A Workplace AI Field Guide

Industry playbooks

"May violate privilege under Rule 1.6" beats "seems risky." In regulated fields, the strongest objection cites the specific rule. These playbooks supply the rules and the questions to put in your memo.

Law Healthcare Financial services Education Last reviewed: June 2026

Each playbook names the governing framework, the rules a memo can cite, the questions whose answers determine whether use is permissible, and the single strongest argument for that field. These summaries are a starting point for the conversation, not legal advice; the move they set up is asking your organization's counsel or compliance function the right questions, in writing, before rollout. A documented unanswered question is itself a powerful exhibit.

Legal practice

Law is the field where the case is most developed, because the profession has both binding ethics rules and a public record of AI failures. The national framework is ABA Formal Opinion 512 (July 2024), the first formal ethics guidance on generative AI, which maps existing Model Rules of Professional Conduct onto AI use rather than creating new ones. Its core message: AI doesn't change a lawyer's obligations, and those obligations attach to everyone whose work flows into a filing — including the work of paralegals and legal assistants under the supervision rules.

Model Rule 1.1 — CompetenceLawyers must understand the capabilities and limitations of any AI tool they use, and update that understanding as tools change. Uncritical reliance on output is itself a competence failure.
Model Rule 1.6 — ConfidentialityProtects all information relating to a representation, regardless of source. Putting client information into a tool whose vendor may retain, log, or train on inputs raises a disclosure problem unless informed consent or adequate safeguards exist. This is frequently the dispositive rule.
Model Rules 3.1 / 3.3 — Candor toward the tribunalThe rules behind the sanctions wave. Fabricated citations filed with a court are treated as the signing lawyer's misrepresentation, however they were generated.
Model Rules 5.1 / 5.3 — SupervisionFirms must supervise both lawyers and nonlawyer staff in their AI use, and evaluate the confidentiality and security practices of third-party AI vendors. Smith v. Farwell shows a supervisor sanctioned for AI use he didn't know about.
Fees and client communication (Rules 1.4, 1.5)Opinion 512 also addresses when clients should be told AI is being used and how AI efficiency interacts with reasonable billing.

Beyond the Model Rules, many states have issued their own AI ethics guidance, and a number of individual judges have standing orders imposing AI disclosure or verification requirements on filings, so local rules need checking matter by matter. Questions for the memo: Which tasks involving client information would the tool touch, and does the vendor agreement prohibit training on inputs and provide for confidentiality? Has anyone checked the standing orders of the judges before whom we appear? Who is the verifying attorney of record for AI-assisted work product, and is that verification time being scheduled and billed honestly? What is our written policy if a hallucinated citation reaches a filing?

The strongest single argument: sanctions for AI-fabricated material are now routine and increasing, they attach to the signing attorney regardless of who used the tool, and the cost of one incident — monetary sanctions, removal from a case, bar referral, and the client conversation that follows — dwarfs the drafting time saved. See the incidents library for citable cases.

For a fuller plain-language walkthrough of Opinion 512 written for small firms, see ABA Opinion 512 in Plain English for Small Firms.

Sources: ABA announcement of Formal Opinion 512 · NCBE Bar Examiner analysis

Healthcare

In healthcare the confidentiality argument is not about best practice; it's federal law. Under HIPAA, protected health information (PHI) — anything that could identify a patient combined with health, treatment, or payment information — may not be disclosed to a third-party service that handles it on the organization's behalf unless that vendor has signed a business associate agreement (BAA) accepting HIPAA obligations. A clinician or staff member pasting patient notes into a consumer AI tool with no BAA is making an impermissible disclosure, regardless of intent, and breach notification duties and civil penalties can follow. Consumer-tier AI products generally do not come with BAAs; some enterprise offerings do, which is exactly the distinction a memo should force into the open.

The BAA questionIs there a signed business associate agreement with the AI vendor covering this specific product and tier? If the answer is no or unknown, no workflow touching PHI should proceed.
Minimum necessaryHIPAA's minimum-necessary principle cuts against bulk workflows that feed entire records into a tool when a narrow excerpt would do.
Clinical accuracy and documentationAI scribes and summarizers introduce a new error channel into the medical record. Who reviews and signs each AI-assisted note, and how are discrepancies between what was said and what was documented caught? Errors in records propagate into treatment decisions, coding, and litigation.
State law and consentSeveral states layer stricter medical privacy, recording-consent, or AI-specific rules on top of HIPAA; ambient scribes that record visits raise consent questions independent of HIPAA.

Questions for the memo: Which tools in use or proposed touch PHI, and which have BAAs? Has compliance inventoried "shadow" AI use by staff, given how quickly that appeared at other organizations? For documentation tools, what is the review-and-signature workflow, and is the time it takes counted in the efficiency projections? What happens to recordings and transcripts — retention, location, deletion?

The strongest single argument: a single staff member pasting PHI into a non-BAA tool creates a reportable compliance event, and the Samsung incident shows three such leaks occurred within twenty days at a sophisticated company the moment access was allowed. In healthcare the equivalent leak is not source code; it's patient data with federal penalties attached.

