ID and evaluate any constraints on data used for AI - HITRUST AI Security Assessment and Certification Specification

ID and evaluate compliance & legal obligations for AI system development and deployment

HITRUST CSF requirement statement [?] (19.06cAISecOrganizational.1)

The organization performs an assessment to identify and evaluate its compliance with 
constraints on the data used for AI efforts (i.e., data used for training, validating, tuning, 
and augmenting the prompts of AI systems via RAG), including those related to 
(1) applicable laws, 
(2) applicable regulatory requirements, 
(3) applicable contractual obligations, 
(4) the organization’s self-imposed data governance requirements, and 
(5) copyrights or commercial interests. 
The organization 
(6) acts based on the results of this assessment, if deemed necessary. 
This assessment performed 
(7) prior to using the data for AI efforts and
(8) regularly (at least annually) thereafter.

Evaluative elements in this requirement statement [?]

1. The organization performs an assessment to identify and evaluate its compliance 
with applicable laws related the data used for AI efforts (i.e., data used for training, 
validating, tuning, and augmenting the prompts of AI systems).

2. The organization performs an assessment to identify and evaluate its compliance 
with applicable regulatory requirements on the data used for AI efforts (i.e., data used for 
training, validating, tuning, and augmenting the prompts of AI systems).

3. The organization performs an assessment to identify and evaluate its compliance 
with applicable contractual obligations on the data used for AI efforts (i.e., data used for 
training, validating, tuning, and augmenting the prompts of AI systems).

4. The organization performs an assessment to identify and evaluate its compliance 
with the organization’s self-imposed data governance requirements on the data used for 
AI efforts (i.e., data used for training, validating, tuning, and augmenting the prompts of 
AI systems).

5. The organization performs an assessment to identify and evaluate its compliance 
with copyrights or other commercial constraints on the data used for AI efforts (i.e., data 
used for training, validating, tuning, and augmenting the prompts of AI systems).

6. The organization acts based on the results of this assessment, if deemed necessary.

7. This assessment is performed prior to using the data for AI efforts.

8. This assessment is performed regularly (at least annually) thereafter.

Illustrative procedures for use during assessments [?]

Policy: Examine policies related to each evaluative element within the requirement statement. Validate the existence of a written or undocumented policy as defined in the HITRUST scoring rubric.
Procedure: Examine evidence that written or undocumented procedures exist as defined in the HITRUST scoring rubric. Determine if the procedures and address the operational aspects of how to perform each evaluative element within the requirement statement.
Implemented: Examine evidence that all evaluative elements within the requirement statement have been implemented as defined in the HITRUST scoring rubric, using a sample-based test where possible for each evaluative element. Example test(s):
- For example, review the organizations assessment documentation to evaluate its compliance with constraints on the data used for AI efforts (i.e., data used for training, validating, tuning, and augmenting the prompts of AI systems via RAG), including those related to applicable laws, applicable contractual obligations, the organization’s self-imposed data governance requirements, and copyrights or commercial interests. Additionally, the organization acts based on the results of this assessment, if deemed necessary. Further, confirm that the assessment is performed regularly (at least annually).
Measured: Examine measurements that formally evaluate and communicate the operation and/or performance of each evaluative element within the requirement statement. Determine the percentage of evaluative elements addressed by the organization’s operational and/or independent measure(s) or metric(s) as defined in the HITRUST scoring rubric. Determine if the measurements include independent and/or operational measure(s) or metric(s) as defined in the HITRUST scoring rubric. Example test(s):
- For example, measures indicate completeness of the organization’s assessment to evaluate its compliance with constraints on the data used for AI efforts (i.e., data used for training, validating, tuning, and augmenting the prompts of AI systems via RAG), including those related to applicable laws, applicable contractual obligations, the organization’s self-imposed data governance requirements, and copyrights or commercial interests. Reviews, tests, or audits are completed by the organization to measure the effectiveness of the implemented controls and to confirm that an assessment is performed regularly (at least annually).
Managed: Examine evidence that a written or undocumented risk treatment process exists, as defined in the HITRUST scoring rubric. Determine the frequency that the risk treatment process was applied to issues identified for each evaluative element within the requirement statement.

Placement of this requirement in the HITRUST CSF [?]

Assessment domain: 19 Data Protection & Privacy
Control category: 06 Compliance
Control reference: 06.c – Protection of Organizational Records

Specific to which parts of the overall AI system? [?]

AI application layer:

Prompt augmentations (e.g., via RAG) and associated data sources

AI platform layer:

Model tuning and associated datasets
AI datasets and data pipelines

Discussed in which authoritative AI security sources? [?]

ISO/IEC 38507:2022- Governance implications of the use of artificial intelligence by organizations
2022, © International Standards Organization (ISO)/International Electrotechnical Commission (IEC)
- Where:
  - 6. Policies to address the use of AI > 6.4. Governance of data use
  - 6. Policies to address the use of AI > 6.6. Compliance > 6.6.1. Compliance obligations
  - 6. Policies to address the use of AI > 6.6. Compliance > 6.6.2. Compliance management

OWASP AI Exchange
2024, © The OWASP Foundation
- Where:
  - #CHECKCOMPLIANCE

LLM AI Cybersecurity & Governance Checklist
Feb. 2024, © The OWASP Foundation
- Where:
  - 3. Checklist > 3.7. Legal > Bullet #6
  - 3. Checklist > 3.7. Legal > Bullet #10

Generative AI framework for HM Government
2023, Central Digital and Data Office, UK Government
- Where:
  - Using generative AI safely and responsibly > Data protection and privacy > Lawfulness and purpose limitation > Practical recommendations > Bullet 3

Discussed in which commercial AI security sources? [?]

Databricks AI Security Framework
Sept. 2024, © Databricks
- Where:
  - DASF 12: Delete records from datasets and retrain models to forget data subjects
  - DASF 29: Build MLOps workflows to track models and trace data sources and lineage to retrain models with the updated dataset by following legal constraints
  - DASF 27: Pretrain a large language model (LLM) to only use the data that is allowed with LLMs for inference

Control functions against which AI security threats? [?]

Control function: Decision support

Additional information

Q: When will this requirement included in an assessment? [?]
- This requirement will always be added to HITRUST assessments which include the
  Security for AI systems regulatory factor.
- However, this requirement only applies to machine learning-based AI model types (generative, predictive).

Q: Will this requirement be externally inheritable? [?] [?]
- No (dual responsibility). The AI application provider and its AI service providers (if used) are responsible for independently performing this requirement outside of the AI system’s technology stack.

ID and evaluate compliance & legal obligations for AI system development and deployment

TOPIC: AI supply chain