Skip to main content

Guiding Safe and Responsible AI Use

Responsible AI

The State of Oklahoma approaches artificial intelligence through a principled framework designed to maximize benefits while upholding strong standards of responsibility and public service. This is supported by dedicated AI Safeguards that address risk management, security, data governance, procurement processes, and platform compliance, ensuring that all AI initiatives are implemented safely and in alignment with state governance requirements.

Equally important are the principles of Responsible AI, which serve as ethical guardrails for all AI systems. These principles emphasize transparency in decision-making, fairness to prevent bias, accountability for outcomes, and meaningful human oversight. Together, these elements ensure that AI enhances government efficiency and citizen services while protecting privacy, promoting equity, and preserving public confidence in state operations.

Download the State of Oklahoma AI Policy (PDF)

Use of AI in Oklahoma State Government

Artificial Intelligence creates new opportunities to improve how the State of Oklahoma serves its citizens and supports its workforce. With these opportunities comes a responsibility to use AI in a secure, thoughtful, and ethical way.

Using AI in Your Work

AI can support your day-to-day work by helping you draft content, summarize information, and analyze data more efficiently. When using AI, rely on approved tools, avoid entering sensitive or confidential information, and review all outputs before use. AI should enhance your work, not replace your judgment, and must always be used in accordance with state policy and standards.

For State Team Members

AI is a tool to help you work more efficiently, but it must be used responsibly. Focus on what is allowed, avoid entering sensitive data, and follow simple guardrails to protect the State and its citizens. Start with approved tools and guidance to use AI safely in your everyday work.

 

For All State Leaders

AI presents an opportunity to improve services, increase efficiency, and modernize how your agency operates. Leaders are responsible for ensuring AI is used safely, aligned with policy, and delivers measurable value. Use the State’s intake, governance, and support models to guide responsible adoption across your teams.

Please refer to the specific citations from the State AI for additional details:

When using AI systems such as ChatGPT, Gemini or Claude to assist with various work tasks, it is important to be mindful of the information being provided to the software solution. Be mindful of your use by using the following guidelines. 

Do

  • Verify all AI-generated content before using it, ensuring the information is accurate, relevant and appropriate.
  • Do maintain responsibility of your final work product. AI tools should replace productivity efforts, not replace your work.
  • Do be aware of content and agency standards for communication. Ensure that tone, style and language align with agency standards or other professional requirements. 
  • Do use general or fictional examples, when possible. Public generative AI applications store the information you provide and may resurface it to other users. 

Do Not

  • Do not use AI-generated answers without fully verifying the content and context is correct. AI tools can present users with inaccuracies (“hallucinations”) or omit key information. 
  • Do not use sensitive topics or sensitive state data within the tool such as personal identifiable information (“PII”), financial information, health data, authentication data or any other sensitive information. 
  • Do not use when drafting solicitation information or for any procurement processes as the information could be used to gain an advantage by a vendor. 
  • Do not rely on AI-generated language translations without confirming accuracy, dialect or potential biases with a qualified interpreter or translator. 

Example Prompts (Do Not)

  • Example prompt #1: Write a memo to Oklahoma state employees about the return to office executive order. Please include the benefits of returning back to the office, maintain a professional tone and limit the text to be less than 300 words. 
  • Example prompt #2: Write a job description for a State of Oklahoma Executive Administrative Assistant. 
  • Example prompt #3: Draft an email to all state employees announcing the upcoming benefits enrollment period. Include key deadlines, highlight coverage changes and limit the text to 200 words. Use the documents provided as context for the email. 
  • Example prompt #4: Create a one-page FAQ document that addresses common questions about the State of Oklahoma’s benefit package. To ensure responsible AI use, state employees with any questions regarding what should or should not be allowed in AI system should submit a ServiceNow Ticket to the OMES Help Desk for guidance and review. 

Need Guidance?

If you’re unsure whether something is appropriate to enter an AI tool, submit a ServiceNow ticket to the OMES Help Desk for review and support.

Disinformation and misinformation, while differing in intent, both contribute to the spread of false and inaccurate information in the context of government use of AI. Disinformation is intentionally created to deceive users with misinformation is spread unintentionally due to error. In AI systems, these issues emerge when false content is generated or amplified, whether through automated data output, AI-driven content creation or the propagation of uncorrected or flawed data. Both can undermine trust and accuracy, making it critical to implement safeguards against their occurrence. 

Using AI Safely and Responsibly

AI must be used in a way that protects sensitive information, maintains public trust, and aligns with state policies and standards. Employees are responsible for understanding data handling requirements, using approved tools, and ensuring AI is applied in a secure and ethical manner. Strong governance, clear accountability, and adherence to established principles ensure AI can be used safely while delivering value across the State.

Please refer to the specific citations from the State AI for additional details:

AI systems should be guided by the following principles and values.

  • Responsible and ethical AI requires AI systems to respect and enhance human rights, ensuring privacy and equality. By aligning AI with human rights and ethical principles, the goal of the state AI systems is to protect individuals and data.
  • AI systems must be transparent with clear lines of accountability. Users of AI systems must be able to explain decisions and processes undertaken by AI systems. Therefore, decisions made by AI must be unbiased, transparent and understandable to users.
  • It is crucial to prevent bias in AI decision making to ensure that AI systems provide fair, accurate and non-discriminatory outcomes. It is imperative that AI systems are designed and implemented in a way that prevents discrimination against protected classes, ensuring equitable treatment and compliance with applicable laws regarding protected classes. 

All state employees shall complete “State AI Awareness & Usage Foundational Training & Acknowledgement” training through Workday prior to accessing or using any AI on a stateissued device, or using inputting, or interacting with state data in any AI system. All state employees shall complete biannually refresher training on AI. Additional training may be required in the future.  

