
Can staff put client data in ChatGPT? A one-page yes/no policy
Short answer: not in a personal account, and not without checking. The simple rules that keep client data out of public AI tools, as a one-page policy you can copy.
No, not in a personal ChatGPT account, and not with anything you could not email to a stranger. This matters more than it used to, because the volume of sensitive information going into AI tools is now high: in Cyberhaven's latest research, close to 40% of the data people put into AI tools is sensitive, and a large share of workplace AI use still runs through personal accounts that carry no security controls. The fix is not a ban. A ban just drives the habit underground. The fix is a one-page rule that tells your team exactly what may go into which tools, and where the hard line sits.
Where the data actually goes
When someone pastes a client's figures, a contract or a case detail into a public AI tool, that information leaves your control. Consumer tiers of some tools may use what is typed to help improve their models, and even where they do not, the data has still travelled to a third party you have no contract with. That is the mechanism behind the risk, and the numbers show it is not hypothetical.
Cyberhaven's 2026 AI Adoption and Risk Report, published in February 2026, found that 39.7% of all data movements into AI tools involve sensitive data. It also found that a large part of usage sits outside company control: 32.3% of ChatGPT use at work runs through personal accounts rather than managed ones. And of the hundred most-used AI applications, 82% were rated medium, high or critical risk. In other words, a lot of sensitive material is going into a lot of tools that were never set up to protect it, often through accounts the business cannot see.
For a professional firm, that is not just an IT worry. Client-identifiable information in a public tool can breach confidentiality and your duties to clients, even if nothing ever leaks. The exposure exists the moment the data leaves the building.
The one-page policy
You do not need a long document. You need three lists your team can hold in their heads.
Green, always fine: general questions, public information, and anything with no client or personal detail in it, used in an approved tool. Drafting a generic email, summarising a public article, or asking how to phrase something all sit here.
Amber, only in approved tools: internal information that is not public but is not confidential either, and only in a business or enterprise tool that is contracted not to train on your data. Think internal drafts and non-sensitive working documents.
Red, never in a public or personal tool: client-identifiable information, personal data, credentials, financial detail, anything under a confidentiality obligation. If it would be a problem to send it to a stranger, it does not go into a public AI tool at all. Where the work genuinely needs it, it happens only in a properly contracted enterprise environment, and ideally with the client's knowledge.
That is the whole policy. Green, amber, red. It fits on one page, and people can actually remember it.
Personal versus enterprise accounts
The single most useful line to draw is between personal and enterprise accounts, because it is where most of the risk hides. A personal or free account is governed by consumer terms, may use your inputs to train the model, and is invisible to the business. A business or enterprise account is governed by a contract that typically commits the provider not to train on your data and not to retain it, and it can be managed, logged and switched off centrally.
The practical implication is simple. If you want your team to use AI, and you should, give them a sanctioned enterprise account so they are not tempted to reach for a personal one. Most of the shadow AI in a business is not defiance, it is people trying to get their work done with the only tool they have. Provide the safe path and the unsafe one largely disappears.
What "safe" looks like
Safe is not a feeling, it is a short checklist. The tools in use are approved and business-tier. The data-training setting is off, and you have confirmed it rather than assumed it. Access runs through company accounts, not personal logins. And there is a named owner who keeps the approved list current as tools change. None of this is heavy. It is the same basic control you already apply to any system that touches client data, extended to cover AI.
This also connects to accuracy, not just confidentiality. The same discipline that keeps client data out of the wrong tools is part of how you stop AI mistakes reaching your clients: approved tools, clear rules, and a human who owns the output.
What this looks like on a normal Tuesday
Make it concrete. An accountant wants to summarise a messy client email thread. On a personal ChatGPT account, that is a red-list action, because the thread names the client and their affairs and it is now sitting with a third party. On a sanctioned enterprise account with training switched off, the same task is fine, because the data stays inside a contracted environment. A marketer drafting a generic subject line is green either way. A team lead pasting a spreadsheet of customer records in to "find patterns" is red wherever they do it, and needs a properly governed tool if it is to happen at all.
The rule earns its keep precisely because it answers these everyday moments without a meeting. People do not need to weigh up data-protection law on the spot. They need to know which of the three buckets the task falls into, and which tool they are allowed to use. That is the whole point of one page: judgement in the moment, not a document nobody reads.
Rolling it out without killing adoption
The mistake to avoid is the blanket ban. Tell people they cannot use AI and they will use it anyway, on their phones, on personal accounts, out of your sight, which is the worst of every world. The better approach is to pair the one-page rule with a sanctioned tool, explain the why in one short session, and make the safe route the easy route. A rule people understand and can follow beats a prohibition they quietly ignore.
If you want this as part of a proper working policy, our guide to a simple AI policy for a small business sets out the rest, and it is built to be read and used rather than filed and forgotten.
The takeaway
Can staff put client data in ChatGPT? Not in a personal account, and not the red-list material at all. Give your team a clear green, amber and red rule, a sanctioned enterprise tool to use, and one owner to keep it current. That is enough to get the speed of AI without handing your clients' information to a tool that was never built to hold it.
If you would like help writing the one-page rule and choosing tools that keep client data safe, book a session and we will map it to how your team actually works.