LLaManchaAI Enablement
Checking access…
← All modules
Module 3Audience: all

Safe and responsible AI use at work

Defines sensitive data boundaries, review expectations, prohibited uses, and escalation habits.

Outcomes

What you will be able to do

  • Classify AI use cases as safe, caution, or prohibited.
  • Tell a consumer tier from an enterprise tier and why it matters.
  • Apply concrete verification techniques to AI output.
  • Check for bias and accessibility, and disclose appropriately.
Completion check

How this module is approved

Classify three sanitized workplace scenarios as safe, caution, or prohibited; for each, name the risk, the tier/tool consideration, the verification/review step, and the escalation path.

Pass criteria

  • Three scenarios classified
  • At least one caution/prohibited reason explained
  • Tier/tool or verification consideration referenced
  • Review or escalation path identified
  • Scenarios are sanitized/generic
Loading personalization context…
Lesson45–55 minutes self-guided, or 70 minutes with scenario discussion

What you should take away

By the end of this module, participants should be able to spot common AI risk categories, classify workplace scenarios as safe, caution, or prohibited, and know when to pause for human review or escalation.

Part 1

Responsible AI use starts before the prompt

The safest AI workflow is not created by writing a clever disclaimer after the fact. It starts with deciding whether the task, data, tool, and review process are appropriate before anything is pasted into a model. A useful rule: if you would not be comfortable explaining the use to your manager, customer, security team, or auditor, pause before proceeding.

  • Check the data: what information would the tool receive?
  • Check the tool: is it approved for that data and use case?
  • Check the task: is the output advisory, draft-only, or decision-making?
  • Check the review gate: who verifies the result before it affects someone else?

Quick check · <30 sec

What is the 'manager / customer / auditor' test?

Show answer
If you would not be comfortable explaining this AI use to your manager, customer, security team, or an auditor, pause before proceeding — responsibility starts before the prompt, not in a later disclaimer.

Part 2

A practical risk scale: safe, caution, prohibited

Use a simple three-level classification to decide how to proceed. This is not a substitute for company policy, but it gives employees a quick shared language while formal rules mature.

  • Safe: low-sensitivity, reviewable tasks using sanitized information and approved tools.
  • Caution: tasks involving business impact, internal operations, code, customer context, policy interpretation, or outputs that others may rely on. These need stronger review and often manager, security, legal, or subject-matter-expert input.
  • Prohibited: entering sensitive data into unapproved tools, asking AI to make final high-stakes decisions, bypassing required approvals, generating deceptive content, or using AI where law, contract, or company policy forbids it.
Activity · ~8 minclassify scenario

Twelve sanitized one-line scenarios. Sort each into safe / caution / prohibited and name the review gate. Speed matters less than the reason.

  • Cards 1–6: (1) summarize your own meeting notes (2) paste a customer's support thread into a personal chatbot (3) draft an internal FAQ (4) ask AI to set an employee's performance rating (5) rewrite a public help article (6) summarize a contract by pasting the full document into a consumer tool
  • Cards 7–12: (7) brainstorm sanitized process ideas (8) generate a customer-facing legal disclaimer to use as-is (9) draft test cases from a described contract (10) paste production logs with tokens for triage (11) translate a sanitized announcement (12) have AI decide a refund amount for a customer

Your task

Classify all twelve and give a one-phrase reason and review gate for each. Then pick the two you found hardest and say why.

Show a hint
Anything that decides about a person, or moves sensitive data into an unapproved tool, is prohibited regardless of how useful it sounds.
Compare with a strong answer
Safe: 1, 3, 5, 7, 9, 11 (low-sensitivity, reviewable; self/owner review). Caution: 8 (legal reliance — legal must own it). Prohibited: 2, 6, 10 (sensitive/proprietary data into unapproved tools), 4 and 12 (AI deciding about a person/customer). Hardest are usually 8 (looks safe, is legal-owned) and 9 (safe only if the contract description is truly sanitized).

Why this matters: A 12-case bank builds calibration; three cases cannot. The gradient between safe and caution is where real judgment lives.

Quick check · <30 sec

'Have AI decide a customer's refund amount' is…

  • A. Safe
  • B. Caution
  • C. Prohibited
  • D. Depends on the amount
Show answer
AI making a final decision about a customer is prohibited regardless of amount — it needs human authority and an approved process.

