AboutBlogBusiness First AIFounder FreedomBook a conversation

Getting non-technical staff to use AI in everyday work

May 19, 2026
Four colleagues standing around a laptop in an office, one pointing at the screen while the others lean in
TL;DR

Many non-technical staff are already using AI privately, so the first move is a short policy and a permitted-use list, not training. Turn on AI inside the tools your team already uses, name a policy owner and an operational steward, and start with low-risk drafting and summarisation tasks where a human always edits before sending.

Key takeaways

- In 2024, 75% of UK office workers used generative AI monthly, yet only 28% worked under a formal AI policy, so the first move is to surface and steer existing private use, not start from zero. - A short, readable AI policy (two to four pages) is a better on-ramp than a long legal document, and the Scottish AI Playbook gives a template aimed at small businesses. - Turn on Microsoft Copilot or Google Workspace AI for a pilot group before introducing separate specialist tools, because non-technical staff adopt AI fastest when it lives where they already work. - Start with email drafting, meeting-note summarisation and document first-drafts; the UK Government AI Playbook explicitly tells teams to prioritise low-risk, high-volume use cases. - Name one senior person as AI Policy Owner and one tech-savvy staffer as day-to-day AI Steward, keep a shared register of approved use cases, and ban personal or confidential client data from any tool that isn't on the approved list.

The marketing manager at a thirty-person consultancy in Bristol opens ChatGPT every morning before her first coffee. She drafts client emails in it, summarises the previous day’s meeting notes, and occasionally pastes in a chunk of a tender document to ask for a tighter version. Her firm has no AI policy. Her managing director thinks the team “isn’t really using AI yet.” Both things are true at the same time, and the gap between them is where almost every small business now sits.

Deloitte’s 2024 UK research found that 75% of office workers used generative AI tools at least once a month. The Chartered Management Institute and other UK trade research has put the figure on employer policies at around 28% in the same period. Whatever the exact number, the pattern is consistent. Staff have adopted AI privately, faster than employers have written rules for it. Microsoft’s 2024 Work Trend Index found that 78% of frequent AI users had introduced AI into their workflow themselves, not via IT or management. If you’re an owner-operator wondering how to get your non-technical team using AI, the honest first step is to assume they already are, and design from there.

Why won’t staff use AI just because you buy a licence?

Buying licences is the easy part, building the habit is the hard part. PwC’s 2024 UK CEO survey found 69% of CEOs named lack of skills as the biggest barrier to AI adoption, ahead of technology cost. Workday’s UK research on worker-positive AI argues that the rollouts that stick are framed as workforce projects with role-specific training and templates, not technology purchases. Without that, you’ll have paid for software nobody opens after week two.

The other thing that holds staff back is fear of getting it wrong. Without a clear policy, every member of the team is privately calculating whether pasting a client email into a public tool will get them in trouble. Many resolve that uncertainty by either using AI in secret or not using it at all, and neither outcome is what you want. A short written policy turns a private guessing game into a shared set of rules everyone can work to.

What does a workable AI policy look like for an SME?

A workable policy is two to four pages, written in plain English, signed by everyone, and reviewed annually. The Scottish AI Alliance publishes a small-business template covering scope, permitted uses, prohibited uses, roles, training and incident reporting. The UK Government’s AI Playbook condenses expectations into ten principles, including meaningful human control at the right stage and using the right tool for the job. You can adapt either of these in an afternoon.

Three rules belong in every SME policy regardless of sector. First, no customer personal data or confidential commercial data goes into any tool that hasn’t been approved in writing, in line with ICO guidance on generative AI. Second, every user is personally accountable for verifying AI outputs before they leave the building. Third, a named person, your AI Policy Owner, is the route for any question or incident. Experis recommends classifying use cases into low, medium and high risk tiers so the policy can be proportionate rather than blanket-restrictive.

Where should staff actually start using AI?

