Glossary

A running list of terms I use in these posts—plain-English definitions, plus the way I mean them in practice.

---

RAG (Retrieval-Augmented Generation)

Plain English: Instead of asking an AI model to answer from memory, you let it look things up in your documents first, then write an answer with that context.

Why it matters: It reduces hallucinations and lets you ground answers in your policies, docs, and data—assuming the source data is accurate and kept up to date.

Common failure mode: If the underlying documents are outdated or poorly structured, RAG can make a model confidently wrong with citations.

CJIS

Plain English: Criminal Justice Information Services requirements. If your system touches Criminal Justice Information, CJIS security controls become the rulebook.

Why it matters: It constrains where data can go, who can access it, and what security/audit controls are required.

Shadow AI

Plain English: AI use that’s already happening inside the organization without visibility, governance, or guardrails (e.g., staff pasting work data into public AI tools).

Why it matters: You can’t manage risk you can’t see.

FERPA

Plain English: The Family Educational Rights and Privacy Act is a U.S. federal law that protects the privacy of student education records.

Why it matters: It defines when schools can share student information and what rights students/parents have to access and request correction of records.

Written by Andy Watkins | Edited and formatted with AI assistance