So approximately 10-20% of your third parties are going to present serious AI risks. How do you mitigate those risks? Here’s what you do.

One, you assess your needs and identify the risk calculation for each of your third parties, and then you seek two fundamental solutions.

Two, contractual provisions are critical, and there’s 6 of them that you need.

You have to restrict data use so that it’s in accordance with:

• The privacy laws
• Confidentiality of information that you share with your third party
• Audit rights
• Representations and warranties
• Security obligations
• Indemnification with disclosures of any violations

This is the way we mitigate our risks and make sure that our third parties are not gonna create legal liability with their AI use.

The Ethics and Compliance Q and A show is produced by One Stone Creative.