Part 3

Consumer tier vs enterprise tier — the practical safety line

The single most important practical safety distinction in 2026 is not which AI you use; it is which tier. The same brand often has a consumer/free tier and a work/enterprise tier with materially different data handling. Knowing the difference — and that it can change — is core to responsible use.

  • Enterprise/work tiers typically include a data-processing agreement, administrative controls, and a commitment not to train on your input. Consumer/free tiers may not, and may retain or use inputs differently.
  • What happens to your data after you paste it depends on the tier and settings: training-on-input toggles, retention windows, and human-review settings vary by product and plan.
  • Verify-then-use: these terms change. Do not assume from memory — confirm your company's approved tools and tiers and the current setting before sensitive use.
  • Decision shortcut: sensitive or proprietary data → approved enterprise tier with terms in place, or do not use AI for that task at all.

Quick check · <30 sec

Why is 'tier' more safety-relevant than 'which AI brand'?

Show answer
Brands overlap in capability for everyday work, but consumer vs enterprise tiers differ in data handling — training-on-input, retention, and contractual terms — which is what actually creates or prevents a data incident.

Part 4

Data boundaries that matter

Most AI incidents start with a data-boundary mistake. Participants do not need to memorize every regulation to behave responsibly. They do need to recognize categories of information that require extra care or explicit approval.

  • Do not paste credentials, tokens, private keys, passwords, or secrets into AI tools.
  • Do not paste customer, patient, student, HR, legal, financial, regulated, or personally identifiable information into unapproved tools.
  • Do not paste proprietary source code, contracts, pricing, strategy, incident details, or confidential business documents unless the tool and use case are approved.
  • When you need help with sensitive work, ask for a generic template, checklist, or example using sanitized facts.

Quick check · <30 sec

True or false: removing names is always enough to make a document safe to paste.

  • A. True
  • B. False
Show answer
False. De-identification often leaves re-identifiable detail; and the tool/tier may still be unapproved for the category. Sanitize by category and check tool approval, not just names.

Part 5

Verifying AI output — concrete techniques

Knowing AI can be wrong is not a skill; verifying is. The point is not to distrust everything — it is to apply a check proportional to the risk, using techniques you can actually name and repeat.

  • Source-following: give the model the approved source and ask it to answer only from it and quote the part it used.
  • Tell-me-what's-missing: ask 'what does the source NOT say about this?' — surfaces false completeness.
  • Cross-check: for high-stakes facts, ask a second model or check the primary source; agreement is weak evidence but disagreement is a strong flag.
  • Deliberate doubt: ask 'what would make this answer wrong?' before accepting it.
  • Structured citation: require claims to carry a source tag; an uncitable claim is an unverified one.
Activity · ~6 minbefore after diff

Two sanitized AI summaries of the same provided source paragraph. One stays within the source; one adds a plausible claim the source never makes. Annotate the difference using the techniques above.

  • Source: 'The pilot ran for four weeks. Manager edits on the drafts decreased over the period. No data-boundary issues were reported.'
  • Summary X: 'Over a four-week pilot, manager edits decreased and no boundary issues were reported.'
  • Summary Y: 'The four-week pilot cut manager edit time by roughly 40% and proved the tool is safe for customer data.'

Your task

Mark which summary is faithful and list each unsupported claim in the other, naming the technique that catches it.

Show a hint
'roughly 40%' and 'safe for customer data' are not in the source — source-following and tell-me-what's-missing both catch them.
Compare with a strong answer
X is faithful. Y adds two fabrications: a specific '40%' (source only says 'decreased') and 'safe for customer data' (source says nothing about customer data; it is a dangerous inference). Source-following flags both; deliberate doubt ('what would make this wrong?') flags the safety claim immediately.

Why this matters: Verification is a doing skill. Diffing a faithful vs embellished summary trains the eye far faster than a warning that hallucination exists.

Quick check · <30 sec

Which question best surfaces 'false completeness'?

  • A. Is this well written?
  • B. What does the source NOT say about this?
  • C. Can you make it shorter?
  • D. Is this confident?
Show answer
Asking what the source omits exposes the gaps a confident-but-incomplete answer papered over.

Part 6

Human review is not optional theater

Human review should catch the things AI cannot be trusted to own: factual accuracy, policy fit, tone, business judgment, security impact, legal exposure, accessibility, fairness, and downstream consequences. Review should happen before the output is shared, shipped, relied on, or used to make a decision.

