AboutBlogBusiness First AIFounder FreedomBook a conversation

A four-tier data map so your team knows what AI can touch

Two colleagues in a meeting room reviewing a printed data classification table on a conference table
TL;DR

Sort your data into four tiers, public, internal, confidential, and restricted, then map each tier to the tools permitted to process it. Public data can go into any AI tool. Internal data needs a paid commercial tier with a Data Processing Agreement. Confidential data requires explicit consent and a DPA. Restricted data, covering health records and biometric data under UK GDPR Article 9, stays away from external tools in almost every scenario.

Key takeaways

- A four-tier data map classifies everything your business holds as public, internal, confidential, or restricted, with each tier mapped to the AI tools allowed to process it. - Public data can be processed by any AI tool, including free consumer tiers. Internal data requires a paid commercial tool with a Data Processing Agreement and a training opt-out commitment. - Confidential data, which includes client matter files and customer personal data, requires both explicit consent from the third party and a DPA with the AI vendor before any external processing. - Restricted data under UK GDPR Article 9, including health records, biometric data, and criminal conviction data, is off-limits for external AI tools in almost every scenario. - Building the map requires three supporting steps: a vendor Data Processing Agreement, a Data Protection Impact Assessment for high-risk processing, and a shadow AI survey to surface the tools your team already uses.

Three teams. All using AI tools to get through the day faster. Two of them pasting client notes into a consumer chatbot to generate summaries. One pulling a contract draft into a free tool for a quick tidy-up. Nobody was trying to cause a problem. The issue was simpler. Nobody had ever told them which data could go where.

A data classification table fixes that. One page. Four tiers. A column for each tool category. The daily decision becomes visible before anyone opens a browser tab.

What is a four-tier data map?

A four-tier data map sorts everything your business holds into one of four categories. Public is anything already in the public domain. Internal is the operational material used inside the firm. Confidential is what clients or partners have shared in trust. Restricted sits at the tightest end, governed by UK GDPR Article 9. Each category carries a rule about which AI tools may process it.

Professional services businesses encounter all four tiers on the same working day. A piece of marketing copy is public. The strategy document that preceded it is internal. The client brief that shaped the campaign is confidential. A health disclosure that came up during an HR conversation is restricted. Four categories, not because the framework demands it, but because the regulatory and contractual obligations that attach to each one are genuinely different.

Public data carries no confidentiality risk and typically involves no personal data. Free AI tools, including consumer tiers that train on user inputs by default, are appropriate here. Drafting a social media post from a publicly available report, generating a case study template, brainstorming ideas from market data already published online. All safe.

Internal data carries no third-party confidentiality obligations, though it may include employee personal data and commercially sensitive material. A paid commercial AI tool with a Data Processing Agreement is appropriate for this tier, meaning the vendor has contractually committed not to train on your inputs and has specified where your data is stored. The major commercial providers now offer this at their paid tiers.

Confidential data carries one additional condition. The third party whose information it is must have approved the AI processing. An updated engagement letter or explicit consent, alongside a DPA with the vendor, is the minimum. For a law firm, this is where client matter files sit, and the Solicitors Regulation Authority’s guidance on AI in legal practice applies directly.

Restricted data under UK GDPR Article 9 sits at the strictest end of the scale, and external AI tools are off the table in almost every case.

Why does it matter to your business?

In 2023, Samsung engineers used free ChatGPT to complete work tasks and inadvertently shared semiconductor design specifications, source code, and internal meeting notes. The free tier trained on those inputs, absorbing proprietary information into its model. The engineers were working normally. The governance failure had a single root cause. Nobody had told them which data could go into which tool.

The UK Information Commissioner’s Office has made clear that adopting AI does not exempt businesses from UK GDPR obligations. When AI processes personal data, several requirements activate immediately. Lawful basis under Article 6 must be established, privacy notices must be updated to disclose AI processing, and a Data Protection Impact Assessment is likely required under Article 35 if the processing poses high risk to individuals. These obligations are triggered by the act of adopting the technology, not by the size of the firm.

