BreachExpress

Cybersecurity, explained for the rest of us.

General

AI tools at work: what you should never paste

Margot 'Magic' Thorne@magicthorneJune 16, 202611 min read
Office desk with laptop showing AI chat interface, redacted documents, and sticky note reading 'Think before you paste'

You're stuck on a difficult email. You open ChatGPT, paste the draft, and ask it to make the tone more professional. The AI rewrites it perfectly. You copy the result back into Outlook, send it, and move on with your day.

What just happened? You uploaded your company's internal communication to OpenAI's servers. The email might have contained project details, client names, budget figures, or strategic decisions. OpenAI stored your prompt. Their systems analyzed it. Depending on your account settings, they might use it to train future models.

You didn't mean to leak confidential information. You were just trying to write a better email.

This is the practical reality of AI tools at work in 2026. The technology is useful. The risks are real. Most people don't know where the line is until they've already crossed it.

What AI assistants actually do with your data

When you paste text into ChatGPT, Claude, or Microsoft Copilot, you're not having a private conversation with a helpful robot. You're uploading data to a company's servers, where it gets processed, stored, and analyzed.

OpenAI stores your ChatGPT conversations for around 30 days, even if you've opted out of training data use. That's their stated policy as of mid-2026. They use this retention period for abuse monitoring, service improvement, and legal compliance. After 30 days, most prompts get deleted, but exceptions exist for flagged content or ongoing investigations.

Claude (from Anthropic) follows a similar pattern. Conversations get stored temporarily for safety monitoring and service quality. Their privacy policy states they don't train models on user conversations by default, but the data still lives on their servers during that retention window.

Microsoft Copilot operates differently depending on which version you're using. The consumer version (built into Edge and Windows) sends your prompts to Microsoft's servers with retention policies similar to OpenAI's. Copilot for Microsoft 365 (the enterprise version) processes data within your organization's tenant and offers stronger privacy controls, but you're still trusting Microsoft with the content.

All three services analyze your prompts to generate responses. That analysis happens on their infrastructure, not your device. The text you paste travels across the internet, gets processed by their models, and generates output that travels back. At every step, copies exist outside your direct control.

This isn't a criticism of the companies. It's how cloud-based AI works. The models are too large to run on your laptop. The processing power required exceeds what consumer devices can deliver. You're trading convenience and capability for control over where your data goes.

The categories that create risk

Not all work information carries the same level of risk when pasted into AI tools. Some data is explicitly protected by law or contract. Some is sensitive but not regulated. Some is internal but not confidential. Understanding these categories helps you make better decisions about what to share.

Regulated data includes anything covered by HIPAA (healthcare records), GLBA (financial information), FERPA (education records), or similar laws. If you work in healthcare, finance, education, or legal services, you're handling regulated data. Pasting it into an AI tool without proper safeguards can violate federal law, trigger breach notification requirements, and expose your employer to significant liability.

The FTC has made clear that companies must implement reasonable security measures for sensitive consumer data. Uploading that data to a third-party AI service without a business associate agreement or equivalent legal framework doesn't meet that standard.

Contractually protected information includes anything covered by non-disclosure agreements, client contracts, or vendor agreements. If your employer signed a contract promising to protect certain information, you're bound by that promise. Pasting client data, partner communications, or proprietary information into ChatGPT violates those agreements even if no law explicitly forbids it.

Proprietary business information covers strategy documents, financial projections, product roadmaps, competitive analysis, and similar internal materials. This isn't necessarily regulated or contractually protected, but it's information your employer wants to keep confidential. Leaking it creates competitive risk and undermines trust.

Personally identifiable information includes names, email addresses, phone numbers, addresses, and similar data that identifies individuals. Even if the information isn't regulated, pasting it into an AI tool exposes those individuals to unnecessary privacy risk. Your colleague didn't consent to having their contact information uploaded to OpenAI's servers.

Authentication credentials should never, under any circumstances, be pasted into an AI tool. Passwords, API keys, access tokens, and similar credentials create immediate security risk. If you're debugging code that contains credentials, redact them first. If you're drafting documentation that references credentials, use placeholders.