The fastest confidence comes from low-risk, high-volume tasks where a human always edits the output before it goes anywhere. The UK Government AI Playbook explicitly tells teams to prioritise these and warns against early use in sensitive decisions like hiring, credit or access to services. For a 5-to-50 person services firm, four use cases consistently land well: drafting routine emails, summarising meeting notes, producing first-draft marketing copy, and creating template documents from a brief.

Microsoft’s research on Copilot for Microsoft 365 reports users saving an average of 14 minutes per hour on certain content-creation tasks. A 2024 study of customer support agents using generative AI found a 14% increase in issues resolved per hour, with the biggest gains among less-experienced staff. Both numbers depend on staff treating AI as an assistant whose work they edit, not a replacement for their own judgement. Set that expectation explicitly during training and reinforce it every time a senior person reviews AI-assisted output.

When should you turn AI on inside the tools you already have?

Almost immediately, and before introducing any specialist AI tool. If your firm runs on Microsoft 365, Copilot lives inside Outlook, Word, Excel and Teams. If you’re on Google Workspace, Gemini for Workspace puts the same capability inside Gmail, Docs and Sheets. Staff don’t have to learn a new app or remember a new password. The AI shows up where they already work, which is what makes everyday adoption stick.

Experis specifically advises deploying enterprise AI inside your existing security perimeter rather than leaving staff on public tools. The reason is simple. Public tools may store prompts and outputs, and the NCSC has been explicit that sensitive business or client data should not be entered into them without a risk assessment. An enterprise instance inside Microsoft 365 or Google Workspace handles that question by default.

Start with a pilot group of five to ten people across two or three roles. Give them the policy, a one-page prompt sheet for their job, and a 60-to-90 minute live session covering banned inputs, approved use cases, and the verify-before-sending rule. Run it for four weeks. Collect what worked, what didn’t, and any near-misses on the policy. Then widen access, role by role, with the prompt sheet adapted each time. This is slower than a firm-wide launch and far more likely to produce real adoption.

Who owns AI inside the business, and what do they actually do?

Two named roles cover what’s needed in a small firm. The AI Policy Owner is a senior person, often the managing director or operations director, who signs off the policy, owns the use-case register, and handles any incident. The AI Steward is a tech-comfortable staffer who answers day-to-day questions, maintains the prompt sheets, and triages new tool requests. Together they can run AI governance for a 5-to-50 person firm in a few hours a week.

The Scottish AI Playbook also recommends keeping a shared spreadsheet of approved use cases, classified by risk, with a column for what data is involved and what human checks apply. This sounds bureaucratic and isn’t. Once the first ten or fifteen use cases are in it, new requests slot in quickly, and the register becomes a living record of how the firm actually works with AI. Review it quarterly against any updates from the ICO, FCA if you’re regulated, and the EU AI Act if you serve EU customers.

If you’d like a peer view on where to start with your team, book a conversation.

