AboutBlogBusiness First AIFounder FreedomBook a conversation

The never-paste-this list every small business should write before scaling AI use

May 11, 2026
An owner at her kitchen table on a Saturday morning, writing on a printed A4 sheet with a black pen, a closed laptop pushed to one side and a mug of coffee within reach
TL;DR

A never-paste-this list is a one-page written document naming the categories of information nobody on the team should paste into a general AI tool, ever. Ninety minutes to draft. Five universal categories: customer personal data, client-confidential strategy, pre-publication financial figures, employee personal information, login credentials. Sector-specific categories sit underneath. Put it in the handbook, the onboarding pack, and pinned where the team works. Review it quarterly.

Key takeaways

- The highest-yield AI governance artefact for a 5 to 50 person firm is a one-page written list of categories nobody on the team should paste into a general AI tool, ever. Specific, named, signed off. Ninety minutes to draft. - Five categories belong on every SME version regardless of sector: customer personal data, client-confidential strategy, financial figures pre-publication, employee personal information including HR records and diversity data, and login credentials of any kind. - Written specific lists outperform verbal guidance because they reduce cognitive load at the moment of decision, create accountability, support ICO accountability demonstration, and survive staff turnover. - Placement matters as much as content. The list belongs in the employee handbook, the onboarding pack, pinned in Slack or the intranet, and ideally as a DLP browser pop-up at the moment of risk. - The list grows quarterly. New tools, new use cases, and new regulatory updates each add a category or a clarification, and the audit trail of those reviews is itself the accountability evidence.

The owner of a twelve-person firm pulled me aside at the end of a workshop last month with a question she had been carrying. Her team had quietly gone from three people using ChatGPT once a week to a dozen people using it daily, across sales drafts, recruitment notes, supplier emails, financial commentary, and the occasional bit of client work. Nobody had decided anything. There was no rule about what was OK to paste and what was not. She knew, in the way owners know, that something was probably going wrong somewhere in there. She did not know what to do about it on Monday morning.

The answer that worked for her firm is the same one that works for many owner-led businesses at this scale. Not a policy document. Not an enterprise governance framework. A one-page written list of categories of information that nobody on the team should paste into a general AI tool, ever. Specific, named, signed off, ninety minutes to draft, pinned where the team actually works. It is the highest-yield AI governance artefact a small business can produce, and a lot of them have not produced one.

What is a never-paste-this list?

A never-paste-this list is a one-page written document naming the categories of information that nobody on the team is allowed to enter into a general AI tool, ever. Specific named categories, not abstract principles. Customer personal data. Client-confidential strategy. Financial figures before publication. Employee HR records. Login credentials of any kind. Each category sits with a one-line reason and a worked example of the safe alternative.

The list lives in the employee handbook, the onboarding pack, and somewhere the team sees it at the moment they are about to use an AI tool. It is signed off by the owner or a named senior person, reviewed quarterly, and grown as new tools and use cases appear. The discipline is in the specificity. “Don’t paste confidential stuff” is not a list. “Customer first and last names, customer email addresses, customer dates of birth, customer reference numbers” is.

Why does it matter for your business?

It matters because the alternative is what many SMEs have now: staff making case-by-case judgements under time pressure, with no shared reference to fall back on. Cyberhaven’s 2026 AI Adoption and Risk Report, based on real data flows across 222 companies, found that 39.7% of AI interactions involve sensitive data, and more than half of all Claude usage happens through personal accounts that bypass company controls and central logging.

The Samsung incident in April 2023 is the headline version of where this leads. Three separate exposures of confidential semiconductor code within twenty days of allowing staff ChatGPT use, with no written guidance on what could be pasted. The everyday SME version is quieter and more frequent. A customer email gets pasted to draft a reply. A draft contract gets pasted to summarise the terms. None of it shows up in any log the firm can see.

The other reason it matters is the accountability principle. UK GDPR Article 5(2) requires that you be able to demonstrate compliance, and the ICO is explicit that accountability is not a box-ticking exercise. If the regulator asks what measures you had in place to prevent customer data being pasted into a third-party AI tool, “we told the team verbally” is not a defensible answer. A written, signed, dated list is.

What belongs on the list?

Five categories belong on every SME version regardless of sector. Customer personal data, meaning names, email addresses, phone numbers, addresses, dates of birth, payment information, and reference numbers linked to a named individual. Client-confidential strategy, meaning contracts, pricing, supplier negotiations, M&A activity, and anything you are contractually required to keep confidential. Financial figures before publication, meaning revenue forecasts, management accounts, payroll figures, banking details, supplier payment terms, and investment round details.

