Gemini is functionally the only AI tool in place at GCC that is FERPA and HIPAA security compliant. Accessing Gemini via institutional .edu accounts ensures all employees are complying with college, state, and federal privacy standards to protect institutional data and personally identifiable information.

Scope

This policy applies to all Greenfield Community College employees, including faculty, staff, contractors and student workers who use AI tools for college-related administrative or professional work.

Acceptable and Prohibited Use

Employees must only use gcc.mass.edu accounts for official GCC activities such as communication, documentation, and data analysis. Personal or free AI accounts must not be used for any work involving confidential, student, or institutional information.

Required Disclosures

When AI tools are used to generate or assist in creating college materials, employees should identify the tool and confirm that it was accessed through a GCC.edu account.

Limitations and Restrictions

AI tools may not be used through personal accounts for any task that includes institutional data, FERPA-protected records, HIPAA-protected records, or confidential communications.

Privacy and Data Handling

Employees must review all AI-generated content for accuracy and avoid entering sensitive data into personal accounts. Institutional .edu accounts operate under organization-level protections that prevent data from being used for model training or human review.

Implementation and Support

Google Gemini is enabled for all gcc.mass.edu accounts by default and can be securely accessed by logging into the institutional account. FAQs are available through the Google Help Center, and employees may request assistance to verify they are using the correct account.

Enforcement

Enforcement of these recommendations will follow standard college policies.

Definitions

• .edu account: A GCC-managed account under Google Workspace for Education.
• Personal account: Any non-GCC account not governed by institutional privacy or data-protection agreements.

Appendices and Related Resources

Employees should refer to the Google Help Center for Gemini FAQs and official government websites for HIPAA and FERPA information. For additional questions about protected information, contact HR.

Review Cycle and Revision History

This policy is reviewed annually or by request of the College Technology Committee (CTC) and Information Technology (IT) department to reflect changes in platform features and compliance requirements.