1.5 KiB
1.5 KiB
Governance, Privacy, and Policy
You are here: AI Docs Home > Governance, Privacy, and Policy
Contents
- Allowed Data
- Handle With Care
- Forbidden Data
- Safe Prompt Examples
- Redaction Tips
- Compliance Expectations
- Ownership
- Next Steps
Allowed Data
- Public information or approved internal content.
- Code that is already in approved repos.
Handle With Care
- Customer data or identifiers.
- Security-sensitive configuration.
- Anything not explicitly approved by policy.
Forbidden Data
- Secrets, credentials, or personal data.
- Non-approved proprietary information.
Safe Prompt Examples
Example prompts:
Summarize this public API and propose tests.
Refactor this function without changing behavior.
Redaction Tips
- Remove secrets before pasting.
- Replace real identifiers with placeholders.
- Use minimal context required for the task.
Example Redaction
Example:
Before: User ID 928374 has email jane@company.com and token ABC123.
After: User ID <USER_ID> has email <EMAIL> and token <TOKEN>.
Compliance Expectations
- Follow org security policies and data handling rules.
- Use AI as assistance, not authority.
Ownership
If you are unsure about data classification, escalate before using AI.
Example Question
Example prompt:
Is it ok to share this log snippet with user IDs in Copilot?
Next Steps
- For day-to-day workflows, read Cross-Platform AI Usage.
- For cost guidance, read Usage and Token Budgeting.