1. What staff should not put into AI tools
The single most important AI safety rule for any SME: do not put anything into a public AI tool that you would not be comfortable sending to an external provider without a contract, security review and a clear business reason.
- Customer personal information (names, addresses, contact details, account notes)
- Sensitive information (health records, background checks, employee grievances, identity documents)
- Payroll, tax file numbers, bank details, superannuation information
- Employee records, performance reviews, disciplinary notes, medical certificates
- Passwords, API keys, authentication tokens, database credentials
- Signed contracts, legal advice, settlement offers, court documents
- Confidential commercial agreements, NDAs, IP applications
For a full guide, see What Australian SMEs should not put into ChatGPT.
2. How to approve AI tools
Every AI tool used for business should be approved and documented. Before approving an AI tool, check:
- Data handling: Where is data stored? Is it used for model training? Can you delete it?
- Privacy: Does the vendor have a DPA? Where is data processed geographically?
- Access control: Who can use it? What permissions do they have? Is MFA supported?
- Business vs personal: Is this a business-grade account or a consumer product?
- Use case: What specific task is it approved for? What is it explicitly not approved for?
- Owner: Who in the business is responsible for this tool?
Every approved tool should be listed in an Approved AI Tools Register with its owner, approved use cases, risk level and review date.
3. How to classify data before using AI
Before any data goes into an AI tool, staff should know what category it falls into:
| Classification | Examples | AI rule |
|---|---|---|
| Public | Marketing materials, published website content, public reports | Safe for any approved AI tool |
| Internal | Internal procedures, training materials, non-sensitive operational docs | Use in approved business AI tools only |
| Confidential | Customer records, financial data, contracts, employee information | Requires approved, business-configured AI with data protection. Minimise what you share. |
| Restricted | Health records, TFNs, payroll, legal advice, regulated data | Do not use with AI without explicit approval, governance review, and strict controls |
Staff should be trained to classify data before using any AI tool. The default rule: if you are not sure, do not paste it.
4. Human approval rules
AI can draft, recommend, summarise and classify. But these actions should always require human review and approval:
- Sending customer communications (emails, messages, proposals, quotes)
- Updating CRM, finance or business systems
- Publishing content externally
- Making commitments, promises or representations on behalf of the business
- Any customer-facing AI output
- Any action involving payments, refunds or financial transactions
AI should never send, delete, purchase, refund, approve, publish or alter key records without human approval unless the risk is low and explicitly authorised in writing.
5. Agent access levels
Most Australian SMEs should keep AI at levels 1–3 until controls are mature and tested.
| Level | Access | Example | Guidance |
|---|---|---|---|
| Level 0 | No business data | General drafting, brainstorming | Safe starting point for any business |
| Level 1 | Read-only approved data | Search internal policy docs | Good early use case — low risk |
| Level 2 | Drafting only | Draft email, staff approves | Recommended for most SMEs |
| Level 3 | Limited write access | Update CRM note after approval | Use with documented controls |
| Level 4 | Autonomous action | Send email, book job, refund | Avoid unless governance is mature |
| Level 5 | Critical system control | Finance, payroll, legal, safety | Do not use without advanced governance and external review |
6. AI incident response process
If AI produces incorrect, misleading, offensive or inappropriate output — or if protected data is accidentally entered into an AI tool:
- Stop using the tool immediately for that task.
- Report the incident to the AI owner or manager within 24 hours.
- Document what happened, what data was involved, and what corrective action was taken.
- Review whether the tool, workflow, data rules or training need updating.
- Notify affected parties if personal information was involved, in line with your privacy obligations.
7. How to choose a safe first workflow
The safest first AI workflow checks four boxes:
- Repetitive — the same task happens many times a week
- Measurable — you can track time, volume and quality
- Low-to-medium risk — errors are inconvenient but not catastrophic
- Well-defined — the rules and steps are clear and documented
Good first candidates: lead enquiry drafting, internal knowledge search, document data extraction, CRM follow-up, inbox triage. Avoid starting with: autonomous customer service, legal advice, payroll decisions, autonomous payments.
8. When not to use AI
AI is not always the answer. Sometimes the right response is:
- A better process or cleaner data
- Simpler automation (rules-based, no AI needed)
- Staff training or clearer procedures
- Acknowledging that the risk outweighs the benefit
The question should not be "can AI do this?" but "should AI do this, and what controls need to be in place?"
9. Australian guidance references
The AiBorz safety model draws on published Australian guidance:
- OAIC: Organisations should not enter personal information into publicly available generative AI tools. Privacy Act obligations apply to all uses of AI involving personal information. Many small businesses are not automatically covered by the Privacy Act, but the small-business exemption has exceptions (including some health service providers, credit reporting, and trading in personal information). Regardless of coverage, privacy protection is best practice, and staff should treat customer and employee data as confidential.
- ACSC: Small businesses should define what data cannot be uploaded into AI, train staff, review vendor data handling, and remove or anonymise personal details before using AI.
- National AI Centre: Six essential practices — governance, risk management, human oversight, testing and monitoring, accountability, and record-keeping.
This page is practical guidance, not legal advice. Every business should review its specific obligations with a qualified professional.