AI at work – why every business needs guardrails

We spoke to Dr. Anna McLaughlin, of Sci-Translate, a neuroscientist who specialises in helping companies navigate AI and who has deep experience in health-tech and life sciences, two sectors where data integrity, compliance and ethical use of technology are critical, about the use of and need for AI policies .

Here’s what she told us:

Why do you need an AI policy?

The evolution of AI has outpaced many businesses’ ability to govern it. In your organisation, do you know:

who is using AI (which teams, which roles?),
all the tasks they are using AI for (e.g. minute taking, writing letters, drafting contracts, analysing data, recruitment?)
how they are using it (as an occasional cross check, for research only or regularly to generate work?),
what AI tools they are using and are they closed or open source (ChatGPT, GitHub, Copilot?); and
the features and terms of use of all the AI tools being employed in your business?

Innovation and experimentation may be particularly prized in start-ups and fast growth businesses, so AI’s potential for quick results and efficiencies are understandably attractive.

A lack of full understanding and oversight matters because:

Bias and fairness:

AI models can reflect or amplify hidden biases. Left unchallenged, this can creep into recruitment decisions, marketing materials, or data analysis.

Compliance and confidentiality:

Putting client or personal data into public AI systems can lead to security breaches and breaches of legal obligations including GDPR (e.g. does your privacy notice reflect how you are using AI to manage personal data?).

Reputation and trust:

Misuse of AI can lead to inaccurate outputs, IP disputes, or brand-damaging mistakes.

Governance and control:

Without clear rules, staff won’t know what’s acceptable – and leaders won’t know what risks they’re carrying.

A clear AI policy sets the tone for responsible innovation. It empowers staff to use AI confidently and productively, while ensuring the business protects itself against misuse. Think of it as part risk management, part culture-setting: giving employees a green light to explore AI’s potential, but with guardrails that keep your company safe.

It’s easy to overlook the risks, until it’s too late – privacy breaches, compliance failures, data leakage, misuse by staff and reputational damage are all risks inherent in the use of AI in your business. See our recent blog: Have you checked how your team is using AI and why you should care

But having an AI policy can help you mitigate these risks.

Where do I start with my policy?

LegalEdge lawyer Jo Osborne shares some practical guidance on creating a realistic AI policy for businesses starting their AI risk management journey:

1. Define what “AI use” means for your business:

Everyone throws the term around, so be specific. Are you talking about tools that generate text, analyse data, automate workflows, or free online resources like ChatGPT – or all of the above? Spell it out in your policy so there’s no confusion.

2. Map current use:

Start by finding out what’s actually happening. Create a simple table showing information such as: Tool, Business owner, Purpose, Users, Software integration, Input/output types and Legal terms location. This should give you a picture and identify operational risks. As a bonus, it’s also your first step in better understanding your AI operational risk.

3. Set some ground rules:

This is where your policy really earns its keep. List approved tools, prohibited ones, usage guidelines and approval processes. Give approvers a risk-benefit checklist. Keep it concise and practical; people only follow policies they can understand.

4. Cover the key legal and practical points:

Build these into your policy and the approval checklist, so accountability belongs to everyone:

✔Data and privacy: No confidential, personal data in public AI tools.

✔Intellectual property: Monitor input risks (your IP assets) and third-party content in outputs.

✔Transparency: Set disclosure expectations for clients/colleagues.

✔Human oversight: Require human review for accuracy and fairness.

✔Accountability: Assign owners for each tool’s updates and usage.

5. Share and train:

Don’t just park your shiny new AI policy on the intranet. Bring it to life. Walk teams through it, explain why it matters and make it easy for people to ask questions. Aim is for confident risk management, not compliance theatre.

Act sooner rather than later

Putting in place an AI policy will help your business to:

Decide where you do and do not want to use AI.
Define acceptable use of AI tools.
Set out your expectations for how staff should use AI.
Help manage the risks of AI identified.

Early adoption of an AI policy sets the tone for responsible innovation – don’t wait for a security breach or a PR incident – you can always start simply and expand your policy as your business scales.

Can we help you?

We can help you draft your AI policy and provide training to cover these risks – get in touch for a chat.

Sci-Translate helps organisations translate complex research and technical concepts into clear, actionable insights. They specialise in explaining how AI really works in practice and what that means for teams, leaders and clients. And they help companies navigate AI with clarity, so they can innovate confidently without falling into the common traps. Get in touch if you’d like an intro to Anna.

What do our clients think?

