Write a toolbox talk on what AI model are you
Safe and Responsible Use of AI Models in the Workplace
Date: 2026-07-07
Duration: [DURATION] minutes
Presenter: [PRESENTER NAME]
Location: [LOCATION]
Objective
To help employees use AI models safely, responsibly, and in compliance with company rules by protecting confidential information, respecting privacy, maintaining cybersecurity, applying human oversight, assessing risks before use, and reinforcing employee awareness and training.
Introduction
AI models can improve productivity, support decision-making, and help workers complete routine tasks faster, but they also introduce new safety, privacy, cybersecurity, and compliance risks. Like any new technology, AI should be introduced with a clear understanding of what can happen, under what circumstances, and what controls are needed to prevent harm. Workers should treat AI outputs as helpful assistance, not as a substitute for judgment, verification, or approved work procedures. A safe workplace depends on people recognizing hazards, communicating clearly, and taking corrective action when something does not look right.
Presenter Note: Open by explaining that AI is a workplace tool, not an authority. Emphasize that the goal is to use it to support safe work, not to replace human responsibility or company procedures.
Key Points
- 1. Use AI only for approved work purposes: AI tools should be used only for tasks that have been authorized by the employer and that fit the worker’s role. Employees should understand what the tool is intended to do, what data it may access, and what decisions it is not allowed to make. This prevents misuse, reduces the chance of unsafe shortcuts, and keeps AI use aligned with company expectations and legal requirements.
- Do not use personal AI accounts for company work unless specifically approved.
- Do not rely on AI to make final decisions for safety-critical tasks.
- Follow site rules for acceptable use, recordkeeping, and approval steps.
- 2. Protect confidential and sensitive information: AI systems may store, process, or transmit information outside the worker’s direct control. Employees must not enter confidential business information, customer data, personal information, trade secrets, or security-sensitive details unless the system has been approved for that purpose. Once information is entered into an AI tool, it may be difficult or impossible to fully retrieve or control.
- Treat prompts and uploaded files as potentially visible to the system provider or other authorized users.
- Use the minimum amount of information needed to complete the task.
- Remove names, account numbers, project details, and other identifiers whenever possible.
- 3. Verify AI output before acting on it: AI-generated content can be incomplete, outdated, biased, or simply wrong. Workers must review outputs for accuracy, relevance, and safety before using them in reports, instructions, emails, procedures, or decisions. Human oversight is essential, especially when the output affects safety, quality, compliance, or customer commitments.
- Check facts against trusted company sources, manuals, and procedures.
- Look for missing steps, unsafe recommendations, or unrealistic assumptions.
- Escalate uncertain or high-risk outputs to a supervisor or subject matter expert.
- 4. Maintain cybersecurity and prevent misuse: AI tools can create cybersecurity risks if workers click suspicious links, upload unsafe files, or use unapproved integrations. Employees should follow normal cyber hygiene practices, including strong passwords, multi-factor authentication where required, and careful review of attachments and links. AI should never be used to bypass security controls, access restricted systems, or generate deceptive content.
- Do not paste passwords, tokens, or access credentials into AI tools.
- Report suspicious prompts, outputs, or account behavior immediately.
- Use only company-approved devices, networks, and software when required.
- 5. Assess risk before using AI on a task: Before using AI, workers should consider the task, the data involved, the possible consequences of an error, and whether a human review step is needed. Higher-risk uses require stronger controls, more supervision, and clearer approval. This is especially important when AI is used for safety-related communication, technical guidance, customer-facing content, or decisions that could affect people, property, or compliance.
- Ask what could go wrong if the AI is wrong or incomplete.
- Consider whether the task involves regulated information or safety-critical decisions.
- Use a pre-use check: purpose, data sensitivity, output quality, and required review.
- 6. Build employee awareness through training and communication: Employees need regular training so they understand both the benefits and the limits of AI. Training should cover acceptable use, privacy, confidentiality, cybersecurity, reporting concerns, and how to challenge unsafe or inaccurate outputs. Supervisors should encourage questions, listen respectfully, and make sure workers know how to raise concerns without fear of blame.
- Include AI guidance in onboarding and refresher training.
