Avoid sharing sensitive data with AI: what to check first
Posted inAI

AI Safety Checklist for ChatGPT Gemini and Claude to Avoid Sharing Sensitive Data

Posted inAI

Avoid sharing sensitive data with AI by using one fixed workflow: classify the data first, check the product settings second, redact the text third, and only then send the minimum required context.

What data should you never paste into ChatGPT, Gemini, or Claude just for convenience?

Data you should never paste into ChatGPT, Gemini, or Claude includes anything that directly identifies a person or grants access to systems.

Fast triage before you paste:

  • passwords, SMS codes, backup 2FA codes, API keys, access tokens
  • card numbers, CVV, bank statements, tax IDs
  • contracts with names, addresses, signatures, or account numbers
  • HR files, medical documents, customer lists
  • screenshots that expose email addresses, order IDs, tabs, or internal notes
  • code snippets with .env values, secrets, or private endpoints

This triage list works as a default stop-check before any prompt.

What signs show a prompt is risky before you send it?

A prompt is risky before you send it when the task can be completed with placeholders, but you are about to paste real data anyway.

Common signals:

  • the text contains names, phone numbers, addresses, or dates of birth
  • the spreadsheet includes customer columns
  • the file contains internal comments or hidden notes
  • the task asks for summarizing a document, but the full raw document is not actually necessary

Validation is simple: replace identifiers with placeholders and test the same request. If the output is still useful, real data was not needed. If the output fails, add only the missing context in small pieces rather than pasting the full source.

What should you check before your first AI prompt to reduce leakage risk?

The first thing to check before your first AI prompt is the data context and risk category, not the wording of the prompt.

NIST’s AI RMF 1.0 frames AI risk management as an ongoing, iterative process, which is a strong reminder that safe prompting is not a one-time setup and should be re-checked as tasks and data types change.

Use this pre-prompt sequence:

  1. Classify the data: public, internal, confidential.
  2. Define the task: draft, rewrite, summarize, classify, extract.
  3. Decide whether real identifiers are necessary.
  4. Prepare a redacted prompt template for repeat use.

Validation: run the task once on dummy data. If the result is still useful, keep the redacted template as your default. If it is not, add only the minimum missing facts and retest.

What settings should you check in ChatGPT before handling sensitive content?

The settings you should check in ChatGPT before handling sensitive content are the data controls and the chat mode for the specific task.

OpenAI’s Data Controls FAQ states that Temporary Chats are not used to train models, which makes Temporary Chat a safer option for one-off tasks with elevated privacy concerns.

What to verify:

  • your data controls setting for model improvement
  • whether the task should be done in Temporary Chat
  • whether you are uploading a file when a redacted excerpt would be enough
  • whether the current thread already contains sensitive details from earlier messages

Validation: send a short non-sensitive test prompt in the intended mode. If you are unsure, start a new Temporary Chat and repeat the task with a redacted version first.

What should you check in Gemini to avoid sharing more than necessary?

The key thing to check in Gemini is whether connected apps or linked data sources expose more information than the task requires.

Google’s Gemini Apps Help warns against connecting apps that contain confidential information you would not want a reviewer to see, and it notes that human reviewers help improve Google services, including generative AI.

What to verify:

  • which apps are connected
  • whether those connections are needed for this exact task
  • whether you are using the correct account, personal vs work
  • whether connected apps currently expose confidential emails or files

Validation: disable unnecessary connections and test the task on a redacted sample. If output quality drops, re-enable access one source at a time and verify the result after each change.

What should you verify in Claude before pasting documents or text excerpts?

What you should verify in Claude before pasting documents is the data-use policy and product context for your specific usage mode.

Anthropic’s Privacy Center materials describe model-training data use in relation to product and settings choices, so it is safer to confirm your current setup than to assume the same rule applies in every Claude workflow.

Practical minimum:

  • confirm whether you are in a personal or work-managed environment
  • paste excerpts instead of full documents when possible
  • remove names, contacts, IDs, and contract numbers
  • replace company names with roles or placeholders where the exact name is not required

Validation: test Claude with a redacted excerpt first. If the answer is insufficient, add context in small increments and check whether the benefit justifies the extra exposure.

How do you redact text before sending it to AI without losing the meaning?

Redacting text before sending it to AI works best when you replace identifiers, reduce precision, and keep only task-relevant facts.

A practical redaction pattern:

  • names → Client A, Manager B
  • contract numbers → Contract-001
  • addresses → city or region only
  • exact amounts → ranges or percentages
  • email threads → factual summary without signatures or contact fields

A safer prompt format:

  • goal: what output you need
  • context: only the facts required
  • constraints: no personal data, no legal conclusions, no invented details
  • output format: checklist, table, draft email, summary

Validation: compare the answer from a raw version vs a redacted version. If the quality is similar, the redacted version should become your default template.

What mistakes should you avoid when using ChatGPT, Gemini, or Claude?

The mistakes to avoid when using ChatGPT, Gemini, or Claude are mostly workflow mistakes, not advanced technical mistakes.

Common errors:

  • pasting the full document when one paragraph is enough
  • sending screenshots instead of a cleaned text extract
  • leaving sensitive context in an existing thread
  • mixing personal and work data in one session
  • asking for document rewrites before redaction
  • trusting the model’s factual accuracy without a separate verification step

This is the point where a simple rule helps most: redact first, prompt second, validate third.

Which minimum workflow reduces risk the most when working with AI tools?

The minimum workflow that reduces risk the most is “classify data → redact → verify mode/settings → send minimum context → validate output”.

The joint CISA guidance on deploying AI systems securely aligns with this pattern because least privilege, access segmentation, and monitoring reduce the impact of mistakes even when human error cannot be fully eliminated.

If you already pasted sensitive data:

  1. Stop sending additional details in that thread.
  2. Close or reset the session if appropriate for your workflow.
  3. Rotate passwords, keys, or tokens if credentials were exposed.
  4. Notify the responsible person or team if work data was involved.
  5. Rebuild the task using a redacted template.

Validation: rerun the same task on a redacted dataset and compare output quality. If the result is good enough, document that version as your standard safe workflow.

Sources:

Tags: