Skip to content

Using AI at work, safely: 5 simple ways to save time and what not to share

Using AI at work, safely: 5 simple ways to save time and what not to share

AI is often treated as one thing, but it helps to separate the terms. Generative AI is what most people mean when they say “AI” today: tools like ChatGPT that create a work product in response to a prompt. Another category is agentive AI, which can take steps and make decisions to complete tasks for you. Some people also discuss artificial superintelligence (ASI), but we will save that for a future post.

Generative AI can be genuinely useful in day-to-day work, but most people have never been given clear guidance on what is safe to share with it. A simple rule is to use it for low-risk work like rough drafts and shaping ideas, and keep it away from anything confidential or identifying. That includes customer or employee details, names tied to real people, addresses, medical information, and technical specifics that reveal how your environment is set up, such as IP addresses, configuration files, usernames, access keys, and passwords.

5 practical, low-risk ways to use AI at work:

  1. Drafting Everyday Emails
    • If you can describe what you want to say in a sentence or two, AI tools can turn it into a clean first draft. This can be helpful for follow-ups, scheduling, customer check-ins, and status updates. Be sure to still review it before sending, as AI can get the tone wrong or miss details, but it can remove the friction of starting from a blank page.
  2. Summarizing Meetings and Long Notes
    • If you have general notes that don’t include confidential client details, employee information, financial data, etc., AI can turn a messy page of notes into a short recap, a list of decisions, or a set of action items.
    • A good note and rule of thumb: If you would not forward the raw notes to a broad internal list, do not paste them into an AI tool.
  3. Organizing Notes and Turning Ideas Into a Plan
    • You may already have the right ideas, just not the time to structure them. If you have a rough list of tasks or thoughts, AI can help turn it into a step-by-step checklist, a short timeline, or a clearer outline for what happens next.
  4. Creating Basic FAQs and Internal How-To Blurbs
    • You might need a simple document explaining how to request time off, submit an expense report, name and store files, or handle common customer questions. The key is that AI should create the initial version, and your team should confirm it’s consistent with how your business actually works.
  5. Polish Writing You Already Have
    • If you remove confidential information first, you can paste a draft and ask AI to make it clearer, shorter, or more professional. This is useful for client emails, internal announcements, and basic proposals.

Now for the safety side and using AI.

The simplest rule is to treat most AI tools like a public space. Even if a tool claims to be private, your safest default is to avoid pasting anything that could cause damage if it were exposed.

Do not paste:

  • Passwords, passcodes, MFA codes, or recovery codes
  • Client information, especially anything confidential or identifying
  • Financial information (banking details, invoices with sensitive fields, credit card data)
  • HR information (employee records, compensation, performance notes, medical details)
  • Contracts, legal documents, or anything under NDA
  • Internal system details that could help an attacker (network diagrams or information, config files, admin credentials, security procedures)

AI is moving fast enough that many of the old “rules” about how quickly technology evolves are starting to feel outdated. That speed makes AI safety a practical concern, not a theoretical one. AI can also behave in a fractal way: a small piece of information can be reused in countless contexts, and it is not always obvious where it might show up later. Combine that with how quickly these tools can act, and it is worth pausing to think about your AI hygiene.

The goal is not to ban AI or let it run unchecked. It is to narrow its scope so it stays focused on the task you actually want solved, whether that is tightening up an HR policy or supporting medical research. On the user side, the best leverage we have right now is clear education and behavioral controls: practical guardrails that limit what goes in, where it goes, and who can access it.

Cardinal Point can help your team choose the right tools, set straightforward rules everyone can follow, and deliver training that emphasizes safe, day-to-day use.