- Use open questions to confirm understanding, not just yes/no questions.
- Share lessons learned from near misses, errors, or misuse events.
Hazard Identification
Common hazards associated with workplace AI use include information exposure, incorrect outputs, cyber incidents, and overreliance on automated suggestions. Recognizing these hazards early helps prevent harm before AI is used in a way that affects people, operations, or compliance.
- Entering confidential, personal, or proprietary information into an unapproved AI system: Loss of confidentiality, privacy violations, intellectual property exposure, contractual breaches, regulatory penalties, and damage to customer or employee trust. (Risk: High)
- Relying on inaccurate, incomplete, or biased AI output without human review: Unsafe decisions, incorrect instructions, quality defects, compliance failures, operational delays, and potential injury if the output affects safety-critical work. (Risk: High)
- Cybersecurity compromise through malicious prompts, unsafe links, or unapproved integrations: Account takeover, malware infection, data theft, unauthorized access to systems, business interruption, and financial loss. (Risk: High)
- Overdependence on AI that reduces worker attention, judgment, or situational awareness: Missed hazards, poor decision-making, reduced accountability, and increased likelihood of errors during routine or high-pressure tasks. (Risk: Medium)
- Using AI in regulated or safety-critical work without proper approval or controls: Noncompliance with company policy or legal requirements, flawed documentation, unsafe work practices, and increased liability. (Risk: High)
Presenter Note: Ask the group to name examples of AI use they have seen or heard about, then connect those examples to privacy, cybersecurity, and decision-making risks.
Control Measures
Apply the hierarchy of controls to AI use by eliminating unnecessary data sharing, substituting approved tools for unvetted ones, engineering access controls and logging into systems, establishing administrative rules and review steps, and using PPE only where the AI use is part of a broader physical task that requires it. For AI-related hazards, administrative controls such as approval processes, training, and human review are especially important because they reduce the chance that a bad output becomes a bad decision.
- Use only approved AI platforms and approved use cases: Maintain a list of authorized tools and permitted tasks. Require supervisor or IT approval before using AI for work that involves sensitive data, external communication, or safety-related decisions.
- Apply data minimization and confidentiality controls: Remove names, identifiers, customer details, and proprietary information before entering prompts. Share only the minimum information needed and follow company rules for classified or restricted data.
- Require human review before use or distribution: Have a qualified person verify AI-generated text, calculations, recommendations, and summaries before they are sent, filed, or used to guide work. Use a second review for high-risk content.
- Strengthen cybersecurity practices: Use strong authentication, approved devices, and secure networks. Do not click suspicious links, upload unknown files, or connect unapproved plugins or extensions to AI tools.
- Train workers on safe AI use and reporting expectations: Provide onboarding and refresher training on acceptable use, privacy, confidentiality, cyber hygiene, and escalation procedures. Encourage workers to report errors, near misses, and suspected misuse immediately.
- Perform task-specific risk assessments before deployment: Review the purpose, data sensitivity, potential failure modes, and consequences of error before using AI on a task. Document controls for higher-risk uses and update the assessment when the task changes.
Safe Work Procedures
- Confirm the AI tool is approved for the intended task and that you understand any restrictions on data use, storage, or sharing.
- Review the information you plan to enter and remove confidential, personal, or unnecessary details before submitting a prompt.
- Check the AI output for accuracy, completeness, and safety, and compare it with trusted company procedures or subject matter expertise.
- If the output affects safety, compliance, or customer commitments, obtain human review and approval before acting on it.
- Report suspicious behavior, incorrect outputs, privacy concerns, or cybersecurity issues to the appropriate supervisor or support function immediately.
Presenter Note: Walk the group through a simple example prompt and ask them to identify what information should be removed, what needs verification, and who should approve the final output.
Personal Protective Equipment (PPE) Requirements
- Eye Protection: Wear eye protection when the AI-related task involves physical work, equipment inspection, or any activity where debris, dust, or splashes may be present. PPE does not control digital risks, but it remains necessary when AI is used alongside field work or maintenance tasks.
- Select eye protection appropriate to the hazard.
- Keep lenses clean and replace damaged eyewear promptly.
