myState Directory
AI at MSU

Guidance

Plain and practical.

AI Guidance
For everyone Faculty Students

Start here

One habit keeps you and your data protected.

The single most important habit

Sign in to MSU's approved AI tools with your netid@msstate.edu account. That keeps your conversations inside MSU's protected environment, covered by our agreements, kept out of public model training, and governed by the same protections as your Outlook and OneDrive. Keep in mind that signing up for an AI tool with your @msstate.edu email does not, by itself, make it an approved or secure MSU tool.

If you wouldn't email it outside MSU, don't paste it into a tool outside MSU.

The do's and don'ts

The short, working version.

Do

  • Use MSU's tools for anything involving university data. Student information, personnel matters, contracts, draft communications, financial data, research reports.
  • Verify anything that matters. AI writes confident text that can be wrong: names, dates, citations, numbers, policy details.
  • Disclose your AI use. Disclosure is the default at MSU. In research, follow your discipline and your publisher. In teaching, follow your syllabus. As a student, follow your instructor's rules.
  • Keep prompts professional. What you type into an MSU tool can be logged and retained, the same way an email is.

Don't

  • Don't paste protected or confidential information into free or personal AI tools. Consumer free tiers may use your input to train future models.
  • Don't put FERPA-protected student records into non-MSU tools. Grades, advising notes, transcripts, discipline, and financial aid stay inside MSU systems.
  • Don't share HIPAA-protected health information with any general AI tool, free or paid. If your work involves PHI, talk to MSU compliance before involving AI.
  • Don't let AI make the final call about a person. A human should make decisions on hiring, grading, admissions, accommodations, discipline, etc.
  • Don't assume “private” always means private. Free tools change their use policies. MSU approved tools you're signed in to are the safe floor.

Your data & which tools to use

Before you paste something in, ask what kind of information it is. MSU sorts data into three classes. The more sensitive it is, the more it needs an MSU tool (and sometimes approval first). Select a class to see what it covers and which tools you may use.

MSU Low Risk May be disclosed to the general public without causing harm.
What it covers
Data whereby the unauthorized disclosure of the data would pose low risk to the University and/or the data owner. This data may be disclosed to the general public without causing harm to the University and/or the data owner. This is the lowest data classification at MSU. Few restrictions are placed on this type of data.
Examples
  • Departmental web site
  • Public Library data and holdings
  • Public phone directory
  • Job postings
  • Course catalog and curriculum information
  • General benefits information
  • Enrollment figures
  • Publicized research findings without sponsor restrictions
  • State budget
  • All information that is lawfully available to the general public
Tools you may use
Any AI tool, including public / consumer tools. Turn off model training in the settings where you can.
Rule
No approval needed.
MSU Moderate Risk Should be kept private; limited to a legitimate need-to-know.
What it covers
Data whereby the unauthorized disclosure, alteration, or destruction of the data would pose moderate to significant risk to the University and/or the data owner. This data should be protected and kept private. Access must be limited to only those individuals with a legitimate need-to-know. May be subject to privacy requirements protected by law, regulation, or contract.
Examples
  • Federal Contract Information
  • Personnel records of employees
  • Non-PII student records
  • Biometric data with personal identifying information
  • Student-specific grade records (test scores, assignments, class grades)
  • Student entry and transfer records
  • Human subject information with personal identifying information
  • Personal vehicle license / registration information
  • Insurance benefit information
  • Patent Pending Information
  • Proprietary business plans
  • MSU Identification Number
  • Complete Directory Information
  • Communications to the university community
Tools you may use
Only MSU tools you're signed in to with your NetID: Copilot, Gemini / NotebookLM, or Claude for Teams.
Rule
Approval required before using any non-MSU tool. Request it from the Chief Information Security Officer at security@msstate.edu.
MSU High Risk Protected by law or contract; the highest classification at MSU.
What it covers
Data whereby the unauthorized disclosure, alteration, or destruction of the data would pose significant risk to the University and/or the data owner. This data is specifically protected by law, regulation, contract, ethical considerations, or mutual agreement between the University and an outside party. Access must be limited to only those individuals with a legitimate need-to-know. This is the highest classification category at MSU.
Examples
  • Controlled Unclassified Information (CUI)
  • Covered Defense Information
  • National Security Information
  • Export Controlled Data (ITAR / EAR)
  • Proprietary data with contractual cybersecurity controls
  • Authenticator verifiers (building access codes, Banner / computer passwords, encryption keys)
  • Social Security numbers
  • Health information (ePHI / HIPAA Protected Information)
  • Financial records (e.g., donor contributions)
  • Student / employee financial accounts, bank accounts, aid / grants, fines, transactions
Tools you may use
Identifiable High Risk data goes into no AI tool, MSU-approved or otherwise. Properly de-identified data may be used in MSU-approved tools with prior approval. De-identification is a formal bar, not just deleting names; when in doubt, ask before you paste.
Rule
Request approval from the Chief Information Security Officer (security@msstate.edu) before any AI use. Never paste identifiable High Risk data into any tool.

