DATA ETHICS COMMITTEE REVIEW

WHAT DO I NEED TO KNOW?

Purdue University policy requires any AI tool or service used in production must be reviewed and approved by the Data Ethics Committee.

USE CASE REVIEW PROCESS

What is the use case review process?

Learn more about our streamlined process by expanding the accordion. No matter which track your request follows, we check these critical areas:

  • Legal & Policy Compliance: FERPA, GDPR, ADA, HIPPA, and institutional policy
  • Data Protection & Privacy: data minimization, PII handling, consent if applicable
  • Bias & Fairness: checks for discrimination or disparate impact
  • Transparency & Explainability: how decisions are made, ability to audit or contest
  • Accessibility: WCAG 2.1 AA and Section 508 compliance
  • Security: data storage, transmission, access controls
  • Accountability: defined ownership, incident handling, escalation paths


Start by filling out our online form with details about the AI tool you want to use. Our Data Ethics Committee will quickly review your submission and assign it to the right track based on risk level. This initial sorting helps us give you the most appropriate review process and clear expectations about timing.

Low-risk tools like writing assistants and basic productivity helpers go through our streamlined quick review process. You’ll complete a self-assessment checklist, and we’ll review your request within 5 business days. This track is designed for everyday tools with no high-risk indicators.

When leadership needs urgent approval or when your tool is very similar to something we’ve already approved, we use our expedited review track. You’ll need to provide a detailed use case description and reference the existing use case that it’s similar to. Our collaborative review team including legal, data, IT security, and accessibility experts will complete the review within 2 weeks.

A comprehensive review is triggered when the risk associated with the use case is medium or high. In these situations, the committee will request additional information to thoroughly evaluate key aspects, confirming that the benefits outweigh the risks to the University. This review will take place during the committee’s monthly meetings, held on the first Tuesday of each month. It is crucial to submit responses to the review questions at least a week before the meeting to allow sufficient time for review prior to voting.

If your request gets denied, you can appeal by submitting additional documentation or explaining how you’ll modify your use case to address our concerns.

We can initiate monitoring early if concerns are reported about how a tool is being used. If you believe an approved use case is being utilized without approval inappropriately, please email the Data Ethics Committee Chairs.