How to Write an AI Acceptable-Use Policy (With a Copy-Pasteable Template)
On this page
- The one strategic decision: channel, don’t ban
- The six sections your policy needs
- 1. Scope and purpose
- 2. Approved tools
- 3. Data rules, the heart of the policy
- 4. Human review and accountability
- 5. Disclosure
- 6. Enforcement, exceptions, and ownership
- The template
- Rolling it out (don’t just post it)
- Common mistakes
- What should an AI acceptable-use policy include?
- Should we ban ChatGPT and other public AI tools at work?
- What data should never be entered into AI tools?
- Do employees have to disclose when they use AI?
- How long should an AI acceptable-use policy be?
TL;DR: Your company almost certainly has employees using AI tools right now, policy or not. A good acceptable-use policy doesn’t try to stop that, it channels it: which tools are approved, what data can never go in, when AI use must be disclosed, and who reviews outputs and exceptions. Keep it to 2-3 pages, name one owner, review it twice a year, and pair every “don’t” with an approved “do instead.” This guide walks through each decision and ends with a complete template you can adapt in an afternoon.
Here’s the situation at most companies before a policy exists: some employees are pasting customer emails into free ChatGPT accounts, some are quietly drafting reports with Claude on their phones, a manager somewhere has connected an AI notetaker to client calls, and nobody has decided whether any of that is fine.
None of those people are acting in bad faith. They have no rules, so they’re improvising. The purpose of an acceptable-use policy is to replace improvisation with defaults, before the improvisation produces the incident that makes legal write a ban.
This playbook covers the decisions the policy has to make, then gives you a full template. It assumes an SMB or mid-market company; if you’re in a heavily regulated industry (health, finance, legal), use this as the base layer and have counsel add the sector-specific layer.
The one strategic decision: channel, don’t ban
Before the sections and clauses, settle the posture. You have three options:
| Posture | What it looks like | What actually happens |
|---|---|---|
| Ban | ”AI tools are prohibited on company work.” | Usage moves to personal devices. You lose all visibility, keep all the risk, and gain none of the productivity. |
| Silence | No policy. | Every employee invents their own rules. Your data-handling standard is whatever your least careful employee thinks is fine. |
| Channel | Approved tools + clear data rules + review norms. | Usage becomes visible, sensitive data has a defined boundary, and you keep the productivity. |
Channel wins for almost everyone, for one practical reason: bans don’t work. Study after study finds a large share of employees use AI at work regardless of policy, and a meaningful chunk of them hide it. A policy people route around is worse than no policy, it adds liability (“we had a policy!”) without adding control.
The corollary: every prohibition in your policy should come with a sanctioned alternative. “Don’t put client data in free AI tools” only sticks if the next line is “use the company [approved tool] workspace, which is approved for client data.”
The six sections your policy needs
1. Scope and purpose
Two sentences on why the policy exists (enable safe use, not prevent use, say this explicitly; it sets the tone for everything after). Then scope: who it covers (employees, contractors) and what counts as an AI tool. Cover the non-obvious cases: AI features inside existing software (Zoom summaries, Notion AI, CRM assistants), browser extensions, and AI notetakers that join meetings, these are where surprise data exposure actually happens, more than chat windows.
2. Approved tools
A short table: tool, approved plan/tier, what data classes it’s approved for, who owns the relationship. Two rules make this section work:
- Approve business tiers, not personal accounts. Business/enterprise versions of ChatGPT, Claude, Copilot, and Gemini offer admin controls and contractual commitments that consumer accounts (especially free ones) don’t, including, typically, that your data isn’t used to train models. The tier is the point, not the brand.
- Make requesting a new tool easy and fast. A one-line request to the policy owner with an answer inside a week. If approval is slow, people stop asking, and the shadow-tool problem returns.
3. Data rules, the heart of the policy
This is the section that prevents the incident. Define what may never be entered into any AI tool without explicit approval, and keep the list concrete:
- Customer or employee personal data (names tied to contact details, IDs, health or financial info)
- Anything under NDA or client confidentiality
- Credentials: passwords, API keys, access tokens
- Unreleased financials and material non-public information
- Trade secrets, source code, formulas, pricing models, strategy docs (define what counts for your company)
- Anything regulated in your industry
Then the nuance that makes the policy realistic rather than performative: approved business-tier tools with no-training data agreements can be cleared for some of these categories. That’s a per-tool decision recorded in the approved-tools table, which is exactly why the table has a “what data” column.
A useful heuristic to include verbatim, because employees remember it: “If you wouldn’t paste it into a public web form, don’t paste it into an unapproved AI tool.”
4. Human review and accountability
The single most important sentence in any AI policy: the human who uses the AI output owns it. “The AI wrote it” is not a defense, for errors, plagiarism, bias, or fabricated citations. Concretely:
- All AI output that leaves the company (client emails, proposals, published content, code in production) gets human review before it ships.
- Reviewers verify facts, figures, names, and citations, language models fabricate all four with total confidence.