Approved tools at a glance

Always sign in with your NetID. Anything not listed here should be treated as a public, open tool: fine for public information, never for MSU data. The full, current list lives on the Tools page.

Free with your NetID

Microsoft Copilot

Free for faculty, staff, and students. Includes access to current frontier models from OpenAI and Anthropic inside MSU's Microsoft 365 environment.

Google Gemini & NotebookLM

Free for faculty, staff, and students. Writing, research help, and source-grounded document analysis with enterprise data protection.

Approved for purchase (departmental)

Claude for Teams

Full Claude available through MSU's enterprise agreement, purchased by your department.

Copilot Premium & Gemini Pro for Edu

Higher limits and more agentic features. See the Tools page for costs and how to request.

One thing not to use: Don't use Read.AI to record or transcribe meetings. Use Microsoft Teams or Webex instead. If Read.AI is on your computer and you can't remove it, submit a ticket through the ITS Service Desk.

Your judgment stays in charge

Check the facts, references, and citations in anything AI produces, and watch for biased or exclusionary language, especially in student-facing, HR, and public communications. You are responsible for the quality and integrity of your work, whether or not AI helped.

AI-generated content should never be published, emailed, or posted publicly without a person reviewing it first. That includes website updates, social posts, newsletters, and images. Public-facing AI chat assistants need approval before they're built and again before they go live; start that conversation with the Chief Information Security Officer at security@msstate.edu.

Using AI is your choice

You do not have to use AI to do your work at Mississippi State. Choosing not to use it in your teaching, your research, your studies, or your daily work is a completely legitimate choice, and one we respect. Good teaching, good scholarship, and good learning took many forms long before these tools existed, and they still do.

For faculty, this matters in the classroom especially. How you teach, what you assign, and whether AI has any place in your course are yours to decide. This page offers help for those who want to use AI, not an expectation that you adopt anything.

For students, the same respect applies with one important note: your instructor sets the rules for each course. Some classes will encourage AI, some will limit it, and some will not allow it at all. Always follow your syllabus and ask your instructor when you're unsure.

When you're not sure

The cost of asking is low. The cost of a FERPA or HIPAA disclosure, or a research ethics violation, is not. When in doubt, pause and ask.

  • Data classification questions Check with the data steward for the system that owns the information: Registrar for student records, HR for personnel, Sponsored Programs for grant data.
  • Research data with a Data Use Agreement, IRB protocol, or sponsor terms Those terms govern. AI use has to fit inside them, not around them. Questions go to the Office of Research Compliance and Security.
  • Anything else you're genuinely unsure about Contact the Chief Information Security Officer at security@msstate.edu.

Looking for more? Additional guidance for faculty, staff, and supervisors (including department-level practices) lives in the faculty & staff sign-in area. For the full Information Security Program, see infosecurity.msstate.edu.

Last updated June 11, 2026 · Mississippi State University AI Hub