Meethun Panda ¹ and Soumyodeep Mukherjee ², ¹ Bain & Company, UAE, ² Genmab, USA

This paper explores privacy and security frameworks tailored for Retrieval-Augmented Generation (RAG)-based Generative AI applications. These systems, while transformative in their capabilities, pose significant privacy and security risks. By leveraging advanced privacy-preserving techniques, robust governance frameworks, and innovative tools such as differential privacy and zero-trust architectures, this paper provides strategies for mitigating risks like data leakage, adversarial attacks, and compliance violations. Through theoretical and practical analysis, we present scalable approaches that align with global regulations such as GDPR and CCPA, ensuring operational performance and compliance.

Retrieval augmented generation, LLM, Privacy Preservation, Data Security, Adversarial Attacks, GDPR, CCPA, Differential Privacy, Governance, Secure AI Infrastructure, Data foundation.