SD AI Training
All modules

Module 5 of 6 · 5 min

Risks and guardrails

Last module: The loop from the exercises: material in, draft out, your judgment on top — and always verify the surprising claim.

The two risks that actually matter

Most AI horror stories come down to two mistakes: trusting a made-up fact, or pasting in data that shouldn’t leave the building. Both have simple defenses. This module is those defenses.

Risk 1 — made-up facts

From Module 1: the model writes plausible text. Sometimes a plausible detail is simply invented — a rule, a price, a quote. The tone gives no warning. The defense is targeted, not paranoid:

  • Verify the load-bearing facts — names, numbers, dates, laws, quotes. The prose around them is usually fine.
  • Ask for sources, then open them. One real link beats ten confident paragraphs.
  • Never re-ask as verification. “Are you sure?” just gets another fluent guess.

Risk 2 — data privacy

The vendor-email rule: if you wouldn't email it to an outside vendor, don't paste it in.

When AI becomes routine, business tiers are worth it — ChatGPT Team, Claude for Work, Copilot 365. They contractually keep your data out of model training. On free tiers, check settings: most let you turn off training on your chats.

Risk 3 — autopilot

The quiet failure: the tenth AI-drafted email goes out unread because the first nine were fine — and the tenth promised a refund policy you don’t have. The rule from Module 3 is non-negotiable: a person reads everything before it leaves the building.

Your one-page AI policy

Three rules cover 90% of the risk. Write them down, share them, done:

Starter AI policy — edit to fit
OUR AI POLICY (v1)

1. Approved tools: [ChatGPT / Claude / Gemini / Copilot — pick yours]. Use your work account, with chat-training turned off in settings.

2. Never paste in: customer or employee SSNs, financial account numbers, health information, passwords, or NDA-covered material. When in doubt, swap names out ("Customer A") or ask [owner/manager].

3. A person reviews anything AI-drafted before it goes to a customer, vendor, or the public. You are responsible for what you send, whoever drafted it.

Questions or a new tool you want to try → talk to [name].

Knowledge check

Answer all three to complete the module. Wrong guesses just mean try again.

1. Which of these should NOT be pasted into a consumer AI chat tool?
2. What's the practical defense against hallucinated facts in AI output?
3. What belongs in a small business's first AI policy?