AI Usage Policy

Compliance

Customise the [bracketed fields] before adopting as your firm’s policy.

1. Purpose

This policy sets out how team members at [Firm Name] may use artificial intelligence (AI) tools — including large language models (LLMs) such as Claude and ChatGPT — in their day-to-day work. It ensures AI is used responsibly, professionally, and in a way that protects our clients, tenants, and our firm.

2. Scope

This policy applies to all team members, contractors, and representatives of [Firm Name] who use AI tools in connection with their role.

3. Approved Tools

The following tools are approved for use under this policy:

[e.g. Claude by Anthropic — claude.ai]
[e.g. ChatGPT by OpenAI — chatgpt.com]
[Add or remove as appropriate]

Any other AI tool must be approved by [Manager/IT/Compliance] before use.

4. Acceptable Use

AI tools may be used for:

Drafting tenant and owner communications for human review before sending
Summarising documents, inspection reports, and meeting notes
Brainstorming strategies, retention approaches, and marketing ideas
Creating template notices, checklists, and procedure documents
Explaining legislation, lease clauses, and industry concepts

5. Prohibited Uses

AI tools must not be used to:

Send communications directly to tenants or owners without human review
Make final decisions on legal, financial, or compliance matters
Store or process sensitive personal data beyond what is necessary for the task
Generate content that could mislead clients or misrepresent the firm
Bypass mandatory approval or escalation processes

6. Data Handling

When using AI tools, team members must:

Avoid pasting full tenant names, addresses, and financial details where not required for the task
Use anonymised or placeholder data where possible (e.g. “Tenant A”, “Property X”)
Not upload confidential documents to AI tools without management approval
Be aware that information entered into AI tools may be used to improve those tools unless enterprise settings are configured to prevent this

Note: Check the data privacy settings of each approved tool. Claude and ChatGPT both offer options to disable training on your data. Enable these where available.

7. Human Review Requirements

The following AI outputs must always be reviewed by a human before use:

All communications sent to tenants, owners, or external parties
Any document containing legal language or compliance obligations
Financial summaries, reports, or analysis
Content referencing specific legislation or regulatory requirements

8. Mandatory Escalation Triggers

AI must not be the sole basis for decisions in the following situations — escalate to [Manager] before proceeding:

Tenant eviction or termination of tenancy
Disputes involving legal proceedings or tribunal
Any situation involving a vulnerable tenant
Compliance breaches or suspected fraud

9. Team Responsibilities

Role	Responsibility
All team members	Follow this policy; report concerns to their manager
[Manager role]	Approve new AI tools; review incidents; update approved tools list
[IT/Compliance role]	Ensure data privacy settings are configured correctly on all approved tools

10. Policy Review

This policy will be reviewed by [Manager] every [6/12] months, or sooner if a significant change in AI capability or regulation requires it. Last reviewed: [Date].

Legal disclaimer: This policy template is provided as a starting point. It does not constitute legal advice. [Firm Name] should seek independent legal review before adopting as a binding policy document.