One of the biggest challenges companies face with AI adoption is ambiguity. Employees want to use ChatGPT but are unsure what is allowed. Without clear guidelines, the result is either shadow AI use (employees using tools without permission) or AI avoidance (employees not using tools out of fear).
This guide provides a clear framework for categorising ChatGPT use cases.
Use freely without additional approval. These tasks involve no sensitive data and produce outputs that are reviewed before sharing.
Permitted with specific safeguards. Requires data anonymisation, manager awareness, or additional review steps.
Never permitted, regardless of circumstances. These use cases involve unacceptable data, legal, or ethical risks.
| Use Case | Department | Notes |
|---|---|---|
| Draft emails | All | Review before sending |
| Summarise public documents | All | Verify key facts |
| Brainstorm ideas | All | No restrictions |
| Proofread and edit writing | All | Check suggestions are appropriate |
| Create meeting agendas | All | No sensitive content required |
| Research public information | All | Verify with primary sources |
| Draft social media posts | Marketing | Review for brand consistency |
| Generate blog outlines | Marketing | Edit and add original insights |
| Create training quiz questions | L&D | Review for accuracy |
| Write job descriptions | HR | Use standard role info only |
| Draft SOP templates | Operations | Use process info, not data |
| Explain concepts/calculations | Finance | No confidential figures |
| Create presentation outlines | All | Add real data manually |
| Language translation | All | Review for accuracy and tone |
| Use Case | Safeguard Required | Who Approves |
|---|---|---|
| Analyse survey results | Anonymise all responses first | Manager |
| Draft HR policies | No employee-specific info | HR Head |
| Create proposal templates | Remove pricing/confidential terms | Sales Manager |
| Summarise meeting notes | Remove sensitive discussions | Attendees' approval |
| Generate performance review drafts | Use competency frameworks, not names | HR + Manager |
| Draft customer communications | No account details or PII | Team Lead |
| Create vendor evaluation templates | Remove vendor names if confidential | Procurement |
| Analyse operational data | Aggregate and anonymise | Operations Head |
| Draft board paper structure | Illustrative figures only | CFO/CEO |
| Create training case studies | Based on public examples only | L&D Manager |
| Use Case | Why Prohibited |
|---|---|
| Input customer PII (names, IC, addresses) | PDPA violation risk |
| Input employee salary or personal data | Privacy and employment law risk |
| Paste proprietary source code | IP and trade secret risk |
| Input financial statements before public release | Insider information risk |
| Use AI for hiring/firing decisions | Bias and discrimination risk |
| Generate legal or medical advice | Professional liability risk |
| Input audit findings or investigation details | Confidentiality breach |
| Create deepfakes or impersonate others | Ethical and legal violation |
| Bypass company security controls | Security policy violation |
| Use personal AI accounts for work | Data governance violation |
When an employee encounters a use case not clearly covered:
Approved uses include: drafting emails, summarising public documents, brainstorming, proofreading, creating presentations, and research. Conditional uses (requiring anonymisation or approval) include: survey analysis, policy drafts, and customer communication templates. Prohibited uses include: inputting PII, financial data, or source code.
Prohibited uses include: inputting customer personal data, employee salary information, proprietary source code, pre-release financial data, or audit findings. Using AI for hiring decisions, generating legal/medical advice, or bypassing security controls is also prohibited.
Best practices: (1) create a one-page quick reference card, (2) include in mandatory AI training, (3) post in team communication channels, (4) update quarterly, and (5) share positive examples of approved AI use. Clear, accessible guidelines reduce shadow AI use and increase responsible adoption.
