standards here).
Please be aware that the above statements refer only to Columbia University approved generative AI tools
such as the Columbia University Enterprise version of ChatGPT and not to any openly available ChatGPT or
LLM. Per the Columbia University Policy on Generative AI, you are not permitted to use any other available
generative AI tool with PHI, sensitive or proprietary data.
By signing below, you attest that you will follow the guidelines described above.
