AI Acceptable UsePolicy Template

1. Purpose

[Company Name] encourages the responsible use of AI tools to improve productivity, quality, and service. This policy sets out how employees may use AI at work, and the guardrails that keep that use safe, ethical, and compliant.

2. Scope

This policy applies to all employees, contractors, and temporary staff who use AI tools for [Company Name] work, on any device, whether the tools are company-provided or personal.

• All AI tools, including generative AI (text, image, audio, video, and code), AI assistants and chatbots, and AI features built into other software.
• Both public/consumer tools and enterprise/approved tools.

3. Definitions

• AI tool: any software that uses artificial intelligence to generate content, make predictions, or assist with tasks.
• Generative AI: AI that creates new content (for example ChatGPT, Claude, Gemini, Copilot, image and code generators).
• Public AI tool: a tool available to anyone, where inputs may be stored or used to train models.
• Approved/enterprise tool: a tool [Company Name] has vetted, with appropriate data protections and a signed agreement.
• Confidential information: any non-public company, customer, employee, or partner information, including personal data and regulated data.

4. Guiding Principles

All AI use at [Company Name] should follow these principles:

• Human accountability: a person is always responsible for AI-assisted work.
• Data protection: never put confidential or personal data at risk.
• Transparency: be honest about when and how AI is used.
• Fairness: watch for and avoid biased or discriminatory outcomes.
• Compliance: follow all applicable laws, regulations, and contracts.

5. Approved Tools and Access

Use only AI tools on the approved list maintained by [IT/Security or AI Owner]. Access enterprise tools through your company account ([SSO/login method]), not personal accounts.

To request a new tool, contact [request process / owner]. Do not adopt new AI tools for company work until they are approved.

6. Acceptable Use

You may use approved AI tools to assist with work such as:

• Drafting, editing, and summarizing documents, emails, and content.
• Brainstorming, research starting points, and analysis you will verify.
• Coding assistance, with human review before anything ships.
• Translating or simplifying internal material.
• Automating routine, low-risk tasks.

7. Prohibited Use

You must not:

• Enter confidential, customer, personal, or regulated data into public or unapproved AI tools.
• Rely on AI as the sole basis for high-stakes decisions (for example [hiring, credit, legal, medical, safety]) without meaningful human review.
• Present AI output as fact without verifying it, or pass off AI-generated work in a way that violates [Company Name] standards or client agreements.
• Use AI to create harmful, deceptive, harassing, discriminatory, or infringing content.
• Bypass security controls, share credentials, or use AI to access data you are not authorized to see.

8. Data Handling and Confidentiality

Assume that anything entered into a public AI tool may be stored and could be exposed. For any task involving confidential or personal data, use only approved enterprise tools that contractually protect your inputs.

When in doubt, do not paste it in. Ask [Security/Privacy contact].

9. Human Review and Accountability

A human is responsible for every AI-assisted output. Before you use or share AI output, review it for accuracy, bias, confidentiality, and intellectual-property issues. You are accountable for the final result as if you had produced it yourself.

10. Transparency and Disclosure

Be transparent about AI use where it matters. Disclose AI involvement in [customer-facing content, official communications, or wherever required by law, client contract, or company norms]. Do not use AI to impersonate a person or misrepresent who you are.

11. Intellectual Property

Verify that AI output does not copy or infringe third-party intellectual property, and do not input others' protected material improperly. Treat AI output as a draft you are responsible for, not a finished, rights-cleared work.

12. Security

Protect company systems and data when using AI:

• Use approved accounts and [SSO]; never share login credentials.
• Do not connect unapproved AI tools or plugins to company systems or data.
• Report any suspected data exposure or security incident to [Security contact] immediately.

13. Compliance and Legal

Follow all laws and regulations that apply to [Company Name] and your role, including privacy laws and any sector-specific rules ([for example HIPAA, GLBA, GDPR, CCPA]). High-risk or regulated uses of AI require prior approval from [Legal/Compliance].

14. Roles and Responsibilities

• Employees and contractors: follow this policy and ask when unsure.
• Managers: model good practice and make sure their teams are trained.
• AI/Policy owner ([name/role]): maintains the approved-tool list and this policy.
• IT/Security: vets tools and monitors for risks.
• Legal/Compliance: advises on regulated and high-risk uses.

15. Training

All staff who use AI for work must complete [AI use / AI readiness training] and any refreshers [Company Name] requires. Training covers safe use, this policy, and how to get good results from AI.

16. Violations and Enforcement

Violations of this policy may result in disciplinary action up to and including termination, consistent with [Company Name] policies. If you see a potential violation or have a concern, report it to [contact]. Good-faith reports will not be penalized.

17. Review and Updates

This policy is reviewed [quarterly/annually] and updated as tools and regulations change.

Policy owner: [name/role]. Last reviewed: [date]. Version: [x.x].