Application of this AI Policy
This policy applies to all Healthwatch Wirral (HWW) trustees, volunteers, employees, contractors, and third-party representatives working on behalf of HWW. Its requirements should be reflected in other policies and procedures, agreements and contracts, as necessary.
This security policy establishes end user responsibilities when using AI tools for official Healthwatch business. The policy aims to ensure that AI tools are used securely by outlining acceptable use of AI, the need to check accuracy of results, the need for transparency and user accountability for AI generated content. The policy also addresses the data protection responsibilities of users when utilising AI tools.
AI Policy Definition
We define Artificial Intelligence (AI) as the ability of machines or software to perform tasks that would normally require human intelligence. AI systems can process data, learn from it, and make decisions or predictions based on that data.
HWW AI Governance Policy
All key AI decisions and proposals will be subject to scrutiny and approval by the HWW Board. They will be advised on any concerns or breaches in AI use and will review this policy and our AI performance annually to keep up with evolving AI technologies and ethical standards.
Use of AI by our organisation will have appropriate human oversight with humans being responsible for making all final decisions on their output. We will maintain oversight by monitoring AI systems’ performance, impact, and compliance with this policy on an ongoing basis.
This will ensure accountability for the decisions made by AI systems, which may include measures such as auditing, reporting and review processes and the use of algorithms in decision-making, including the steps we will take to ensure these are as fair and unbiased as reasonably possible.
Policy on Management of AI
We will support our people in adapting to the changes AI will bring by providing them with appropriate support and skills development and taking into account their needs, when designing roles and work procedures.
The requirements of our AI policy may be embedded in other relevant policies and procedures, contracts, agreements and other documentation, where deemed necessary. We will ensure that those in our organisation with responsibilities for, or involvement in AI, understand our organisation AI policy, their responsibilities in delivering this and are accountable for doing so.
AI Risk Management
Our AI risk avoidance includes, to the best of our knowledge, any potential risks and other reasonably foreseeable uses of the technology, including accidental or malicious misuse. The mitigation action put in place will ensure that the level of risk remains within acceptable limits.
AI Data Protection and Privacy
We carry out Data Protection Impact Assessments (DPIA) for AI and make any necessary changes to our policies and procedures. As part of that, insofar as reasonably possible, we will:
- Use accurate, fair, and representative data sets to ensure these are inclusive.
- Not include personal data in data sets, or at least pseudo-anonymise or de-identify it.
- Ensure our data consent procedures are simple and clear and that we obtain user consent when using AI systems that process personal data.
- Reflect our use of AI in our privacy statement to ensure users know when their data is being used by AI, whether AI is making decisions about the data and, if so, what these decisions are.
We are aware of the ICO guidance on AI and data protection and have reflected any additional requirements in our policies and procedures.
We are aware of the ICO guidance and updates in relation to AI use, and will review this policy accordingly.
AI Ethics
We are committed to ensuring our Ai policy is aligned with our company values . We will take reasonable steps to avoid or minimise any exclusion or detriment and transparently communicate this. We will ensure that any AI created content respects the dignity of individuals and represents them in the way they would wish to be, including them being accurately depicted.
We will make our AI systems and content as accessible as possible. Insofar as reasonably possible, we will use accurate, fair, and representative data sets to ensure these are inclusive. We will ensure that any AI decisions are understandable and interpretable.
All reasonable efforts will be made to identify any bias within an AI system we use, to ensure any bias has been mitigated to the point where it is within an acceptable level of risk. We are open and transparent about any bias within an AI system (that we are aware of) and how we manage this.
Where AI is used to create content, there are appropriate checks and safeguards in place to ensure:
- We are open and transparent that the content has been created by AI.
- AI created content is either self-evident or clearly identified.
- It will not be used for purposes where the use of AI has been specifically not permitted.
We employ appropriate content moderation by humans to minimise the potential for errors and bias.
AI Environmental Considerations
We are aware of the environmental impact of AI due to its very high energy consumption. We will take this into account when considering our environmental impact and will seek to make use of any emerging technologies that will help to minimise or mitigate this.
AI Legal Compliance
We will take all reasonable steps to identify copyrighted material. For any such material we use, we will ensure we have their copyright agreement, or it falls within ‘fair use’, or other exception to copyright, or the Open Government Licence (OGL), or some other free use category.
We will not knowingly use any online material, such as from social media accounts or online galleries, which has been marked as ‘NoAI’, ‘NoImageAI’, or similar.
We will take all reasonable steps to ensure that our use of AI does not have a negative impact on the legal rights and/or liberties of individuals or groups and complies with the Data Protection Act 2018.
We will endeavour to ensure that for any AI use of our data, the data is compliant and we have appropriate consent, particularly the safeguarding of sensitive personal information.
Cyber Security Policy in an AI Enabled World
We have robust cyber security procedures that everyone is aware of and complies with consistently to minimise the risk of AI scams and disinformation.
We will review and update our AI Policy Statements, when necessary, in line with current cyber security policies.
This AI Policy has been approved and authorised by:
Name: B Wyllie
Position: HWW Board Chairman
Date: 14 July 2025
Due for Review by: 14 Nov 2025