  • Review facts against trusted sources or internal systems.
  • Review tone and audience fit before sending to customers, leaders, or external partners.
  • Review code with tests, peer review, and security expectations before merging or deploying.
  • Review policy, legal, HR, medical, financial, or regulated content with the appropriate owner.

Quick check · <30 sec

When must human review happen relative to the output being used?

  • A. After it is shared, if someone complains
  • B. Before it is shared, shipped, relied on, or used to decide
  • C. Only for code
  • D. Whenever convenient
Show answer
Review is a gate before impact, not a cleanup after it.

Part 7

Escalation is a feature, not a failure

A good AI user knows when to stop. Escalation does not mean the employee did something wrong. It means the workflow reached a boundary where approval, expertise, or policy clarity matters more than speed.

  • Escalate when the data is sensitive or the tool approval is unclear.
  • Escalate when the output could affect customers, employees, finances, security, compliance, or legal posture.
  • Escalate when the AI output conflicts with policy, source material, or professional judgment.
  • Escalate when someone asks you to use AI to hide authorship, bypass review, impersonate someone, or create misleading content.

Quick check · <30 sec

A colleague asks you to use AI to quietly rewrite something so it looks like another person authored it. You…

  • A. Do it; it's just writing help
  • B. Escalate — this is a misuse request, not a normal task
  • C. Do it but keep a note
  • D. Ask AI whether it's allowed
Show answer
Requests to hide authorship, bypass review, or mislead are escalation triggers, not judgment calls to make alone.

Part 8

Bias, accessibility, disclosure, and shadow AI

Four responsibilities get skipped because they feel optional. They are not. AI output can encode bias, miss accessibility, blur authorship, and tempt people onto personal accounts — each is a real workplace risk with a simple habit that mitigates it.

  • Bias & fairness: generated examples, assessments, and screening text can carry cultural, gender, or role bias. Skim outputs that describe or evaluate people and ask 'who could this unfairly disadvantage?'.
  • Accessibility: a quick pass — plain language, meaningful headings, alt text for images, not relying on color alone — before AI-assisted content goes to others.
  • Disclosure & attribution: norms vary by audience (internal vs customer vs regulator). When in doubt, disclose AI assistance and never present AI text as a named person's original certified work.
  • Shadow AI / personal hygiene: using a personal AI account for work moves company data outside approved controls. Keep work in approved tools; separate personal and work histories.
Activity · ~6 minclassify scenario

Four short sanitized situations. For each, name which of the four responsibilities (bias / accessibility / disclosure / shadow AI) is most at risk and the one habit that addresses it.

  • Situations: (a) AI drafts interview questions that lean on a cultural reference (b) an AI-generated infographic conveys status by color only (c) a customer report is AI-drafted and signed as an analyst's own analysis (d) someone uses their personal chatbot account to summarize a client call because it's faster
  • Rule: One responsibility + one concrete habit per situation

Your task

Map each situation to its primary responsibility and state the mitigating habit.

Show a hint
(c) is disclosure/attribution; (d) is shadow AI even though the intent was harmless.
Compare with a strong answer
a = bias: review people-describing output and cut the cultural dependency. b = accessibility: add a non-color cue and a text label. c = disclosure/attribution: note AI assistance and have the analyst actually review and own the analysis. d = shadow AI: stop; use the approved tool — good intent does not move the data back inside controls.

Why this matters: These four are the responsibilities most often rationalized away. Naming them in concrete situations makes them habits, not slogans.

Quick check · <30 sec

Using a personal AI account for a work task because it is faster is best described as…

  • A. Efficient and fine
  • B. Shadow AI — work data outside approved controls
  • C. A disclosure issue
  • D. An accessibility issue
Show answer
Intent does not matter; the data left approved controls. That is the shadow-AI risk.

End-of-module quick check

Five short retrieval questions. Answer from memory first, then reveal each explanation.

  1. 1. The most safety-relevant practical distinction in 2026 is…

    • A. Which AI brand you use
    • B. Consumer tier vs enterprise/work tier
    • C. Prompt length
    • D. Model size
    Show answer
    Tiers differ in data handling (training-on-input, retention, contractual terms) — that is what creates or prevents incidents.
  2. 2. Which technique best catches a confident-but-incomplete answer?

