Governing Workforce Use of Public GenAI: Privacy, Security and AI Risk

Public GenAI tools are already embedded across the workforce—often outside formal approval—forcing privacy, security, and AI governance teams to manage risk after adoption, not before. While productivity gains are real, unmanaged workforce use creates durable privacy, security, and compliance risks that organizational leadership must govern. 

This workshop, led by two AIGP/CIPP/CIPM/CIPT attorneys and a CISO, focuses on how privacy, security, and AI governance teams manage workforce GenAI use once public tools are already in play. Attendees will examine recurring risk patterns—prompt injection, indirect manipulation, insider threat variants, inference-based data spillage, and record retention challenges—and connect those risks to legal obligations, program controls, and technical realities. 

The session then moves from risk identification to execution, walking through enforceable guardrails: workforce‑ready acceptable‑use rules, scalable security and monitoring controls, and an incident‑ready response playbook. Participants leave with practical frameworks, ready-to-adapt policy language, and a tabletop scenario to pressure‑test governance programs.

What you will learn:

• Public GenAI creates privacy, security and inference‑based risks requiring programmatic governance, not ad‑hoc restrictions: beginner-accessible, intermediate & expert-relevant. 
• How prompt injection and indirect AI manipulation arise in daily workflows that privacy, security, and technology teams must jointly manage: int/adv levels. 
• How to implement enforceable, enterprise‑wide GenAI guardrails—policy, controls, and incident response—aligned with legal and operational reality: all levels.

Additional registration fee required.