For a team of fifteen or twenty people, the exposure is comparable to Samsung’s, scaled down in visibility but not in consequence. An employee who pastes a client brief into a free consumer chatbot may have breached a professional confidentiality obligation, violated UK GDPR, and disclosed commercially sensitive information, all in the time it took to generate a three-paragraph summary. A classification map makes that error structurally impossible before it happens.

Where will you actually meet the tier question?

The classification decision comes up every time someone reaches for an AI tool. A proposal draft where the market overview is public but the client brief is confidential. A board meeting summary that is internal. An employee sickness record that is restricted. The tier decides which tool is acceptable and whether a Data Processing Agreement needs to be in place.

The free tier versus paid tier question is where many teams get caught. Consumer versions of the major AI tools, the ones that cost nothing, default to training on user inputs. The paid commercial tiers of the same tools offer the data protection commitments that make them appropriate for internal data. The practical test is simple. Does the vendor have a current DPA, a commitment not to train on your inputs, and clarity on where the data is stored? If the answer to any of those is no, the tool belongs in the public-tier column only.

A one-page table removes the daily calculation. Down the left side, the four tiers, each with two or three examples drawn from your own business. Across the top, four tool columns, one each for free tools, paid commercial tools with a DPA, approved specialist platforms, and on-premise or locally-run models. Each cell gets a yes or a no. A team member who is uncertain knows which row their data sits in and which column their tool occupies. The answer is in the cell.

When is data off-limits for external tools?

Restricted data under UK GDPR Article 9 covers health records, biometric data, genetic information, racial or ethnic origin, religious belief, sexual orientation, trade union membership, and criminal conviction data. For this tier, external AI tools are off the table in almost every scenario. The law requires explicit legal basis, additional conditions for processing, and exceptional technical safeguards before any automated handling can proceed.

Healthcare practices face this most directly. Patient health records are restricted by definition. Any AI system processing patient data must have a Data Processing Agreement, a training opt-out, GDPR compliance, and, for US patients, a HIPAA Business Associate Agreement. Many cloud-based AI services cannot satisfy all of those requirements. The practical default is that patient data stays on-premise or within a healthcare-specific system built explicitly for this compliance profile.

The same logic applies to HR functions in any business. An employee’s sick leave history, disability disclosure, or diversity monitoring data is restricted under Article 9. An AI tool summarising HR records for workforce planning is processing special category data and requires a lawful basis that goes beyond legitimate interest. The restricted tier rule is straightforward. If in any doubt, the data stays out of external systems until you have legal advice confirming otherwise.

What connects the map to your broader AI governance?

The tier map works alongside three other governance steps. A Data Processing Agreement with your AI vendor locks in the protections that make the confidential tier workable. A Data Protection Impact Assessment is legally required under UK GDPR Article 35 before processing that poses high risk to individuals. A shadow AI survey surfaces which tools your team already uses, so the map reflects your actual current state.

The DPA is not complicated to obtain. Every major AI provider now offers a standard template at their commercial tier. Ask the vendor three things. Do you have a current DPA, do you commit not to train on our inputs, and where is our data stored? If they cannot give clear answers to all three, they belong in the public-data column only, regardless of what their marketing suggests.

Shadow AI, the tools your team has already adopted without formal approval, often sit in the confidential or restricted category without anyone having noticed. A brief, anonymous survey of current AI tool use, run before you build the map, typically surfaces three or four tools that need immediate attention. The survey also tells you which approved tools people are actually finding useful, which is the more productive half of the information.

Once the table exists, the governance burden drops considerably. The table replaces the policy document. Every team member asks two questions. Which tier is this data, and which column is this tool in. One page, four rows, four columns.

If you are building out your AI governance foundation, that is a good place to start a conversation. Book a conversation

