About Us
Charlyn Ho, founder and CEO of Rikka Law, walking in Washington DC

Who We Are

A boutique technology law firm that drives client success

Charlyn Ho, founder and CEO of Rikka Law, with an abstract technology handshake graphic representing the firm's leadership in technology and AI law

Our Leadership

Meet Charlyn Ho, CEO, Managing Member and Founder

Hand zooming in on a checkmark graphic representing Rikka Law's verified strategic partnerships

Partnerships

Proud to work alongside organizations shaping the future of technology & business

Magnifying glass on an orange background representing Rikka Law case studies and capability spotlights

Case Studies

Capability spotlights offering a closer look at real Rikka engagements

Graphic representing Rikka Law frequently asked questions

Frequently Asked Questions

Answers to the questions clients ask most

What We Do
Rikka Law R icon with a handshake over an abstract blue nodes background representing business and technology transactions legal services

Business & Technology Transactions

Practical legal guidance for the deals that drive your business.

Rikka Law R icon with a green lock over a dark circuit board background representing data privacy and cybersecurity legal services

Privacy & Cybersecurity

Stay compliant in an increasingly complex regulatory landscape

Rikka Law R icon with a VR headset over a dark abstract background representing legal services for startups and emerging technology companies

Startup & Formation

Smart AI-powered legal support built for startups and small firms

Rikka Law R icon with a robot hand over a dark abstract background representing AI governance and automation legal services

AI & Automation

Strategic counsel for organizations at every stage of their AI journey

Rikka Law R icon with a Lady Justice scales statue over a dark abstract greenish blue background representing legal staff augmentation and human capital management services

Human Capital Management

Flexible legal talent when you need it, without the overhead of a full-time hire

Rikka Law R icon with a notebook, pen, and glasses over a dark painterly abstract background representing Rikka Law's practical legal education and training programs for lawyers

Legal Education & Training

Advance your legal career with bespoke training programs

Resources
Abstract green illustration of a lightbulb with a brain inside representing Rikka Law's legal insights and technology law commentary

News & Insights

Analysis on the evolving intersection of law, technology, business, & policy

Before You Deploy AI podcast episode highlighted over an orange magnifying glass background representing Rikka Law's podcast series

Podcasts

Conversations on AI, law, and the technology shaping modern business

Woman holding a film clapperboard over a purple abstract background representing Rikka Law's video resources

Video Library

No-cost, straight-talk video guides on AI and technology law

The cover of Charlyn Ho's, founder and CEO of Rikka Law, upcoming book AI-Savvy Lawyer

AI-Savvy Lawyer

Get early access to Charlyn's book

Charlyn reviewing data privacy compliance checklist, representing Rikka Law's free compliance resources for businesses

Compliance Checklists

Free compliance checklists, ready to download

Rikka Academy logo over a repeating Rikka Law icon background with a dark purple overlay representing Rikka Academy's practical legal training platform for lawyer

Rikka Academy

Elevate Your Contract Drafting and Negotiation Skills

Contact Us
Rikka Academy

What Should Companies Do to Enhance Their AI Governance?

All Videos
November 5, 2025·Rikka AI Series·Part 14 of 16
View Part 15

As generative AI continues to transform industries from healthcare to advertising, it also introduces new risks around privacy, security, and intellectual property. In this episode, Rikka founder Charlyn Ho breaks down AI governance best practices for organizations using commercially available generative AI tools. In the age of GenAI, a proactive approach to AI governance isn’t just smart – it’s essential in order to build trust and reduce risk.

Transcript

Today, we’re gonna explore a critical topic for lawyers, AI governance, specifically focusing on the best practices for organizations using commercially available generative AI models. As generative AI or Gen AI is increasingly being adopted across industries like advertising and health care, it brings not only transformative opportunities but also significant risks, especially in areas like privacy, security, and IP infringement.

So what exactly is GenAI?

As a quick reminder, in simple terms, it’s a type of AI that generates content whether it’s text, images, or music by learning from vast datasets.

However, because of the nature of these data sets, organizations must be careful with sensitive, confidential, or proprietary data that gets processed through these models.

The risks associated with Gen AI extend beyond privacy and security.

Since GenAI models often process data on external servers, organizations face the risk of losing control over this information, which could lead to unintentional data leaks or misuse.

Moreover, using GenAI in business workflows flows can expose companies to issues like unlawful discrimination if biases within the training data are not properly managed or potential intellectual property infringement when the AI generates content that resembles existing copyrighted material. So what steps can organizations take to mitigate these risks and build robust AI governance frameworks? Let’s discuss some best practices.

Make sure your agreements clearly define data ownership and usage rights, especially for AI generated data. If your organization is using GenAI, consider adding AI specific clauses relating to data sharing, intellectual property, and compliance with laws and regulations.

Next, align your data retention policy with your current practices.

You need clear guidelines on the retention and deletion of AI generated data.

For example, regulatory requirements may compel you to retain certain data, while agreements with customers may require you to delete it within a certain time frame.

So it’s important to deconflict and reconcile these differences with your data retention policy. You also wanna review your internal privacy and security policies.

These policies may need to be updated to adjust gen AI specific risks, including stronger encryption and refined data access controls.

Remember, transparency and accountability are key regulatory principles, so make sure to document AI decision making processes.

Consider creating a data taxonomy policy.

Classify and handle data effectively by clearly delineating all data types, including AI generated data.

This helps in managing it separately and appropriately based on categories so you can appropriately apply the data retention schedules that we just discussed.

But policies are only effective if everyone in the organization understands them and complies with them.

So you want to integrate AI ethics and best practices into your training programs to promote a culture of ethical and responsible AI use.

Lastly, you wanna consider reviewing and updating your terms of service and privacy policy. As your customers interact with AI features in your products and services, it’s important to be transparent about how their data will be used, including whether it may be used to train AI models, either your own AI models or the ones that you’re utilizing.

Avoid the pitfalls other companies have faced by proactively communicating any changes to your terms of service to prevent regulatory scrutiny and build user trust.

In this rapidly evolving landscape, a proactive approach to AI governance is essential. Thanks for joining me today. Don’t forget to like and subscribe, and let me know in the comments if you have any questions.

See you next time.