Your Staff is Already Using AI

Last updated: February 9, 2026

Disclaimer: This advisory is for educational purposes and is not legal advice.

You don’t “roll out” AI (artificial intelligence) anymore. It just shows up—like a new kind of spellcheck that can write, summarize, and answer questions.

And that’s the problem: most client-data leaks through AI (artificial intelligence) aren’t dramatic hacks. They’re normal people trying to move faster.

The 5-minute leak map (do this with a pen, not a committee)

Minute 1: Prompt boxes (copy/paste is the #1 leak)

If your staff can paste client info into a chat box, your firm has a leak path.

“Rewrite this email to the client…”
“Summarize these notes…”
“Turn this into a template…”

Why it leaks: The moment text leaves your controlled system and enters a third-party service, it’s a disclosure—even if it’s not used for training.

Rule of thumb: If you wouldn’t forward it to a stranger, don’t paste it into AI (artificial intelligence).

Minute 2: File uploads (“summarize this document” is a data-export button)

Uploads are higher-risk than pasting because you often export more than you think (metadata, hidden content, attachments, embedded comments).

Fast mitigation: Ban file uploads into any AI (artificial intelligence) tool that isn’t explicitly approved and contract-covered.

Minute 3: Connected apps + plugins (your AI (artificial intelligence) gets hands)

This is the “it looked convenient” leak: connecting Email, Drive, CRM (customer relationship management), or chat tools.

Staff guidance: No connecting work accounts to AI (artificial intelligence) tools unless IT (information technology) approved it.

Minute 4: Built-in assistants in tools you already use (safe-ish isn’t safe)

Business controls can be safer than consumer defaults, but you still have to understand retention, access, and admin settings.

Key point: “Not used for training” doesn’t automatically mean “no risk.” Training is only one slice of exposure.

Minute 5: Mobile + browser layer (the stealth leak)

AI (artificial intelligence) browser extensions that can see what’s on the page
Screenshotting client documents and asking AI (artificial intelligence) to extract/summarize
Personal device + work email + consumer AI (artificial intelligence) apps

Fast mitigation: If you allow BYOD (bring your own device), you need MDM (mobile device management) and a clear “no client data into consumer AI (artificial intelligence)” rule.

The 4 ways client data leaks

Direct disclosure: You paste or upload confidential content.
Indirect disclosure: You “anonymize” but include enough detail to identify a client or matter.
Embedded disclosure: Hidden doc content (tracked changes, comments, metadata).
Retention/logging disclosure: It’s stored somewhere, for some period, by someone.

A simple policy staff will actually follow (5 rules)

Never paste these into AI (artificial intelligence): names tied to matters, SSN (Social Security number), DOB (date of birth), tax IDs, bank data, PHI (protected health information), privileged/confidential facts.
Use AI (artificial intelligence) only in approved environments: business accounts only; personal accounts are a no for client work.
Redact safely: use placeholders like [CLIENT], [AMOUNT], [DATE]; remove rare identifying details.
No connectors without approval: no Email/Drive/CRM (customer relationship management) connectors unless approved.
Report fast if it happens: early reporting beats cover-ups.

Mini incident response (when it already happened)

Stop the behavior (tool, account, what was shared).
Document the facts (date/time, content category, potential impact).
Assess scope (single prompt vs upload vs connector access).
Contain (disable account/extension/connector; rotate credentials if needed).
Decide next steps with counsel/compliance (notification, client comms, remediation).

Get in touch