QuestionAI GovernanceImplementationClient Data

Which client data may be entered into AI tools?

1 July 2026
Answered by Rohit Parmar-Mistry

Short answer

A quick answer first, then the fuller context below.

Client data should only enter AI tools when the firm has a clear approved-use policy, a lawful basis, vendor controls and human review. Sensitive matter, audit or advisory data needs extra checks before any upload.

Detailed answer

The fuller context, trade-offs and practical steps behind the short answer.

Which client data may be entered into AI tools?

Professional services firms should treat this as a governance decision, not a convenience decision. The safe answer is: only data that has been approved for that specific tool, purpose and user group should be entered. Everything else should stay out until the firm has checked confidentiality, data protection, vendor terms, retention settings and the review process.

The source question asks which client, matter, audit, valuation or advisory data may be entered into the system. That wording matters because each category carries a different risk. A short internal policy that says "use AI carefully" is not enough for client work.

The safest answer is to classify the data before anyone uploads it

A firm should define three practical buckets. First, data that is allowed in approved AI tools, such as public information, anonymised examples or low-risk internal drafts. Second, data that needs permission or a controlled workspace, such as client documents, financial schedules, claim files, contracts, matter notes or audit evidence. Third, data that is out of scope, such as privileged material, special category data, credentials, raw client exports or anything covered by a client restriction.

This keeps staff from making the decision at the prompt box. It also gives partners, compliance teams and reviewers a clear record of why a tool was suitable for a task.

Map where client data touches AI in your workflows

What firms should check before approving client data use

Start with the tool, not the model brand. The question is whether the configured service protects the data in the way the firm needs. Check whether prompts, uploaded files, outputs and logs are retained, whether they can be used for training or evaluation, where processing happens, who can access the content and how deletion works. If the vendor cannot answer clearly, treat the tool as unsuitable for sensitive client work.

Next, check the professional context. A law firm must think about confidentiality and privilege. An accountancy or audit firm must think about evidence quality, independence, record keeping and partner accountability. A financial services firm must think about Consumer Duty, SM&CR accountability, FCA expectations and auditability. An insurer or broker must think about claims fairness, pricing governance and delegated authority.

Set rules for matter, audit, valuation and advisory data

Matter and advisory files often contain client strategy, negotiations, commercial terms and privileged context. Audit and valuation material can include evidence, assumptions, estimates, judgements and working papers. These should not be pasted into public AI tools or unapproved assistants. If AI support is useful, use a controlled environment with access controls, retention settings, logging and a named reviewer.

The policy should also cover partial data. A spreadsheet excerpt, a meeting note or a pasted email can still identify a client or reveal a live issue. Staff need examples of what counts as client data, not only a legal definition.

Put an AI data-use policy on a monthly governance rhythm

How to make the rule usable in daily work

A useful control is a simple decision checklist attached to each approved tool:

  • Is this tool approved for this category of client data?
  • Is the client, matter or engagement type restricted?
  • Will prompts, files, outputs or logs be retained or used for training?
  • Is a human reviewer responsible for the output before it is relied on?
  • Can the firm reconstruct who used the tool, what data was entered and what decision was made?

If the answer is unclear, the default should be no upload. The firm can still use AI with anonymised, synthetic or summarised material while the control gap is resolved.

Conclusion

The practical rule is simple: do not ask staff to guess whether client data is safe for AI. Classify the data, approve tools by use case, document the retention and training position, and keep a human review trail. That gives the firm a defensible answer when clients, regulators, auditors or insurers ask what happened to their data.

Build the controls into day-to-day AI workflows

FAQs

Direct follow-up answers written for searchers, buyers and internal decision makers.

Can staff paste client emails into AI tools?

Only if the tool and use case are approved for that data category. Otherwise, use anonymised content or keep the email out of the tool.

Is anonymised data always safe?

No. It can still be re-identifiable if it includes unusual facts, dates, deal terms or matter context. Treat anonymisation as a control to test, not a magic label.

Do private or paid AI accounts solve the issue?

Not by themselves. The firm still needs to check retention, training use, access, location, deletion, logging and review controls.

Who should own the decision?

A named business owner should own the use case, with compliance, data protection and information security input where the data is sensitive.

What record should the firm keep?

Keep the approved tool, use case, data category, reviewer, output decision and any exception. That record is what proves the firm controlled the risk.

Need More Specific Guidance?

Every organisation's situation is different. If you need help applying this guidance to a specific process, book a discovery call or take the assessment first.