The fourth is employee personal information, anything that ties a named employee to performance, disciplinary, health, or diversity data. The fifth is login credentials of any kind, including passwords, API keys, authentication tokens, security question answers, and MFA codes. For each category, the written list carries a one-line reason and a worked example of the safe alternative. Customer personal data is the commonest attack vector for identity theft, so the alternative is to anonymise before pasting, “Customer A asked about feature X” rather than the named version with email and date of birth attached. Login credentials never go near an AI tool because an API key in a chat log is functionally a published key.

Underneath the five universal categories sits the sector-specific section. If you hold NHS patient data, the DSP Toolkit applies and patient information must never be pasted into public AI tools. If you serve FCA-regulated clients, FCA-classified information has redistribution rules of its own. If you are a law firm, pasting privileged client communications into a public AI platform waives privilege and may breach your professional conduct rules. The four-tier data classification model is the conceptual underpinning, and the data-flow piece covers what actually happens when the paste button gets pressed.

Where do you put the list so people actually see it?

You put it in three or four places, and at least one of them has to interrupt the moment of risk. The employee handbook is the official home, a numbered section under data protection and AI tool use, acknowledged by new hires during onboarding. The onboarding pack carries a one-page summary, read before day one. The team-facing version is a pinned Slack post or a wiki page in Notion with version history.

The placement that does the heavy lifting is the moment-of-risk interrupt. If you deploy a basic Data Loss Prevention tool such as Microsoft Purview, you can configure a browser pop-up that fires when staff visit known public AI tools. The pop-up reminds them of the list and asks them to acknowledge before continuing. That single piece of friction at the moment of decision changes behaviour more than any number of training videos, because it lands in the second when the paste is about to happen rather than three weeks earlier in a meeting room. For a firm that cannot deploy DLP yet, a laminated card next to each desk and a fortnightly calendar reminder in the team meeting carries some of the same work.

What changes when the list grows over time?

The list grows because the tools the firm uses change, the use cases evolve, and the regulatory landscape moves. A quarterly thirty-minute review is the proportionate cadence for a 5 to 50 person firm. Three questions in that meeting: what new AI tools came into the firm, what near-misses have we noticed, and what regulatory or sector updates change anything in the existing list. Write down the answers and date the update.

A worked picture across four quarters. The Q1 list has the five universal categories and one sector addition. In Q2, someone asks whether ChatGPT can draft a prospect proposal that includes the prospect’s name, you clarify that prospect contact details count as customer personal data, and the list gets a worked example. In Q3, the firm adopts a new code-completion tool whose vendor cannot provide a Data Processing Agreement, so you add a category for source code and a rule about checking DPA availability before any new tool. In Q4, the operations lead wants to analyse recruitment patterns with AI, so you tighten the employee personal information section with explicit guidance on workforce demographic data. By Q1 the following year the list has grown from five categories to seven, and the firm has four documented quarterly reviews evidencing ongoing accountability.

This post sits inside a wider AI risk and governance cluster for SMEs. For the conceptual underpinning, read the four-tier data classification model. For why blanket bans on AI tools fail, see why default-ban on AI tools backfires. For the minimum policy the never-paste list operationalises, see the minimum viable AI policy for a small business. The never-paste list is the operational sharp end of governance at SME scale, cheap to produce, fast to circulate, and visible at the moment it has to work.

If your firm is where my workshop participant was, with AI use spreading faster than the rules to govern it, and you want to talk through what the proportionate version looks like for your firm, book a conversation.

