Guide
AI and confidential information
Most companies haven't thought through what 'confidential' means once their team starts pasting documents into AI. This guide gives you a clear framework you can hand to staff today.
Reviewed by Level Up Automate.
TL;DR
Define three tiers: public, internal, confidential. Most companies skip this and pay for it.
Confidential content (M&A discussions, customer agreements, source code) needs special handling — not consumer AI tools.
Train staff on the tiers once, and they will apply them every day.
The three tiers
Use these names with your team.
- Public: anything already on your website, in published reports, or in public filings. Safe to paste anywhere.
- Internal: ordinary business content not meant for the public — internal memos, meeting notes, draft proposals. Safe in approved tools.
- Confidential: M&A, NDA-bound discussions, executive comp, source code, customer contracts. Approved tools only, with extra rules per your industry.
Practical rules
What this looks like day-to-day.
- Confidential content is summarized before being shared with AI, not pasted whole.
- M&A and NDA-bound content uses dedicated tools approved by leadership for that purpose.
- Source code goes only to a coding-assistant tool that has a contract committing not to retain or train.
- When in doubt, treat as confidential and ask before pasting.
Common questions
Plain-English answers
What about NDAs we have with clients?
Most NDAs are silent on AI specifically. Default to: don't put NDA-covered material into any tool you wouldn't put it in if your client were watching.
Next step
Want a hand getting this right?
A 30-minute conversation often saves weeks of guessing. We'll talk through your team, your data, and what to do first — no slide deck required.