What leaks through context

Removing obvious identifiers doesn't eliminate risk. Context reveals more than most people realize.

You paste a question: "How should I respond to a client who's upset about a three-week delay in delivering the Q2 financial dashboard for their retail analytics platform?"

You didn't name the client. You didn't name your company. You didn't include email addresses or phone numbers. But you've just told OpenAI (or Anthropic, or Microsoft) that:

  • Your company builds financial dashboards
  • You have a client in retail analytics
  • That client is currently experiencing a three-week delay
  • The delay involves Q2 deliverables
  • The relationship is strained enough that you need help crafting a response

If someone at OpenAI wanted to identify your client, they could cross-reference this prompt with other data: public announcements about retail analytics partnerships, job postings for dashboard developers, LinkedIn profiles of people who work on financial analytics products. The combination of details narrows the possibilities significantly.

This isn't theoretical. In The Good Place, the characters discover that even seemingly insignificant choices reveal deep truths about who they are and what they value. Every detail adds information. Every piece of context constrains the possibilities. The same principle applies to data you paste into AI tools.

You don't need to name someone for the context to identify them.

Step-by-step: evaluating what to paste

Before you paste anything into an AI tool at work, run through this decision framework. It takes 30 seconds and prevents most common mistakes.

Step 1: Identify the data category. Is this regulated data, contractually protected information, proprietary business information, personally identifiable information, or authentication credentials? If it falls into any of these categories, stop. Don't paste it. Find a different approach.

Step 2: Check your employer's policies. Many organizations have explicit policies about AI tool use. Some ban it entirely. Some require approval. Some allow it with restrictions. If you don't know your employer's policy, ask before you paste. Ignorance isn't a defense if something goes wrong.

Step 3: Consider the context. Even if the data itself isn't sensitive, does the combination of details reveal something confidential? Could someone use this prompt to identify your company, your client, or your project? If yes, either redact more aggressively or ask a more generic question.

Step 4: Evaluate alternatives. Can you solve this problem without AI? Can you ask a colleague instead? Can you consult documentation, search the web, or work through it yourself? AI tools are convenient, but they're not always necessary. If the risk outweighs the benefit, skip the AI.

Step 5: Redact if you proceed. If you decide to use AI after considering the risks, redact aggressively. Replace names with placeholders. Remove dates that create timeline specificity. Generalize industries and roles. Turn "our Q2 financial dashboard for RetailCo" into "a data visualization project for a client." The less specific your prompt, the less context you leak.

Step 6: Review the output before using it. AI-generated content sometimes includes unexpected details, makes incorrect assumptions, or suggests approaches that don't fit your situation. Don't paste AI output directly into work documents without reading it carefully and adapting it to your actual needs.

What your employer can see

Your employer's ability to monitor your AI tool use depends on how you access the tools and what devices you're using.

If you're on a work device, your employer can see everything. They can monitor network traffic, log keystrokes, capture screenshots, and review browser history. They can see which websites you visit, how long you spend on them, and what data you upload. If you paste confidential information into ChatGPT on your work laptop, your IT department can detect it.

If you're on your personal device but connected to your employer's network, they can still see network traffic. They can't log keystrokes or capture screenshots, but they can see that you visited chat.openai.com and how much data you uploaded and downloaded. They can't read the content of your HTTPS-encrypted prompts, but they can see the pattern of your usage.

If you're on your personal device using your personal internet connection, your employer can't monitor your AI tool use directly. But they can still see the results. If you paste AI-generated content into work documents, emails, or presentations, the writing style, structure, and phrasing might give it away. AI-generated text has tells: certain sentence patterns, transitional phrases, and structural choices that trained readers recognize.

Mobile device management (MDM) software gives employers even more control. If your work email is on your personal phone and you've installed MDM to access it, your employer might have the ability to monitor app usage, enforce security policies, and remotely wipe data. The extent of this control depends on the MDM implementation, but the capability exists.

For more on what employers can see on work devices, check out our guide on MDM and mobile device management.

