Este artigo está disponível apenas em inglês no momento.
Is My AI Tool Safe? 7 Things to Check Before You Use Any AI at Work
Before you type anything into ChatGPT, Copilot, or any other AI tool at work, there are seven things worth checking. Most people skip all of them. Here's what they are and why they matter.
Key Takeaways
Check whether your employer has an AI policy before using any tool — using an unapproved AI tool with work data can breach your employment contract and data protection law.
Read where your data goes: most free AI tools use your conversations to train future models by default. Check the privacy settings and opt out if available.
Never enter personal information about colleagues, clients, or third parties into a commercial AI tool without knowing how that data is handled.
AI tools can be confidently wrong — always verify important outputs against authoritative sources before acting on them or sharing them.
If in doubt about whether using an AI tool is appropriate for a specific task, ask your manager or IT team — it is always better to ask than to cause a data breach.
"Apenas para fins informativos. Este artigo não constitui aconselhamento jurídico, regulatório, financeiro ou profissional. Consulte um especialista qualificado para orientação específica."
1. Does your employer have an AI policy?
The first thing to check is whether your employer has published a policy on AI tool use. Many organisations have now produced these — often called an AI Acceptable Use Policy or similar. If yours has one, read it before using any AI tool for work purposes. It will tell you which tools are approved, what data you can and cannot enter, and what to do if something goes wrong.
2. Where does your data go?
Every time you type something into a commercial AI tool, that text goes to the company's servers. The question is what happens next. Does the company store your conversations? For how long? Are they used to train future AI models? Check the settings of any tool you use regularly — for most free tiers, conversation data is stored and may be used for training by default.
3. What should you never enter?
A practical rule: do not enter anything into a commercial AI tool that you would be uncomfortable seeing published publicly. No personal details of colleagues or clients, no confidential business information, no passwords, and no information covered by professional privilege.
4. Is the tool approved for your sector?
If you work in a regulated sector — financial services, healthcare, law, government — additional rules may apply. General-purpose consumer AI tools often do not meet the security standards required in regulated industries.
5. Is the output actually reliable?
AI tools can produce confident-sounding wrong answers — hallucination. For any consequential use — medical information, legal questions, financial calculations — verify the output against primary sources. AI tools sometimes invent references that do not exist.
6. Are you disclosing AI use where required?
Many organisations now require disclosure when AI was used to produce content — particularly in client-facing documents, academic submissions, or regulated communications. Check whether your role requires disclosure.
7. Do you have a way to raise concerns?
Know how to raise a concern if you see AI being used in a way that seems wrong — a potential data breach, discriminatory output, or use of an unapproved tool. Know who to contact before you need to.