    • A. Ask if it's well written
    • B. Ask what the source does NOT say
    • C. Ask for it shorter
    • D. Accept it if it cites something
    Show answer
    'What does the source not say?' surfaces false completeness.
  3. 3. True or false: deleting names always makes a document safe to paste anywhere.

    • A. True
    • B. False
    Show answer
    False. Re-identifiable detail can remain and the tool/tier may still be unapproved for that category.
  4. 4. Using a personal AI account for a work task is…

    • A. Fine if faster
    • B. Shadow AI — data outside approved controls
    • C. A disclosure issue only
    • D. Encouraged
    Show answer
    It moves company data outside approved controls regardless of intent.
  5. 5. Name two responsibilities people most often skip when reviewing AI output.

    Show answer
    Any two of: bias/fairness check, accessibility pass, disclosure/attribution, shadow-AI avoidance.

Further reading

Worked examples by role

Front office coordinator

Scenario call: support thread

Pasting a customer support thread into a personal chatbot is prohibited (sensitive data + unapproved tool + shadow AI). Safer: sanitize to a generic situation and ask for a response template, or use the approved tool with the normal review. Disclosure: if the reply is AI-drafted, the coordinator still reviews and owns the wording.

Training manager

Scenario call: generated assessment

AI-drafted quiz items are caution, not safe: bias risk in people-facing content. Habit: scan each item for cultural/role bias and reading level, run an accessibility pass, and disclose AI assistance to co-reviewers. Prohibited variant: AI scoring real learners — decides about people.

Software developer

Scenario call: logs with tokens

Pasting production logs containing tokens into a consumer tool is prohibited (secrets + tier). Safer: redact secrets and identifiers, use the approved tier, and verify any suggested cause against the actual system before acting. Cross-check high-stakes conclusions before they reach an incident channel.

Completion artifact

Classify three sanitized scenarios as safe, caution, or prohibited. For each, name the main risk, the tier/tool consideration, the verification or review step, and the escalation path.

ExercisePilot-ready artifact

Classify three sanitized workplace scenarios as safe, caution, or prohibited. For each scenario, include the risk reason and review or escalation path.

Participant template

  • Scenario 1:
  • Classification:
  • Risk reason:
  • Review/escalation path:
  • Scenario 2:
  • Classification:
  • Risk reason:
  • Review/escalation path:
  • Scenario 3:
  • Classification:
  • Risk reason:
  • Review/escalation path:

Example submission

Scenario: summarize sanitized meeting notes for an internal planning session. Classification: safe. Risk: low sensitivity and reviewable. Review path: participant edits before sharing. Scenario: paste a support ticket with customer identifiers into a public chatbot. Classification: prohibited. Risk: customer/private data in unapproved tool/tier. Escalation: use approved tool or ask manager/security for guidance. Scenario: draft a new customer-facing policy FAQ. Classification: caution. Risk: external reliance and policy accuracy. Review: policy owner and communications review; disclose AI assistance internally.

Role-flavored variants

Same exercise, framed for different roles. Use the one closest to your work.

Sales coordinator

Use customer-facing scenarios. At least one must turn on tier/tool approval, and one must raise disclosure or fabricated-claim risk.

See a sample submission
Sales submission (excerpt): Scenario: draft a follow-up from sanitized account context in the approved CRM tier — caution; verify no invented competitor/pricing claims; owner sends. Scenario: paste a signed customer contract into a free chatbot for a summary — prohibited (proprietary + consumer tier); use the approved tier. Scenario: AI sets a customer's discount — prohibited (decides about a customer).

Software developer

Use technical scenarios. One must involve secrets/tier, one must require verification (cross-check or source-following) before acting.

See a sample submission
Developer submission (excerpt): Scenario: explain a sanitized stack trace — safe; cross-check the suspected cause against the real system before acting. Scenario: paste logs with tokens into a consumer tool — prohibited (secrets + tier); redact and use approved tier. Scenario: AI auto-approves a PR — prohibited (bypasses review).

Learner checklist

Use this as a final check before submitting. Program leads use a separate review guide when they approve or coach submissions.

  • Three scenarios classified
  • At least one caution/prohibited reason explained
  • Tier/tool or verification consideration referenced
  • Review or escalation path identified
  • Scenarios are sanitized/generic
Loading your module status…

Previous module

Prompting with context and constraints

Review the prior step in the path.

Next module

Build something useful with AI

Keep momentum with the next completion check.