Industry-specific restrictions

Some industries face stricter requirements than others. If you work in one of these fields, the rules are different.

Healthcare: HIPAA forbids sharing protected health information (PHI) with third parties unless you have a business associate agreement in place. ChatGPT, Claude, and consumer-tier Copilot don't qualify as business associates. Pasting patient data into these tools violates HIPAA even if you remove names. Diagnosis codes, treatment details, and medical histories are all PHI.

Finance: The Gramm-Leach-Bliley Act requires financial institutions to protect customer information. Pasting account numbers, transaction details, or financial records into AI tools without proper safeguards violates GLBA. The Consumer Financial Protection Bureau has stated that insufficient data protection constitutes an unfair practice.

Legal: Attorney-client privilege requires confidentiality. Pasting client communications, case details, or legal strategy into third-party AI tools can waive privilege. Even if the AI provider promises not to use your data for training, the act of sharing it with a third party breaks confidentiality. Some law firms have banned AI tools entirely for this reason.

Government contractors: If you work on government contracts, you're subject to additional security requirements. NIST SP 800-171 and CMMC (Cybersecurity Maturity Model Certification) set standards for protecting controlled unclassified information (CUI). Uploading CUI to commercial AI services violates these requirements unless the service meets specific compliance standards.

Education: FERPA protects student education records. Pasting student names, grades, disciplinary records, or similar information into AI tools without proper safeguards violates FERPA. Teachers and administrators need to be particularly careful about what they share when using AI for lesson planning or administrative tasks.

The enterprise tier difference

OpenAI, Anthropic, and Microsoft all offer enterprise versions of their AI tools with stronger privacy controls. These versions cost more, require organizational contracts, and operate under different terms than consumer accounts.

ChatGPT Enterprise promises that your data won't be used to train models, offers admin controls for managing user access, and provides compliance features for regulated industries. But you're still uploading data to OpenAI's servers. You're still trusting them to honor their privacy commitments. You're still creating records that exist outside your direct control.

Claude for Enterprise offers similar promises: no training on your data, enhanced security controls, and compliance features. Anthropic positions itself as the privacy-focused AI company, but the fundamental architecture remains the same. Your prompts travel to their servers, get processed there, and generate responses that travel back.

Microsoft Copilot for Microsoft 365 processes data within your organization's tenant, which means it stays inside the Microsoft ecosystem your company already uses. If you're already trusting Microsoft with your email, documents, and collaboration tools, Copilot doesn't add significant new risk. But it's still a third party. You're still relying on Microsoft's security practices and privacy commitments.

Enterprise tiers reduce risk but don't eliminate it. They're appropriate for organizations that need AI capabilities and are willing to accept the tradeoffs. They're not a magic solution that makes all data safe to paste.

What to do instead

You can use AI tools productively at work without pasting confidential information. The key is asking generic questions instead of specific ones.

Instead of pasting your actual email and asking for a rewrite, describe the situation in general terms: "How do I write a professional email apologizing for a project delay?" The AI can still help you with tone, structure, and phrasing without seeing your actual message.

Instead of pasting code that contains API keys, describe the problem you're trying to solve: "How do I authenticate to a REST API using OAuth 2.0 in Python?" The AI can provide example code without seeing your actual credentials.

Instead of pasting a client contract and asking for analysis, describe the contract type and your question: "What are common negotiation points in software licensing agreements?" The AI can provide general guidance without seeing the specific terms.

Instead of pasting financial data and asking for projections, describe the analysis you need: "How do I build a cash flow forecast for a B2B SaaS company?" The AI can explain the methodology without seeing your actual numbers.

This approach takes slightly more effort. You have to translate your specific problem into a generic question. But it protects confidential information while still giving you useful answers.

For tasks that require specific data, use tools designed for enterprise use. If your company has licensed Copilot for Microsoft 365, use that instead of consumer ChatGPT. If your company has approved specific AI tools for certain use cases, follow those guidelines. If no approved tools exist, ask your manager or IT department about getting access to enterprise-tier services.