Sources

- Information Commissioner's Office (2024). Guide to accountability and governance, the UK regulator's reference on Article 5(2) accountability and what evidence demonstrates compliance. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/accountability-and-governance/guide-to-accountability-and-governance/ - Information Commissioner's Office (2024). Guidance on AI and data protection, the UK regulator's reference for organisations using third-party AI tools on personal data. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/artificial-intelligence/guidance-on-ai-and-data-protection/ - Cyberhaven (2026). 2026 AI adoption and risk report, real-world data flow analysis across 222 companies showing 39.7% of AI interactions involve sensitive data and 58 to 60% of usage happens through personal accounts. https://www.cyberhaven.com/resources/report/ai-adoption-risk-report-2026 - National Cyber Security Centre. Cyber Essentials overview, the UK government's recommended minimum cyber standard with user access control as a core technical control for SMEs. https://www.ncsc.gov.uk/cyberessentials/overview - National Cyber Security Centre (2024). Guidelines for secure AI system development, the UK reference on embedding security into AI projects from inception through culture, process and communication. https://www.ncsc.gov.uk/collection/guidelines-secure-ai-system-development/introduction - Authentech (2024). The 2023 Samsung ChatGPT incident, explained for security teams, the documented account of three separate confidential data exposure incidents within twenty days of allowing employee ChatGPT use. https://authentech.ai/shadow-ai/samsung-chatgpt-incident/ - IP Watchdog (2026). Navigating recent developments in generative AI and trade secret protection, recent case law on loss of trade secret protection when confidential material is shared with public AI platforms. https://ipwatchdog.com/2026/04/05/navigating-recent-developments-in-generative-ai-and-trade-secret-protection/ - IBM (2025). Cost of a data breach report 2025, the global average breach cost and the finding that ungoverned AI systems are more likely to be breached and more costly when they are. https://www.ibm.com/reports/data-breach - Information Commissioner's Office. 72 hours: how to respond to a personal data breach, the SME-facing reference on breach notification obligation under UK GDPR. https://ico.org.uk/for-organisations/advice-for-small-organisations/personal-data-breaches/72-hours-how-to-respond-to-a-personal-data-breach/ - Nightfall AI (2025). Does ChatGPT store your data in 2025, current account of free, Plus, Team and Enterprise data retention defaults and the GDPR implications for each tier. https://www.nightfall.ai/blog/does-chatgpt-store-your-data-in-2025

Frequently asked questions

How long does it actually take to draft this list?

Ninety minutes for the first version is realistic for an owner-led firm. Thirty minutes to write the five universal categories using the worked examples in this post, thirty minutes to add the sector-specific section that applies to your work, thirty minutes to circulate to one or two senior people and incorporate their edits. The quarterly review is a half-hour meeting. Total annual time investment is closer to four hours than forty.

Why a written list rather than just training the team verbally?

Verbal guidance does not survive the moment of decision. Staff working under time pressure make case-by-case judgements that often miss the point. Cyberhaven's 2026 report found 39.7% of AI interactions involve sensitive data, with most of that activity invisible to the firm. A written list reduces cognitive load at the point of use, creates a reference for new starters, and gives the firm something to point to when the ICO asks what measures were in place. Verbal guidance does none of these things.

Does the list need legal sign-off before the team sees it?

For a 5 to 50 person firm, no. The list is operational guidance, not a contract or a customer-facing policy. It draws on existing legal obligations the firm already has under UK GDPR and any sector regulator, and it tells the team how to behave in light of them. Get a competent owner or operations lead to draft it, get one senior person to sign it off, and circulate. If you operate in a heavily regulated sector or hold a Data Protection Officer role, run it past your DPO. Otherwise, ship it.

Written by Dr Dave Heath, AI consultant and business strategist.

This post is general information and education only, not legal, regulatory, financial, or other professional advice. Regulations evolve, fee benchmarks shift, and every situation is different, so please take qualified professional advice before acting on anything you read here. See the Terms of Use for the full position.

Ready to talk it through?

Book a free 30 minute conversation. No pitch, no pressure, just a useful chat about where AI fits in your business.

Book a conversation

Related reading

An owner at her desk with two printed documents in front of her, a tools register and a policy, a pen resting on the page and a mug of tea nearby

The audit trail an SME actually needs, and the one it does not

Enterprise content tells SMEs to log every AI prompt and response. The proportionate audit trail for a 12-person firm is two pages of standing documentation plus a short per-incident note.

A founder and an operations lead at a meeting table with a printed two-page draft between them, two coffee mugs and a notebook, mid-conversation

Your minimum viable AI policy as a small business

Many published AI policy templates are sized for HR and legal teams. The version that fits a 5 to 50 person firm is two pages, plain language, five sections, drafted in ninety minutes. Shorter than expected, longer than the typical SME currently has written down.

A woman at her office desk in late afternoon writing in a notebook with four hand-drawn columns labelled UK, EU, US, Canada, a closed laptop and a half-drunk mug of tea to one side

Serving customers across borders, the multi-jurisdiction AI compliance picture for SMEs

Owners running across UK, EU, US and Canadian customers are managing four overlapping AI rulebooks at once, often without realising it. Here is the proportionate response, with the cases where it does not work.

If any of this sounds familiar, let's talk.

The next step is a conversation. No pitch, no pressure. Just an honest discussion about where you are and whether I can help.

Book a conversation
AboutBlogBusiness First AIFounder FreedomContactBook a conversation
Privacy PolicyTermsCookie Policy

© 2026 Larocca Consulting Ltd