- AI may inform decisions about people (hiring, performance, promotion) but may not make them; a human decides and can explain why. (In some jurisdictions this is a legal requirement, not just good practice.)
5. Disclosure
Keep this simple, because over-engineered disclosure rules get ignored:
- Internal, routine assistance (drafting, summarizing, editing): no disclosure needed, the author owns the output either way.
- External deliverables where AI played a substantial role: disclose when the client asks, when the contract requires it, or when a reasonable client would feel misled to learn of it. When in doubt, ask the policy owner.
- AI that interacts with people directly (chatbots, AI notetakers joining calls, automated outreach): always identified as AI, and meeting participants are told before recording/transcription starts.
6. Enforcement, exceptions, and ownership
- Name one owner, a person, not a committee, who approves tools, answers questions, grants exceptions, and updates the policy. Unowned policies decay in one quarter.
- Graduated enforcement: honest mistakes get a correction and coaching; deliberate exfiltration of restricted data is treated like any other data-handling violation. Say explicitly that self-reporting a mistake will be treated leniently, you want to hear about the incident on day one, not month six.
- Review every 6 months. The AI tool landscape turns over fast enough that an annual cycle leaves the policy visibly stale, and visibly stale policies lose authority.
The template
Below is the complete policy, ready to adapt. Replace the bracketed placeholders, delete what doesn’t apply, and have counsel skim it if you’re in a regulated industry. It’s written to be read, keep it that way when you edit.
Prefer it as a document? Get the template as a formatted, editable file (Word + Google Docs) with an adaptation checklist: [Download the AI Acceptable-Use Policy template →]
ACCEPTABLE USE OF AI TOOLS, [COMPANY NAME]
Version 1.0 · Effective [DATE] · Owner: [NAME, ROLE] · Next review: [DATE +6 months]
1. PURPOSE AND SCOPE
[Company] encourages the productive use of AI tools. This policy exists to make
that use safe, not to prevent it. It applies to all employees and contractors,
on any device, whenever performing work for [Company].
"AI tools" includes chat assistants (e.g., ChatGPT, Claude, Copilot, Gemini),
AI features built into other software (meeting summarizers, writing assistants,
CRM copilots), AI browser extensions, AI notetakers, and AI coding assistants.
2. APPROVED TOOLS
| Tool | Plan/tier | Approved for | Owner |
|---|---|---|---|
| [e.g., Claude] | [Team/Enterprise] | [General + internal docs] | [IT] |
| [e.g., ChatGPT] | [Business] | [General + internal docs] | [IT] |
| [e.g., Copilot] | [Business] | [General, within M365 data] | [IT] |
| [Add rows] | | | |
- Use company-provisioned accounts only. Personal or free-tier accounts must
not be used for work involving anything beyond public information.
- To request a new tool or an expanded approval, email [OWNER]. You will get
an answer within [5] business days.
- Tools not listed above are not approved. Using one with public information
only is tolerated; using one with any company or client data is a violation.
3. DATA RULES
Never enter the following into ANY AI tool, approved or not, without written
approval from [OWNER]:
a. Personal data about customers or employees (contact details tied to
names, government IDs, health, payroll, or financial information)
b. Information covered by an NDA or client confidentiality obligation
c. Passwords, API keys, tokens, or other credentials
d. Unreleased financial results or material non-public information
e. [Company] trade secrets, including [source code / pricing models /
customer lists / DEFINE FOR YOUR COMPANY]
f. [Any industry-specific regulated data, DEFINE OR DELETE]
Approved tools may be cleared for specific categories above where our
agreement with the vendor prevents training on our data, see the "Approved
for" column in Section 2. When unsure, ask [OWNER] first.
Rule of thumb: if you wouldn't paste it into a public web form, don't paste
it into an unapproved AI tool.
4. HUMAN REVIEW AND ACCOUNTABILITY
You own what you produce with AI, exactly as if you had written it yourself.
"The AI generated it" is never a defense.
- Review all AI output before it leaves the company (client communications,
proposals, published content, production code).
- Verify facts, figures, names, quotations, and citations. AI tools state
false information confidently; checking is your job.
- AI may inform decisions about people (hiring, evaluation, promotion) but
must not make them. A human makes the decision and can explain it.
5. DISCLOSURE
- Routine internal assistance (drafting, summarizing, editing): no
disclosure required.
- Client-facing deliverables where AI did substantial work: disclose when
asked, when a contract requires it, or when a reasonable client would feel
misled to learn of it. Unsure? Ask [OWNER].
- AI that interacts with people directly (chatbots, notetakers in meetings,
automated messages) must always be identified as AI. Tell meeting
participants before an AI notetaker records or transcribes.
6. SECURITY BASICS
- Enable MFA on all AI tool accounts. Use SSO where available.
- Do not connect AI tools, plugins, or extensions to company systems
(email, drive, CRM, code repositories) without approval from [IT/OWNER].
- Report suspected data exposure via an AI tool to [OWNER/SECURITY] the
same day. Prompt self-reporting of an honest mistake will be treated as
the right thing to do, not as the offense.
