Gemini: Data and Appropriate Use

Gemini with Enterprise-Grade Data Protection offers data protections for University of Minnesota users. Learn about data in Gemini—how it's used, stored, and what kind of data you can enter in the AI assistant, including special considerations for Healthcare Component (HCC) users.

Using Data in Gemini

When using the Gemini web application with your University account, you may use University-classified data, including Private-Highly Restricted information, only in accordance with applicable privacy, security, and data classification policies. Learn more about data classification.

Data Retention

Data entered in to or received from Gemini will be retained for three months per Information Security recommendations. After three months any history, prompts, and results will be cleared from Gemini.  

End-users CANNOT delete their individual Gemini chats from the Gemini sidebar interface at this time. This feature is on Google's roadmap and will be available in the very near future.  

Appropriate Use of Health Information for the Healthcare Component

Staff, faculty, and people within the Healthcare Component (HCC) must take additional care in handling Health Information. Health Information includes, but is not limited to, Individually Identifiable Health Information (IIHI) and Protected Health Information (PHI).

  • Any Health Information used within Gemini must follow the minimum necessary guideline (only the minimum data necessary to complete the task should be used).
  • Gemini may be used for Health Information in IRB-approved studies, but any use of Gemini with Health Information, and how it is used, must be outlined in the study protocol.
  • Gemini is intended to be used as a research-assistance tool; it may not be used for direct diagnosis or medical treatment.
  • For Gemini and other AI questions about Health Information, please contact the Health Information Privacy & Compliance Office (HIPCO) at [email protected].
  • Healthcare Component (HCC) users must handle Health Information (including Protected Health Information) with extreme care. Gemini's use with Health Information in IRB-approved studies must be explicitly outlined in the study protocol. When using Gemini, adhere to the Minimum Necessary rule, using only the data required to complete a task. Remember, Gemini is solely a research-assistance tool and should not be used for direct diagnosis or medical treatment.

Appropriate Use of Student Information

Staff and faculty must take additional care with student information, most of which is protected by the Family Educational Rights and Privacy Act (FERPA). Because Gemini is a licensed tool, it is permissible to use with FERPA-protected data. This only applies when logged in with your University of Minnesota account.

Only the minimum necessary information should be entered into Gemini. For example, if personally identifiable information (PII) for a student—such as their name or student ID number—is not required for the task, omit that information.

Work products created using Gemini that contain FERPA-protected information can only be shared with school officials who have a legitimate educational interest in the information. For more information on FERPA, review the FERPA resources or take the FERPA training (SR0071) available in Training Hub. For FERPA questions, contact [email protected].

Additional Resources

Gemini with Enterprise-Grade Data Protection
Gemini: Guidance for Instructors
Artificial Intelligence: Appropriate Use of Generative AI Tools