Any violation of this policy, whether actual or suspected, shall be immediately reported by the employee and/or their supervisor upon discovery. The state agency shall be responsible for promptly reporting the incident to the CIO and CISO immediately.  

Any violation of this policy identified or reasonably suspected by OMES shall require the affected agency to fully cooperate with and participate in all investigation, response and remediation efforts as directed by OMES. The agency shall provide timely access to relevant systems, records, personnel, and documentation as requested; participate in incident response and corrective action activities; and implement all required remediation measures. Failure to comply may result in escalation and additional administrative, legal, or financial consequences.  

Pursuant to the Oklahoma Information Technology Consolidation and Coordination Act (“ITCCA”) the Chief Information Officer has authority over strategic planning, development, acquisition, deployment and implementation of information technology, including AI systems across executive state agencies. The CIO ensures that AI initiatives are implemented efficiently, securely and in alignment with state priorities, including improving government efficiency, service delivery and data-driven decision making.

The CIO is responsible for establishing standards, policies and procedures for AI systems to ensure their ethical use, security and integration with existing state infrastructure. The CIO will govern AI systems through the following review and approval process:

AI systems requested by agencies, whether procured directly or through a state contract managed by OMES, are subject to the CIO’s authority and must undergo CIO review at all stages prior to deployment. The CIO shall approve, conditionally approve or deny such systems based on industry best practices and a standardized evaluation framework evaluation will consider:

  • Alignment with state strategic priorities.
  • Compliance with applicable laws, regulations and rules. 
  • Ethical consideration, fairness, accountability and transparency. 
    • Ethical governance framework:
      • Data quality and transparency.
      • Privacy and security.
      • Accountability and fairness.
      • Robustness, reliability and compliance.
      • Electoral integrity and non-bias.
      • Collaboration and beneficence.
  • Data privacy, security and protection protocols.
  • Risk classification and intended use. 
  • Whether the AI system is a net new system or an AI enhancement to an existing approved solution.

All AI systems must undergo a third-party security review, which includes assessment of the supplier’s Authority to Operate (“ATO”) and software product security review. Both reviews are to be conducted by the Chief Information Security Officer (CISO) of OMES before any use of the product, ensuring that all security and compliance requirements are met.

Sensitive Data shall not be transmitted when using public AI systems. Such data may be transmitted through a separate secure instance, not a public unsecure instance, but only after having been approved for such use by the CIO. Once CIO approval has been granted for use of sensitive data in any AI tool, continued compliance regarding certain types of sensitive data use must be monitored and will be held accountable by the agency for compliance with any applicable federal regulations.

Any state employee who inputs, uploads, transmits or otherwise discloses any federally protected data into a public AI system or any AI system that has not been reviewed and approved for the handling of such data in accordance with this policy and applicable security requirements shall be terminated by the employing agency. 

Managing and Scaling AI

As AI use expands, all State agencies and organizations must ensure solutions are implemented in a consistent, secure, and scalable way across the State. This includes following established processes for procurement, oversight, and evaluation to ensure AI systems are effective, compliant, and aligned with statewide priorities. Coordinated governance and shared standards enable agencies to scale AI responsibly while maximizing impact and avoiding duplication.

Please refer to the specific citations from the State AI for additional details:

Pursuant to the Information Technology Consolidation and Coordination Act (“ITCCA”) and the Oklahoma Central Purchasing Act, the CIO holds sole and exclusive authority over all information technology acquisitions, including AI systems. As the Information Technology and Telecommunications Purchasing Director, the CIO ensures that all AI-related procurements align with state policies, security standards and strategic priorities. See 74 O.S. 85.5, 62 O.S. 35.1 et seq., and OAC 260:115-1-1.

To ensure proper oversight, security and compliance of AI systems, the CIO shall be a required signatory on every acquisition involving AI. This ensures that all AI-related acquisitions align with the organization’s security policies and compliance standards. 

The CIO may conduct audits to ensure AI systems are not being used without prior approval and to verify that approved AI systems remain in compliance with state policies, security standards and regulatory requirements.

All AI systems will be reviewed during the procurement stage and if awarded a multi-year contract, auditing may be required before a renewal is completed. Once an AI system is approved, it may be subject to continuous monitoring throughout its use to ensure ongoing compliance. At the CIO’s discretion, any AI system may be audited at any time to ensure: 

  • State and federal law; 
  • Conformance with state standards; 
  • Applicable regulations; 
  • Bias testing; 
  • Data privacy compliance; and 
  • Any other AI compliance requirements.

Compliance
This standard shall take effect upon publication and is made pursuant to Title 62 O.S. §§ 34.11.1 and 34.12 and Title 62 O.S. § 35.8. OMES IS may amend and publish the amended standards policies and standards at any time. All state agencies, boards, and commissions under the CIO’s authority, as well as suppliers, contractors and other entities providing services to the state are required to adhere to the most current published standard. Employees found in violation of this standard may be subject to disciplinary action, up to and including termination. Agencies that fail to comply with this policy may be subject to additional legal, administrative, or financial consequences. All other state entities that fall outside of the CIO’s authority are encouraged to adopt this standard. 

Rationale

To protect state and citizen data, and to coordinate and require central approval of state agency information technology purchases and projects to enable the chief information officer to assess the needs and capabilities of state agencies as well as streamline and consolidate systems to ensure that the state delivers essential public services to its citizens in the most secure and efficient manner at the lowest possible cost to taxpayers.

Complete AI Awareness Training

The State of Oklahoma is committed to responsible, safe, and proactive use of artificial intelligence to enhance government efficiency.

Get Started

Our Core Principles

Back to Top