# Data Exposure Why sensitive information needs boundaries. Track: AI Risk and Controls ## What is it? Data exposure happens when information is shared with an AI tool or system in a way that creates risk. The data might be customer details, employee information, contracts, source code, financial data, strategy documents, or confidential emails. ## Why it matters AI tools make copying information easy. A user may paste a full document because they want a faster summary. But once information enters a tool, the organization needs to understand where it goes, how it is processed, whether it is stored, and who can access it. ## How it works Data exposure risk depends on the tool, the data, and the settings. A managed enterprise tool may have stronger controls than a personal account. A public chatbot may not be appropriate for confidential business information. The safest habit is to classify the data before pasting it. ## Analogy Think of AI like sending a document to another office for help. Before sending it, you would ask who receives it, where it is stored, and whether the content is confidential. Pasting into AI should trigger the same thinking. ## Example usage An employee should not paste customer records into an unmanaged AI tool. A developer should be careful with source code. A manager should think twice before uploading employee performance notes. The issue is not fear. It is boundary setting. ## How to use this Before using AI, ask what data is inside the prompt or file. If it includes personal, confidential, regulated, or commercially sensitive information, use approved tools and approved processes only. ## Common mistake The common mistake is removing a name but leaving enough detail to identify a person, client, or deal. Data can still be sensitive even after obvious labels are removed. ## Question to ask - **Classification**: What kind of data am I about to paste or upload? - **Tool**: Is this AI tool approved for this type of data? - **Storage**: Could this information be stored, logged, or reused? - **Reduction**: Can I ask the question with less sensitive information? ## Quick quiz What is the safest first step before pasting work data into AI? ## Flashcard **Question:** What is data exposure? **Answer:** Data exposure is the risk created when sensitive or confidential information is shared with an AI tool or system.