When using AI tools at work, the most critical step comes before you even type a question: sanitizing your input. A new guide from Tech Recon Report outlines a simple but essential blueprint for keeping sensitive information out of AI prompts.
Before entering anything into an AI, you must remove or replace any sensitive, private, confidential, or regulated information. The following categories require special attention:
- Personal and Contact Details: Employee names, citizen names, addresses, phone numbers, and email addresses.
- Law Enforcement and Legal Data: Criminal justice information, police report numbers, case numbers, and any details that could expose an investigation, department, or city.
- Health Information: Any medical data.
- IT and Security Data: Passwords, credentials, network details, IP addresses, internal security procedures, vendor account numbers, and real names of internal servers or databases.
To safely provide context, use placeholders such as [Employee Name], [Address], or [Internal Application]. This preserves the structure and intent of your prompt without exposing real data.
The golden rule: write every prompt as if it could be seen by someone outside your organization. Adopting this mindset drastically reduces the risk of accidental data leaks through AI chatbots and tools.