Working with sensitive data inside AI tools.

If your organization handles sensitive data, the question is not whether to use AI tools. It is which tools, with which controls, for which data classes.

The four buckets

Sort every piece of data into one of four buckets before you put it in any AI tool:

- Public: already on your website or social media. Use any tool. - Internal: company-confidential but not regulated. Use enterprise plans with data-residency contracts, never consumer plans. - Regulated: PII, PHI, CUI, ITAR, FedRAMP-scoped. Use only tools your security and legal teams have approved in writing, with the right enterprise contracts and a documented authority to operate. - Secret: classified, legally privileged, or attorney-client. Do not use external AI tools. Period.

That is the entire decision tree. Most mistakes happen at the boundary between internal and regulated.

The redaction pattern

For internal data that has occasional regulated fragments (names, account numbers, addresses), redact before you prompt. Replace specifics with placeholders: "Customer A" instead of a name, "ACCOUNT_REF" instead of a number. Process the response. Map back. This is slower than copy-paste and the only way to do it safely on a consumer plan.

The audit trail

Every AI use that touches regulated data should generate a record: who prompted, what they prompted, what they got back, what they did with it. Most enterprise plans give you this. Most consumer plans do not. If your tool does not generate an audit trail and you handle regulated data, you are accruing risk you cannot see.

What to do this week

Pick a data class you handle regularly. Sort it into one of the four buckets. Check whether the AI tool you use for that task has the right contract for that bucket. If not, stop using it for that task until you fix the contract.

This is the kind of decision that looks slow and small until the audit. The next chapter on this is at learntrainai.com, the AI Readiness workshop week-two material.