Sources

- ICO. Guidance on AI and data protection (2023). UK GDPR obligations when AI processes personal data, including lawful basis, transparency, and DPIA requirements. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/artificial-intelligence/guidance-on-ai-and-data-protection/ - ICO. Data Protection Impact Assessments. Legal requirement under UK GDPR Article 35 before high-risk AI processing; conditions that trigger a DPIA when using AI to process personal data. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/accountability-and-governance/data-protection-impact-assessments-dpias/ - UK Data Protection Act 2018 and UK GDPR. Primary legislation governing personal data processing, including Article 9 special category data protections and Article 22 automated decision-making rights. https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted - NIST AI Risk Management Framework 1.0 (2023). Govern, Map, Measure, Manage functions for AI governance; contextualises data classification within a proportionate governance approach. https://airc.nist.gov/RMF - OWASP Top 10 for Large Language Model Applications (2025). Identifies sensitive information disclosure and training data poisoning as leading risks when consumer AI tools process confidential data. https://owasp.org/www-project-top-10-for-large-language-model-applications/ - ISO/IEC 42001:2023. International standard for AI management systems, including data management requirements applicable to confidential-tier governance in owner-managed businesses. https://www.iso.org/standard/81230.html - EU AI Act, Regulation (EU) 2024/1689. Four-tier risk classification and transparency obligations for AI systems processing data of EU residents. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32024R1689 - Solicitors Regulation Authority. Generative AI guidance (2024). Professional confidentiality obligations and data classification expectations for SRA-regulated legal firms using AI tools. https://www.sra.org.uk/solicitors/guidance/ethics-guidance/generative-artificial-intelligence/ - Microsoft Work Trend Index (2024). Documents widespread unmanaged adoption of AI tools, including consumer-tier chatbots for tasks involving sensitive work data. https://www.microsoft.com/en-us/worklab/work-trend-index - BBC Technology. Samsung bans use of generative AI tools after employee data leak (2023). Employees shared semiconductor designs and source code via free ChatGPT; illustrates the classification-gap risk at scale. https://www.bbc.co.uk/news/technology-65301510

Frequently asked questions

What is the difference between confidential and restricted data in an AI context?

Confidential data is information shared under a contractual or professional duty of confidence, such as client matter files or commercial terms under a non-disclosure agreement. Restricted data is a specific legal category under UK GDPR Article 9, covering health records, biometric data, and other sensitive personal data. Both tiers require extra care, but restricted data has a harder legal boundary and requires explicit lawful basis beyond legitimate interest before any AI processing can proceed.

Can we use free AI tools for any work tasks?

Free AI tools can safely process public data, meaning anything already on your website or available to anyone outside the firm. They are not appropriate for internal, confidential, or restricted data because free consumer tiers typically train on user inputs by default and do not offer a Data Processing Agreement. The practical rule is to reserve free tools for brainstorming, drafting from templates, and working with publicly available information only.

How do I build a data classification map for my team?

Start with a simple table, data categories in rows and tool tiers in columns. Free tools for public. Paid commercial tools with a DPA for internal. Approved specialist or on-premise tools for confidential and restricted. Add two or three examples for each tier drawn from your own business so the categories feel concrete to your team. One page is enough. Share it at a team meeting and include it in your new-starter induction from that point on.

Written by Dr Dave Heath, AI consultant and business strategist.

This post is general information and education only, not legal, regulatory, financial, or other professional advice. Regulations evolve, fee benchmarks shift, and every situation is different, so please take qualified professional advice before acting on anything you read here. See the Terms of Use for the full position.

Ready to talk it through?

Book a free 30 minute conversation. No pitch, no pressure, just a useful chat about where AI fits in your business.

Book a conversation

Related reading

Two people at a conference table, one looking at a laptop screen with a concerned expression

Find the shadow AI in your agency before a client's data leaks through it

Agency teams paste client material into free AI tools daily, often without data agreements, and that exposure may already be a breach of your client confidentiality contract.

An experienced factory worker showing a younger colleague how a piece of equipment works at a workshop bench

Capture the shop-floor knowledge before it retires

The real asset in a specialist manufacturer is rarely on the balance sheet. It lives in the heads of your most experienced operators, and when they retire, it goes with them unless someone has captured it.

Person reviewing paper records at a workshop bench with industrial machinery in the background

Why AI stalls in manufacturing when the data lives on paper

In specialist manufacturing, the data that AI tools need is often on paper or trapped in systems that have never been connected, and that is what stalls the programme, not the technology.

If any of this sounds familiar, let's talk.

The next step is a conversation. No pitch, no pressure. Just an honest discussion about where you are and whether I can help.

Book a conversation
AboutBlogBusiness First AIFounder FreedomContactBook a conversation
Privacy PolicyTermsCookie Policy

© 2026 Larocca Consulting Ltd