7. VIOLATIONS
Honest mistakes are handled with correction and coaching. Knowingly entering
restricted data into unapproved tools, or misrepresenting AI output in ways
that harm clients or [Company], is handled under [the disciplinary process /
data-handling policy], up to and including termination.
8. QUESTIONS AND EXCEPTIONS
[OWNER] can grant written exceptions to any rule in this policy and is the
first stop for anything this policy doesn't cover. This policy is reviewed
every six months; suggest changes any time at [CHANNEL/EMAIL].
Acknowledged by: ______________________ Date: ____________Rolling it out (don’t just post it)
A policy that arrives as a PDF attachment from HR changes nothing. Four steps that make it real:
- Walk it through live, 20 minutes at an all-hands or team meetings: why it exists, the approved tools, the data rules, and the “you own the output” principle. Frame it as “here’s how to use AI here”, not “here’s what you’ll be punished for.”
- Collect acknowledgments once, at rollout and at hire. Not for legal theater, because signing something makes people actually skim it.
- Grandfather the shadow users in. Announce a no-questions amnesty: anyone already using unapproved tools can switch to approved ones, and their use-cases get heard. This converts your most experienced AI users from a liability into your champion network, the same people your adoption roadmap needs for pilots.
- Make the first exception fast. The first employee who requests a new tool is testing whether Section 2 is real. Answer inside the promised window, whatever the answer is.
Common mistakes
- Writing it as a ban with exceptions instead of an enablement with boundaries. The tone of Section 1 decides whether people read the rest.
- Vague data rules. “Use good judgment with sensitive data” is not a rule; the six-item list is. Specificity is the whole product.
- No named owner. Questions with nowhere to go become improvisations again, you’re back where you started.
- Forgetting embedded AI. The meeting notetaker and the CRM copilot process more sensitive data than the chat window. Scope them in explicitly.
- Ten pages. Every page past three halves readership. Put edge cases in an FAQ owned by the policy owner, not in the policy.
- Set-and-forget. Tools, vendor terms, and law (e.g., EU AI Act obligations phasing in) all move. Six-month reviews, calendar-invited on day one.
FAQ
What should an AI acceptable-use policy include?
Six sections: scope and purpose, approved tools (with a fast path to request new ones), data rules listing what may never be entered into AI tools, human-review and accountability requirements, disclosure rules for external and customer-facing use, and enforcement with a named policy owner and review cadence.
Should we ban ChatGPT and other public AI tools at work?
Usually no. A large share of employees use AI at work whether or not it’s sanctioned, so a ban mostly relocates usage to personal devices where you have zero visibility. Approving business-tier tools with data-protection agreements, plus clear data rules, gives you the control a ban only pretends to.
What data should never be entered into AI tools?
At minimum: personal data about customers or employees, anything under NDA or client confidentiality, credentials and keys, unreleased financials, trade secrets, and industry-regulated data. Business-tier tools with no-training agreements can be cleared for some categories, record those clearances per tool in the policy’s approved-tools table.
Do employees have to disclose when they use AI?
For routine internal assistance, no, the author owns the output regardless. Disclose externally when AI did substantial work on a client deliverable and the contract, the client’s question, or basic candor calls for it. AI that interacts with people directly, chatbots, meeting notetakers, automated outreach, must always be identified as AI.
How long should an AI acceptable-use policy be?
Two to three pages. It needs to answer the tools, data, disclosure, and review questions concretely, anything longer gets skimmed once and never opened again. Push edge cases to the policy owner and a living FAQ instead of the document.
Not sure where your company stands on governance, or anything else? Take the free AI-Readiness Assessment: 10 minutes, scored across strategy, data, people, and governance, with your highest-leverage next step.
Frequently asked questions
What should an AI acceptable-use policy include?
Six sections: scope (who and what it covers), approved tools and how to request new ones, data rules (what may never be entered into AI tools), human-review requirements for outputs, disclosure rules (when to tell clients or colleagues AI was used), and enforcement plus a named policy owner.
Should we ban ChatGPT and other public AI tools at work?
Usually no. Surveys consistently find a large share of employees use AI at work whether or not it's sanctioned, so bans mostly move usage to personal phones where you have no visibility. Approve business-tier versions with data controls, define what data is off-limits, and channel the demand.
What data should never be entered into AI tools?
At minimum: customer and employee personal data, anything under NDA or client confidentiality, credentials and keys, unreleased financials, trade secrets, and any data regulated in your industry (health, financial, legal). Business-tier tools with no-training agreements can relax some of this, that's a per-tool decision the policy should record.
Do employees have to disclose when they use AI?
Internally, routine drafting assistance generally doesn't need disclosure, the author owns the output either way. Externally, disclose when AI played a substantial role in client deliverables, when law or contract requires it, and always for AI systems that interact with customers directly (chatbots must be identified as automated).
How long should an AI acceptable-use policy be?
Two to three pages. Long enough to answer the tools/data/disclosure/review questions concretely, short enough that people actually read it. If it's longer than your expense policy, it will be ignored like your expense policy.