Sources: HHS: Business Associates guidance · HHS: Minimum Necessary requirement

Financial services

Regulators have been explicit that no new rulebook is coming to the rescue: the existing one already applies. FINRA's Regulatory Notice 24-09 reminds member firms that all existing obligations — supervision, communications with the public, recordkeeping, fair dealing — apply when firms use generative AI, just as with any other technology, and FINRA's 2026 annual regulatory oversight report devotes a dedicated section to generative AI governance, testing, vendor oversight, and accurate AI-related disclosures. On the SEC side, the first "AI washing" enforcement actions (Delphia and Global Predictions, $400,000 in combined penalties) established that overstating AI capabilities in marketing is itself a violation of the Advisers Act and Marketing Rule.

Supervision & WSPsIf AI is used in any supervised function, written supervisory procedures must account for it: testing, monitoring of outputs, and human oversight. "We adopted a tool" without updated WSPs is an examination finding waiting to happen.
Communications (FINRA Rule 2210)Client communications must be fair, balanced, and not misleading — including AI-drafted emails, summaries, and marketing. An AI-generated misstatement to a client is the firm's misstatement.
Recordkeeping & data safeguards (Reg S-P)Customer records and information require written safeguards; feeding client data to an unvetted external tool implicates those safeguards directly, and AI interactions about client business may themselves be records.
Marketing claimsAfter the AI-washing actions, every "AI-powered" claim in client-facing material needs to be literally true and substantiated.

Questions for the memo: Has compliance reviewed this tool against our WSPs, and were the WSPs updated? Does the vendor agreement address data use, retention, and our regulators' access expectations? Are AI-assisted client communications going through the same review channel as human-drafted ones? Who has verified that our marketing describes our AI use accurately?

The strongest single argument: regulators have said in writing that the absence of an AI-specific rule is not a shield, and they are already bringing enforcement actions. Adopting ahead of a compliance review doesn't avoid the regulatory cost; it defers it to examination time with interest.

Sources: FINRA GenAI guidance hub (incl. Notice 24-09) · SEC AI-washing press release

Education

In education the binding obligation is the Family Educational Rights and Privacy Act (FERPA), and its logic parallels HIPAA's: education records — personally identifiable information from a student's file — may not be disclosed without consent except under enumerated exceptions. The category is wider than the gradebook: grades and test scores, but also attendance, discipline, student work tied to a name, and the heightened-sensitivity records of special education, the IEPs and 504 plans that combine a child's identity with disability information. The exception that matters for AI is the school-official exception, and its conditions read like a checklist a consumer AI tool's terms of service will fail.

The school-official exception (34 C.F.R. § 99.31(a)(1))A school may share records with an outside party performing an institutional function only if that party is under the school's direct control with respect to the data, uses it solely for the disclosed purpose, and does not re-disclose it. A vendor that retains inputs or trains on them is not under the school's direct control, and training is almost certainly a use beyond the disclosed purpose.
The institution answers, not the teacherA teacher pasting an IEP excerpt into a free chatbot for rewording help is, with the best intentions, making a disclosure the institution has no exception for — and it is the institution that answers for it.
COPPA and the under-13 layerFor students under thirteen, COPPA adds a second federal layer, and many consumer tools' own terms prohibit under-13 use outright, which means no permission slip can cure the gap. A growing number of states add their own student-privacy statutes on top.
Custody is only as durable as the custodianThe 2024 collapse of AllHere — the venture-backed startup behind Los Angeles Unified's "Ed" chatbot, built under a roughly $6 million contract to draw on student grades, attendance, and schedules — left the nation's second-largest district shutting the tool off after paying about $3 million, while a whistleblower alleged student data had been mishandled (the district disputed this and opened its own inquiry). Whatever the investigations establish, the structural lesson stands on the undisputed facts: a school adopting an AI tool is selecting a custodian for children's records, and that custodian may not exist next semester.

Questions for the memo or its staff-meeting equivalent: Which AI tools, official and unofficial, currently touch student data — including the ones individual teachers adopted on their own? For each, is there a written agreement satisfying the school-official exception: direct control, purpose limitation, no training on student inputs, deletion at contract end? What happens to the data if the vendor fails or is sold? Are any tools being used with students under thirteen, and do the tools' own terms permit it? And who answers the parent who asks what was shared?

The strongest single argument: it is the district, not the well-meaning teacher, that is the regulated party, and a single pasted IEP excerpt is a disclosure FERPA gives the institution no exception for. Many districts already have an approved-tools list and vendor agreements; the rollout email just forgot to mention them. The memo's job is often simply to surface the safeguards that already exist before colleagues start pasting records with names in them.

Sources: Future of Privacy Forum: Vetting Generative AI Tools for Use in Schools · EdSurge on the AllHere collapse · The 74: whistleblower allegations

Other fields, briefly

The same structure works anywhere there's a binding obligation to point at. In journalism and publishing, the operative obligations are editorial standards and reader trust — the documented cases of outlets publishing error-ridden or undisclosed AI content show the reputational cost arriving fast and publicly. In government work, procurement rules, records laws, and the duty not to dispense incorrect official guidance (see the NYC MyCity entry in the incidents library) carry the argument. Whatever the field, the playbook is constant: find the written obligation, ask in writing whether the tool complies, and propose that rollout wait for the answer.

A necessary caveat

These playbooks summarize rules and guidance to help you ask better questions; they are not legal, medical, or compliance advice, and rules change and vary by jurisdiction. The whole point of the playbook approach is to route the question to your organization's counsel or compliance officer in writing — that step, not this page, is what protects you and the business.