checklist

Sensitive Data & AI Use Pre-Prompt Checklist

A practical checklist for deciding whether source material belongs in an AI prompt, upload, or connected workflow.

Use this checklist before pasting text, uploading a file, connecting a tool, or sharing an AI output that came from sensitive source material.

Quick gate:

  • Whose data is this?
  • Where could the prompt, file, tool action, or output end up?
  • Could you defend this choice if the submission appeared in a review log?

Before You Paste

Describe the task without copying the source yet.

  • What do you want the AI tool to help with?
  • What source material would you normally provide?
  • Who owns that material?
  • Who could be affected if the material is exposed?
  • Is the tool approved for this kind of material?

Boundary statement:

I am using [tool/workflow] for [task]. The material is [public / internal / confidential / personal / regulated / unknown]. The boundary decision is [safe to use / use redacted version / use approved tool only / stop and ask].

Sensitive Material Scan

Check whether the material includes any of these categories.

Category Examples Decision
Personal information names, contact details, account identifiers, employee records use only if approved
Regulated or high-stakes material health, financial, legal, HR, compliance, security stop and ask unless explicitly approved
Confidential business material contracts, strategy, internal plans, incidents, negotiations use redacted or approved workflow
Third-party-owned material customer files, partner documents, licensed content confirm rights and boundary first
Access material passwords, API keys, tokens, connection strings, recovery codes never paste
Identifying combinations dates, roles, locations, project names, internal identifiers remove or generalize

Decision:

The material is [clear / sensitive / unknown] because [reason].

Hidden sensitivity check:

  • file names, folder paths, headers, footers, comments, tracked changes, and metadata
  • pasted screenshots that reveal names, tabs, links, IDs, or notifications
  • copied tables where combined columns identify a person, account, project, or event
  • prompts that seem generic but include internal labels, rare dates, or exact values

Redaction And Substitution

Create a safer version of the material.

Replace:

  • real names with [person], [customer], [employee], or [vendor]
  • account numbers with [account-id]
  • exact dates with [date] or a broad timeframe
  • locations with [location]
  • project names with [project]
  • internal URLs with [internal-link]
  • exact dollar amounts with [amount] if the number is not needed
  • real records with synthetic examples when testing a prompt

Two safer patterns:

  • Redact: remove details the AI does not need.
  • Substitute: replace the real detail with a generic placeholder or synthetic fact that preserves structure.

Before:

Rewrite this message from [person-name] about [exact account], [specific date], and [internal project].

After:

Rewrite this message about a billing delay. Use placeholders for the person, account, date, and project. Keep the tone calm and do not infer missing facts.

Substitution warning: do not fake numbers, dates, or categories when those values are needed for math, eligibility, legal meaning, or technical behavior. In those cases, use an approved workflow or ask the owner.

Redaction check:

Item removed Placeholder used Still needed for task?

Tool And Workflow Check

Answer before submitting.

  • Is this a consumer, enterprise, API, local, or internally approved tool?
  • Does the tool store prompts, uploads, outputs, or chat history?
  • Can the content be reviewed by the provider, administrator, support staff, or another user?
  • Can the content be used for product analytics, model improvement, or abuse monitoring?
  • Does the workflow call another tool or service?
  • Can the tool read or change systems beyond the current prompt?
  • Is there a record of what was submitted and why?

If you do not know the answers, treat the boundary as unknown.

If the tool is not appropriate, choose one:

  • sanitize the material and use only the safe version
  • switch to an approved tool or workflow
  • ask for owner, security, policy, or manager review
  • do the work manually without AI

Prompt Rewrite

Write the safe version before using the tool.

Unsafe draft:

[paste what you were tempted to ask, or summarize why it is unsafe]

Safer prompt:

[write a version with redaction, generalization, synthetic facts, or a request for process help]

What changed:

  • Details removed:
  • Details generalized:
  • Synthetic details used:
  • Remaining uncertainty:

Decision label:

  • safe as written
  • safe only after redaction
  • approved workflow required
  • stop and ask
  • do not use AI

Worked Walkthrough

Scenario: you want help turning a sensitive note into a professional response.

  1. Scan: the note includes a person’s name, an exact event date, and an internal project label.
  2. Decision: sensitive because the combination could identify the person and event.
  3. Safer path: remove the name, replace the date with [date], replace the project with [project], and ask for tone and structure help only.
  4. Prompt rewrite:

Help rewrite this response using placeholders. A person reported a delay related to [project] on [date]. Keep the response respectful, do not add cause or blame, and list what details still need owner review.

  1. Final decision: use only the redacted version, then review the output before sharing.

Stop-And-Ask Triggers

Stop before prompting when any trigger applies.

  • The material includes personal, regulated, confidential, or third-party-owned information.
  • You are unsure whether the tool is approved for the data type.
  • The prompt would include passwords, API keys, tokens, connection strings, certificates, or recovery codes.
  • The answer could influence a decision about a person, customer, vendor, system, contract, or public statement.
  • The tool can read from or write to connected systems.
  • The output may be shared outside the original team.
  • You would be uncomfortable if the prompt appeared in a log, screenshot, support ticket, or public post.
  • You are unsure who owns the boundary decision.

Escalation owner:

Decision after escalation:

Quick Self-Check

Before submitting, confirm:

  • I know who owns the source material.
  • I know the tool/workflow is appropriate for this data type.
  • I removed or generalized details that are not needed.
  • I did not include access material.
  • I used synthetic examples where real records were not required.
  • I know who must review uncertain cases.
  • I can explain why this boundary decision is reasonable.

Final Use Decision

Choose one.

  • Safe to use as written.
  • Use only the redacted version.
  • Use only an approved tool or workflow.
  • Needs owner/security/policy review first.
  • Do not use AI for this material.

Sign-off:

  • Reviewer:
  • Date:
  • Tool or workflow:
  • Intended use:
  • Boundary decision:
  • Required follow-up:

These public references are useful starting points for deeper study. The checklist above is original LIW training guidance.