A document slipped out, with no one meaning for it to
An employee receives a full contract from a partner, complete with company names, deal figures, and confidential terms. They open the personal AI account they use every day, paste the contract in, and type a request to summarize the risk points. A good answer comes back in thirty seconds, and the work genuinely moves faster. The question no one asked in that moment was where that data went, who could see it, and whether the kind of account they used actually protects the organization’s information.
This sort of thing happens quietly in organizations that still have no data policy for AI. The employee did not intend to do anything wrong, they just wanted to get the work done. The gap is that the organization never said what could be fed in and what was off limits. This guide draws the lines that executives and IT teams need to decide before they let their teams use AI, covering the Thai legal framework, the account differences that many people overlook, and a policy written down that actually works.
AI security in an organization starts with the line that defines which kinds of data may leave home and which may not, even before it reaches the tool itself. The most secure tool can still leak if no one knows where the line is.
First line: consumer accounts and organizational accounts are not the same
The most common misunderstanding is to assume that every kind of AI account handles data the same way. In reality there is a large difference between an account an employee signs up for themselves and an account at the organizational level, and this difference is the heart of the security question.
For organizational-level accounts, the major providers set clearly stricter data terms. OpenAI states that by default, data from business-tier accounts, covering ChatGPT Enterprise, Team, and use through the API, is not used to train or improve models. Anthropic likewise states that by default, data from commercial products such as Claude for Work and the API is not used to train models.
On the consumer-account side the story is different. Personal accounts often offer the option for data to be used to develop the system, and the terms can change with policies that are updated from time to time. A clear example is Anthropic adjusting its terms for general users in 2025 so that everyone has to choose for themselves whether their conversations are used to improve models. In practical terms, having employees feed organizational data into personal accounts carries a risk that differs from using an organizational account with clear data terms.
An easy rule to remember: if the work touches internal data or customer data, use an organizational-level account with configured data terms, not an employee’s personal account, even when the personal account is more convenient and cheaper.
Shadow AI: the risk that goes unseen because no one forbids it
When an organization has no policy, employees do not stop using AI. They keep using it with the personal accounts they already have. This phenomenon is called shadow AI, the use of AI tools outside the IT team’s view and without any control.
The danger of shadow AI lies in the organization losing sight of what data is flowing out. When confidential data is fed into accounts the organization does not manage, there is no log, no access control, and when that employee resigns, the account and its usage history go with them. Banning AI tends to push people to use it in secret even more than before. The more effective fix is to open a safe path to use it, together with a clear framework for what is allowed.
The Thai legal framework organizations must know: PDPA
Organizations in Thailand have an added legal reason to set a data policy for AI, namely the Personal Data Protection Act B.E. 2562 (2019), known as PDPA, which has been fully enforced since 1 June 2022 and is overseen by the PDPC.
The part that bears directly on AI use is that this law governs the collection, use, and disclosure of personal data. Feeding customers’ or employees’ personal data into a third party’s AI system counts as a form of processing and transfer of that data, which requires a legal basis and must stay within the scope that the data subject is aware of. Accidentally placing personal data into an AI tool without a framework therefore raises two risks at once, both confidentiality and legal compliance.
In practice an organization does not need to change everything because of PDPA, but it does need to fold AI use into the data protection policy it already has, specifying clearly which kinds of personal data may be fed into AI and under what conditions, and naming a responsible owner who can answer when compliance questions arise.
Setting a data policy that actually works: three pillars
A good policy is a short framework that employees can remember and follow. A thick document no one opens helps nothing. It can be built from three pillars.
First pillar, choose the right account structure. If several people use it and the work touches internal data, move to an organizational-level account instead of a collection of individual personal accounts, because an organizational account gives central account management, controls access, lets you close the accounts of employees who leave, and comes with stricter data terms. Investing in this part is the foundation of all the security that follows.
Second pillar, classify data into what may be fed in and what is off limits. Write it out clearly as a list employees can open and read right away. Data that must never be fed in is customers’ and employees’ personal data, national ID numbers, passwords, trade secrets, and contracts with confidential terms. Data that may be fed in is general work that does not identify individuals and is not confidential. A line drawn in advance helps employees decide correctly in the moment when work is urgent.
Third pillar, train people and review periodically. A policy is only worth something when people understand it. Hold short training so the team knows where the line is and why, and stress that AI can answer incorrectly and that binding work needs a human to check it. Then review the policy when tools or laws change, because both the capabilities of AI and the data terms of providers can shift quickly.
Update box: default data-use status (June 2026)
Providers’ data terms can change. The information below is confirmed as of June 2026 from each provider’s official pages. Before setting a policy, always open the official pages and check again.
Account type Model-training status of data (default) OpenAI organizational accounts (Enterprise, Team, API) Not used to train models Anthropic organizational accounts (Claude for Work, API) Not used to train models General consumer accounts Option for data to be used to develop the system, terms updated periodically, you must check the settings yourself The principle that does not change is that organizational accounts are designed for sensitive data while personal accounts are not, no matter how the numbers or plan names change.
⚠️ Cautions that are often overlooked
The default is not a permanent guarantee. The fact that organizational accounts do not use data to train models by default does not mean every setting is equally safe. The IT team must check the account’s actual settings and read the organizational-level contract terms before letting the team use it, rather than assuming from the default alone.
The risk does not end at model training. Even if data is not used to train, sending confidential data outside the organization still adds a point where data could leak. Classifying which data should never leave the organization at all is therefore more important than only watching whether the provider uses it to train.
A policy no one knows about is the same as no policy. A policy document stored on a drive that no one reads helps nothing. Security happens when frontline employees know the line and can follow it. Communication and training are therefore part of the policy, not an optional extra step.
Next steps
Start with what you can do this week, which is to write a short list of the kinds of data that must never be fed into AI, then communicate it to the team. After that, move on to account structure and folding it into the PDPA policy you already have. Having even one clear line is better than leaving everyone to guess.
- 👉 ChatGPT vs Gemini vs Claude: which one to choose see the differences between each provider’s organizational plans before you choose
- 👉 Using AI as a business advisor the angle of using AI for decision work in an organization
- 👉 Free AI vs paid: which to choose criteria for choosing a plan, including organizational-level plans
Last updated: 19 June 2026 · Type: Guide