Risk
Sensitive Data Disclosure
Sensitive business, personal, regulated, or secret data moves through prompts, outputs, logs, retrieval, or connected tools.
data protection privacy governance
Exposure
Sensitive Data Disclosure occurs when an AI workflow reveals information to an unintended user, model provider, log store, connected tool, downstream system, or generated output.
The exposure surface includes prompt text, uploaded files, retrieval context, embeddings, chat history, tool arguments, output exports, and monitoring logs.
Signals
- Users paste customer records, credentials, source code, contracts, or internal plans into tools without classification.
- Logs contain prompts and outputs but lack retention, access control, or redaction rules.
- AI features summarize records for users who would not normally see the source data.
- Tool connectors inherit broad access from the user or service account.
Failure pattern
Data classification is performed after AI use, or not at all. The workflow treats context as fuel rather than as governed information with origin, sensitivity, purpose, retention, and access limits.
Related controls
- Define allowed data classes before AI use.
- Use enterprise accounts with clear retention and privacy settings.
- Redact secrets and unnecessary personal data.
- Review retrieval permissions and connector scopes.
- Protect prompt, output, and tool-call logs as sensitive records.