Secure Prompting Cheat Sheet for Business Teams

The Safe Prompting Rules

Before diving into templates, every employee using AI tools (ChatGPT, Copilot, Gemini, Claude) should understand these ground rules:

Never Include in Prompts:

• Personal Identifiable Information (PII): Names, emails, phone numbers, SSNs, addresses
• Client/Customer Data: Account numbers, contracts, deal details, proprietary information
• Credentials: Passwords, API keys, access tokens, certificates
• Financial Data: Credit card numbers, bank accounts, salary information
• Health Information: Medical records, diagnoses, treatment plans

The “Before You Paste” Checklist

Before pasting any content into an AI tool, ask yourself:

• Would I be comfortable if this appeared in a news article?
• Does this contain any real names, emails, or phone numbers?
• Is this client/customer-specific information?
• Could this be used to access a system or account?

If the answer to any of these is “yes,” sanitize or anonymize the data first.

“When in doubt, leave it out. Use placeholders like [CLIENT NAME] or [EMPLOYEE EMAIL] instead of real data.”

Prompt Templates by Use Case

1. Document Summarization

Use this template when you need to summarize long documents, reports, or articles:

Summarize the following document in 3-5 bullet points. Focus on:
- Key findings or conclusions
- Action items or recommendations
- Important dates or deadlines

[PASTE DOCUMENT TEXT HERE - ensure no PII or client data]

2. Email Drafting

Generate professional email drafts without exposing sensitive details:

Write a professional email for the following situation:

Purpose: [e.g., "follow up on a proposal we sent last week"]
Tone: [e.g., "professional but friendly"]
Key points to include:
- [Point 1]
- [Point 2]
- [Point 3]

Do not include any placeholder names—I'll add those myself.

3. Meeting Notes to Action Items

Convert raw meeting notes into organized action items:

Convert these meeting notes into a structured format with:
1. Key decisions made
2. Action items (with owner placeholders like [PERSON A])
3. Open questions or follow-ups needed

Meeting notes:
[PASTE NOTES HERE - replace real names with generic placeholders]

4. SOP/Process Documentation

Create standard operating procedures from rough descriptions:

Create a step-by-step SOP document for the following process:

Process name: [e.g., "New Employee Onboarding - IT Setup"]
Audience: [e.g., "IT team members"]
Current rough steps:
[List the basic steps you currently follow]

Include: numbered steps, any warnings or notes, and a checklist version at the end.

5. Data Analysis/Interpretation

Get help analyzing data patterns without exposing the actual data:

I have a dataset with the following columns: [Column A, Column B, Column C]

I'm seeing this pattern: [Describe the pattern in general terms]

What are possible explanations for this pattern, and what additional analysis would you recommend?

Note: I'm not sharing the actual data, just describing patterns.

6. Proofreading and Editing

Get writing feedback without exposing confidential content:

Review this text for:
- Grammar and spelling errors
- Clarity and conciseness
- Professional tone

Suggest specific improvements. Keep the same meaning but make it more polished.

[PASTE TEXT HERE - ensure no confidential information]

Role-Specific Tips

Sales Teams

• Never paste actual client names, deal sizes, or contract terms
• Use industry descriptions instead of company names (“a mid-size manufacturing company”)
• Don’t include pricing or proposal specifics

HR Teams

• Never paste employee names, salaries, or performance data
• Use generic roles (“the marketing manager”) instead of names
• Don’t include termination details or disciplinary information

IT/Support Teams

• Never paste credentials, API keys, or system configurations
• Redact IP addresses and hostnames from logs
• Don’t include security vulnerability details

Finance Teams

• Never paste actual financial figures or account numbers
• Use percentages or ranges instead of exact numbers
• Don’t include vendor payment details

Key Takeaways

• Never include PII, credentials, or client-specific data in prompts
• Use placeholders like [CLIENT NAME] instead of real data
• Apply the “would I be comfortable if this were public?” test
• Use the templates above as starting points for common tasks
• When in doubt, describe the pattern rather than pasting the data

Conclusion

AI tools can dramatically boost productivity—if used safely. The templates and rules above give your team a practical framework for getting value from AI while protecting sensitive information. Print this out, share it with your team, and make secure prompting the default.