Most of us are using AI in some form whether we realize it or not.
Maybe it is ChatGPT open in a browser tab. Maybe it is Copilot built directly into your Microsoft products. Maybe it is an AI feature inside a platform you already pay for such as HubSpot, Notion, Zoom, an AI notetaker or Gemini.
The reality is that AI is no longer a future issue. It is already embedded into the software many businesses use every day.
The question is not whether your business is using AI.
The question is: what is happening to the information being entered into those tools?
The Legal Fine Print
We recently spent time researching several AI-enabled platforms on behalf of a client. The client wanted to understand what happens when customer information, internal company data, or confidential business information is uploaded into these systems.
What started as a simple review quickly turned into a deep dive through privacy policies, terms of service, supplemental AI terms, and opt-out procedures.
What we found was not necessarily alarming, but it was a reminder that very few business owners are reading the fine print.
Some providers state that customer data is not used to train models by default. Others allow data usage in certain circumstances unless specific settings are changed. Some offer opt-outs, but the opt-out process may differ depending on the type of data, the product being used, or the subscription tier.
In other words, it’s complicated. And even when you’ve opted out in one instance, you may still be opted-in in other instances.
The risk is not necessarily that a platform is doing something wrong. The risk is assuming you know how your information is being collected, stored, processed, retained, or used without actually verifying it.
For businesses handling customer information, employee information, financial records, healthcare data, legal files, or other sensitive information, those assumptions can create real liability.
Important Questions About AI
As AI becomes more integrated into the tools we use every day, business owners should be asking questions such as:
• What information are employees entering into AI tools?
• Are there restrictions on confidential or customer data?
• Do vendor agreements adequately address AI usage?
• Have the platform's privacy settings been reviewed?
• Do customer-facing agreements and disclosures account for these technologies?
These are no longer hypothetical questions, but rather critical operational questions.
Want to Know More About Your Platforms?
We can help you evaluate the AI tools and platforms you’re already using to make informed decisions about risk, privacy, and compliance. In many cases, the goal is not to stop using the technology, but make the appropriate changes to better protect confidential business information (e.g., updates to your contracts, changes to your usage, upgrades to a different subscription tier, etc.).
If your business relies on AI-enabled software, customer databases, CRMs, productivity platforms, or other technology tools, now may be a good time to review how your information is being handled and whether your contracts, policies, and internal procedures are keeping pace with the technology (and associated risks).
The technology is moving quickly. Your risk management should too.
Reply to this newsletter or schedule a quick chat here to start a conversation about how we can support your growth and shifting technology usage.
We’re big fans of Gusto and if you use the link above when creating a new account, you will get $100 Visa Gift Card when you sign up.