- Hand Protection: Use gloves when handling devices, equipment, printed materials, or worksite materials that present cut, pinch, chemical, or contamination hazards. Gloves should match the task and should not interfere with safe device use or equipment operation.
- Choose gloves based on the physical hazard, not the AI task itself.
- Remove gloves when precise touchscreen use is required if that is the safer option.
- Hearing Protection: Use hearing protection when AI-supported work is performed in noisy environments such as shops, plants, or construction areas. Workers must still maintain awareness of alarms, radios, and verbal warnings while following site hearing conservation rules.
- Verify that hearing protection is required for the area.
- Do not let headphones or earbuds interfere with safety communication.
- Task-Appropriate PPE as Required by the Worksite: Follow the PPE requirements for the underlying job, not just the digital task. If AI is being used to support field operations, the worker must wear the PPE required for that operation, such as hard hats, high-visibility clothing, or respiratory protection when applicable.
- Match PPE to the hazard assessment for the job.
- Inspect PPE before use and replace damaged items immediately.
PPE is the last line of defense. It does not replace secure systems, careful data handling, or human review of AI output.
Real-World Example or Case Study
A supervisor asked an employee to draft a customer update using an AI tool. The employee pasted the full incident report, including customer names, internal notes, and a draft root-cause analysis that had not been approved. The AI produced a polished message, but it also introduced an inaccurate explanation of the event. Because the message was sent without review, the company had to correct the customer, investigate a confidentiality concern, and retrain staff on approved AI use. The lesson is clear: remove sensitive information, verify the output, and require approval before anything leaves the organization. [2] [1]
Presenter Note: Use this example to show how one convenience shortcut can create both privacy and quality problems at the same time.
Group Discussion
Discuss the following questions:
- What types of information should never be entered into an AI tool without approval?
- How do we verify that an AI-generated answer is accurate before we use it?
- What should you do if you think an AI output is unsafe, misleading, or confidential?
Presenter Note: Encourage workers to share practical examples from their own tasks. Reinforce that asking questions is a strength, not a weakness.
Emergency Procedures
- If confidential or sensitive information is accidentally entered into an AI tool, stop using the tool, notify your supervisor or privacy/security contact immediately, and follow the company incident reporting process.
- If an AI output creates an unsafe instruction, incorrect customer communication, or compliance concern, do not act on it until it has been reviewed and corrected by a qualified person.
- If a cybersecurity issue is suspected, disconnect from the affected system if instructed by company procedure, preserve evidence when possible, and report the incident promptly to IT or security personnel.
Questions and Answers
If you are unsure about any AI-related task, stop and ask. It is better to verify first than to correct a preventable mistake later.
- Q: Can AI replace human judgment on safety-critical tasks?
A: No. AI can support work, but a qualified person must review and approve safety-critical decisions, instructions, and communications before they are used.
- Q: What is the biggest privacy risk when using AI at work?
A: The biggest risk is entering confidential, personal, or proprietary information into a system that is not approved to store or process it.
- Q: Why do we need training if the AI tool seems easy to use?
A: Because safe use depends on understanding limits, risks, approval rules, and reporting steps. Easy-to-use tools can still create serious privacy, cybersecurity, and compliance problems if used incorrectly.
Summary
Recap of main points:
- Use only approved AI tools and approved use cases, and understand the limits of what the system is allowed to do.
- Protect confidential, personal, and proprietary information by minimizing what you enter and by following company privacy rules.
- Verify AI output with human review before using it in safety, compliance, or customer-facing work.
- Report concerns early, keep learning through training, and treat AI as a tool that supports—not replaces—worker judgment.
Action Items
Specific actions participants should take:
- Review your current AI use and confirm it matches company policy and approval requirements.
- Remove sensitive information from prompts and files before using any AI tool.
- Check every important AI output for accuracy, safety, and compliance before sharing or acting on it.
- Report suspected privacy, cybersecurity, or quality issues immediately and participate in refresher training.
Remember: Think before you prompt: protect data, verify output, and keep people in control.
Report all hazards, near-misses, and incidents to your supervisor immediately.
Safety powered by SALUS
Important Safety Note:
Always verify safety information with your organization's specific guidelines and local regulations.