When to ask permission

Some situations require explicit permission before using AI tools, even if your employer hasn't banned them.

If you're working with client data and your contract includes confidentiality clauses, ask your client's permission before using AI tools that might expose their information. Some clients explicitly forbid AI use in their contracts. Others might grant permission if you explain how you'll protect their data.

If you're working on a project with intellectual property implications, ask your legal team. Patents, trade secrets, and proprietary algorithms create special considerations. Pasting them into AI tools might constitute public disclosure, which can invalidate patent applications or weaken trade secret protection.

If you're working in a regulated industry and you're not sure whether specific data qualifies as protected, ask your compliance team. They can tell you whether HIPAA, GLBA, FERPA, or other regulations apply to your situation.

If you're not sure whether your employer allows AI tool use, ask your manager. It's better to ask permission than to apologize after something goes wrong.

The habit that protects you

The safest approach is simple: assume everything you paste into an AI tool becomes part of a permanent record that you don't control.

That assumption might be overly cautious. Enterprise AI providers promise data deletion. Privacy policies set retention limits. But promises change. Companies get acquired. Policies get updated. Breaches happen.

If you wouldn't be comfortable with your prompt appearing in a data breach disclosure, don't paste it. If you wouldn't want your client to know you uploaded their data to a third party, don't paste it. If you wouldn't want your employer to see it in an audit log, don't paste it.

This isn't about paranoia. It's about realistic risk assessment. AI tools are useful. They make work faster and easier. But convenience isn't worth the consequences of leaking confidential information.

The habit that protects you is pausing before you paste. Ask yourself: "What category is this data? What are the risks? What are the alternatives? Can I make this prompt more generic?" Thirty seconds of thought prevents most mistakes.

You don't need to avoid AI tools entirely. You need to use them thoughtfully, with clear understanding of what you're sharing and where it goes.

Split screen showing safe AI use: generic queries on left, confidential data crossed out on right
→ Filed under
AI toolsworkplace securitydata protectionChatGPTprofessional safetyconfidential information
ShareXLinkedInFacebook

Frequently asked questions

Not directly from ChatGPT, but they can see your network traffic, monitor your work device, and review any documents you create using AI-generated content. The bigger risk is what OpenAI stores and how they use it.
The paid tier (ChatGPT Plus and Enterprise) offers opt-out from training data use, but all versions store your prompts for around 30 days. Enterprise adds admin controls and compliance features, but you're still trusting OpenAI with your data.
Removing obvious identifiers helps, but context often reveals more than you think. A redacted client name plus project details, industry, and timeline can still identify the organization. Generic queries are safer than sanitized specific ones.
It gets stored on the company's servers, analyzed by their systems, and potentially used to train future models. Even with privacy settings enabled, your prompts create a record that exists outside your control.
That depends entirely on your employer's policies, your industry's regulations, and what data you're handling. If your work involves regulated data (healthcare, finance, legal), using unauthorized AI tools can violate compliance requirements even if your employer hasn't explicitly banned them.

You might also like

Abstract visualization of browser architecture showing layers of data access with permission boundaries and agent scope
General

Browser-based AI agents: what they can access, what they can't

AI agents running in your browser can see tabs, cookies, forms, and browsing history. Here's the underlying mechanism, what permissions control, and what stays hidden.

12 min · Margot 'Magic' Thorne · Jun 9

Vintage computer forum interface from the 2000s showing active user profiles and post counts
General

Forum accounts from the 2000s: still out there, still yours

That phpBB account from 2004 still exists, holds years of posts, and connects to an email you might not use. Here's what happens to old forum accounts.

11 min · Margot 'Magic' Thorne · Jun 4

Split screen showing a smartphone banking app interface on one side and a traditional bank branch exterior on the other, representing the comparison between digital and physical banking security
General

Online-Only Banks vs. Traditional Banks: Which Is Actually Safer?

Online-only banks and traditional banks protect your money differently. Here's how FDIC insurance, fraud detection, and access compare—and which matters more.

11 min · Margot 'Magic' Thorne · May 17