Sources

- Scottish AI Alliance (2024). How to write an AI policy. Small-business AI policy template covering scope, roles, permitted uses, training and incident reporting. https://www.scottishaiplaybook.com/how-to-write-an-ai-policy - UK Government (2025). AI Playbook for the UK Government. Ten principles for AI adoption including human control and prioritising low-risk, high-volume use cases. https://www.gov.uk/government/publications/ai-playbook-for-the-uk-government - Government Digital Service (2025). Launching the AI Playbook for the UK Government. GDS framing on accessible explanations and role-specific examples for non-specialists. https://gds.blog.gov.uk/2025/02/10/launching-the-artificial-intelligence-playbook-for-the-uk-government/ - Information Commissioner's Office (2024). Guidance on AI and data protection. UK GDPR obligations when staff use generative AI on personal data. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/artificial-intelligence/guidance-on-ai-and-data-protection/ - National Cyber Security Centre (2024). Guidelines for using generative AI securely. Warnings on public-tool prompt storage and recommended access controls for SMEs. https://www.ncsc.gov.uk/blog-post/guidelines-for-using-generative-ai-securely - Microsoft (2024). Work Trend Index, Copilot early look. Finding that 78% of AI power users introduced AI into their workflow themselves, not via IT. https://www.microsoft.com/en-us/worklab/work-trend-index/copilot-early-look - Experis, ManpowerGroup (2026). The CTO's AI Playbook, Part 4. Practical guidance on acceptable-use policy and deploying enterprise AI inside the security perimeter. https://www.experis.co.uk/blog/2026/05/the-ctos-ai-playbook-part-4-your-employees-are-already-using-ai-do-you-know-what-theyre-doing-with-it - Financial Conduct Authority (2024). Regulating AI in financial services. Reminder that AI use does not change the regulatory perimeter for regulated firms. https://www.fca.org.uk/news/speeches/regulating-ai-financial-services - PwC UK (2024). UK CEO Survey: AI skills gap. Finding that 69% of UK CEOs see lack of skills as the key barrier to AI adoption. https://www.pwc.co.uk/press-room/press-releases/uk-ceo-survey-2024-ai-skills-gap.html - Bloomberg (2023). Samsung bans employees from using generative AI tools after data leakage. Cautionary case for SMEs writing policies on banned inputs. https://www.bloomberg.com/news/articles/2023-05-02/samsung-bans-employees-from-using-generative-ai-tools-like-chatgpt

Frequently asked questions

Do we need to write our own AI policy from scratch?

No. The Scottish AI Playbook publishes a small-business template that covers scope, permitted uses, prohibited uses, roles, training and incident reporting. The UK Government AI Playbook gives 10 principles you can borrow directly. Adapt one of these to your firm in an afternoon, keep it to two to four pages, and have everyone read and sign it. Long legal documents do not get read, short readable ones do.

Should we buy Copilot, Gemini, or roll our own?

If you're already on Microsoft 365 or Google Workspace, turn on Copilot or Gemini for Workspace for a pilot group first. Experis specifically recommends deploying enterprise AI inside your existing security perimeter rather than leaving staff on public tools. Only consider specialist tools once your team has built the habit of using AI inside the apps they already work in every day.

What's the single biggest mistake owner-operators make here?

Treating AI as a one-off purchase rather than a skills project. PwC's 2024 UK CEO survey found 69% of CEOs named skills as the bigger barrier than cost. If you buy licences and skip role-specific training, prompt sheets and a clear policy on banned inputs, uptake will be shallow and you'll have paid for software nobody uses confidently. Budget time for training, not just licence fees.

Written by Dr Dave Heath, AI consultant and business strategist.

This post is general information and education only, not legal, regulatory, financial, or other professional advice. Regulations evolve, fee benchmarks shift, and every situation is different, so please take qualified professional advice before acting on anything you read here. See the Terms of Use for the full position.

Ready to talk it through?

Book a free 30 minute conversation. No pitch, no pressure, just a useful chat about where AI fits in your business.

Book a conversation

Related reading

Business owner at a desk reviewing options on a laptop in a small office with natural light

How to choose the right AI setup for a 20-person business

Choosing between a lean SaaS AI stack and a custom build is the first real AI decision a 20-person owner-managed business faces, and the three questions that settle it.

A person reviewing data on a laptop at a workbench in a manufacturing workshop with machinery in the background

Choosing AI for small and mid-sized manufacturers: a decision guide

A practical guide for owner-managed manufacturers on choosing between off-the-shelf and bespoke AI, the key questions to ask, and what it costs to get the decision wrong.

Accountant reviewing documents at a desk with a laptop open and papers arranged nearby

Choosing AI for accountancy firms and practices

For UK accountancy practices choosing AI: which type fits your situation, what each one costs to get wrong, and what to ask any vendor before you sign.

If any of this sounds familiar, let's talk.

The next step is a conversation. No pitch, no pressure. Just an honest discussion about where you are and whether I can help.

Book a conversation
AboutBlogBusiness First AIFounder FreedomContactBook a conversation
Privacy PolicyTermsCookie Policy

© 2026 Larocca Consulting Ltd