What is special about LegalEdge is that they take time to understand our culture and strategy so that the legal advice is always relevant and appropriate to how we operate.
Chief People Officer - Clarasys
LegalEdge’s fractional in-house lawyers provided expert, no-nonsense legal support right when we needed it — practical, efficient, and reliable.
Founder - Workflow Science
LegalEdge took the time to understand our business first and then introduced us to an expert in our field who was best placed to support our growth plans.
VP Finance & Operations - Arctic Shores
Legal Edge have been amazing for us. We love the fact that we get to work with brilliant legal talent with many years of experience and experts in their fields.
Founder & COO - Saint & Sofia
Our lawyer quickly understood our business needs and assisted us in a commercial and pragmatic way.
CFO - Sanctus
Most commercial and practical legal support. Fast, efficient and absolutely cutting straight to the crux of the issue.
Commercial Product Director - NatureMetrics
Having an experienced lawyer as your single point of contact to manage legal matters effectively whilst providing pragmatic solutions is exactly what you get from LegalEdge
Legal & Compliance Officer - Distributed
LegalEdge has provided invaluable support, and their customer service is second to none.
BD Director - Toca.io
LegalEdge’s practical approach to our day-to-day legal requirements has been second to none. I highly recommend their commercial contract support – it’s a game changer.
COO/CFO - Fluent Commerce
Our lawyers at LegalEdge have been fantastic partners to our company. They are pragmatic, responsive and personable.
Compliance Lead - Streetbees
We’re very pleased with the work LegalEdge are doing for us. We’re getting quick and decisive responses that are really helping us move forward.
FINANCE & OPERATIONS DIRECTOR - DEPOP
Our original MSA was very one-sided and not favourable to us, with LegalEdge’s help getting this agreement in place we have significantly reduced the risk to the agency.
Operations Director – Contracts and Commercial, - The Social Element
LegalEdge has provided unparalleled legal support to our EMEA business as our in-house lawyers to help us negotiate our software license contracts successfully and quickly.
VP & GM EMEA - Wherescape
The Intellectual Property audit provided by LegalEdge was extremely thorough. Securing our IP is enabling us to scale confident that our brand is protected under the law.
Founder - Arishi
The advice we have received has been superb. We have been impressed with every LegalEdge lawyer we have worked with.
Founder & COO - Saint & Sofia
It’s not an understatement that the new contracts gave us a lot of confidence in negotiating. It sets the right tone with our clients that we know what we are doing.
Operations Director - OneSixOne
Working with Legal Edge is seamless - the support we receive is always timely and clear.
Chief People Officer - Clarasys
I don’t always need the technicalities of a matter; LegalEdge provide pragmatic solutions that help us to close the deal.
Co-founder - Lexonis
Using LegalEdge means we can access their vast legal expertise as and when needed, on a flexible basis that suits us.
VP Finance & Operations - Arctic Shores
LegalEdge has provided excellent, commercially focused advice as part of our in-house legal team that has helped us close contracts with our customers and partners.
CEO - Diona
The fact that all their lawyers have worked inside businesses means they are commercial, pragmatic and know exactly how to prioritise what’s important.
COO - Squirro
Having made the decision to outsource our legal work, we have been extremely impressed by how quickly LegalEdge have quickly understood our business.
Commercial Director - The Social Element
LegalEdge understood our needs more than any traditional law firm had before: we were able to dip in and dip out of their services, they acted like a general counsel for us.
Co-Founder - Young Foodies
We use LegalEdge for support on our contracts, and they do an excellent job!
Director - Haig Barrett Partners
LegalEdge are awesome at taking complex ideas and turning them into simple contracts whilst streamlining processes to make it easy to do business.
Founder - Lola Tech, a DataArt company
The LegalEdge team just intuitively understood our business and needs, picked up the matters that needed dealing with, and ran with them.
General counsel - The Engine Group
Working with a professional squad like LegalEdge on the legal stuff means, as CFOs, we can focus on what we’re good at – the numbers!
Founder - Emergeone
LegalEdge were brilliant from start to finish in helping us to develop a proper brand strategy and implementing it.
CEO - Placemake.io
LegalEdge have been fantastic advisers to our business. Between shareholder agreements & fundraise, Trademark & IP, and commercial agreements, we deeply value their guidance.
Co-Founder - Days Brewing
Having worked closely with LegalEdge I have no hesitation in recommending them to any business requiring smart, articulate and professional legal counsel.
Founder - Low Carbon Group
Working with LegalEdge has been a breath of fresh air! They have provided a unique, entrepreneurial approach to legal services within a rapidly growing organisation.
COO and Co-Founder - hybris GmbH (now a SAP company)
The support we have received has been first class – from day one. LegalEdge have gone above and beyond to truly understand our business.
Director EMEA Operations - Stella & Dot
The ideal solution for the busy in-house counsel who is unable to add a permanent head as you have the ability to flex support without the need to rely on expensive law firms.
Vice President and EMEA Managing Counsel - World-Check [now Thomson Reuters]
LegalEdge’s experience has proven invaluable as they have picked up, negotiated and completed contracts with commercial aptitude.
Group Counsel - Funding Circle
What sets LegalEdge apart is that they focus on problem solving and keeping issues in perspective. They know and understand our business and the array of legal issues we face.
Partner - Portal Tech Reply
As our trusted go to lawyers for complex contract queries and negotiations, LegalEdge know how to focus on the things that matter and to get deals done.
Commercial Director - Connect Managed
The Oxial team was very impressed with the quality of the contracts that the LegalEdge team produced for our business and with their responsive and collaborative approach.
COO - Hammer Team & Oxial

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_32854648_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

By LegalEdge News Nov 06, 2025

AI at work – why every business needs guardrails

Why do you need an AI policy?

Where do I start with my policy?

Act sooner rather than later

What do our clients think?

Contact

Navigate Site

Stay In Touch

We’ll set up a cost-effective, efficient legal function for your business. You’ll have an experienced lawyer as your single point of contact who works as part of your operations team.

We work with small in-house legal teams that need additional support on a flexible basis without adding to headcount.

By LegalEdge News Nov 06, 2025

AI at work – why every business needs guardrails

Why do you need an AI policy?

Where do I start with my policy?

Act sooner rather than later

What do our clients think?

For Companies

We’ll set up a cost-effective, efficient legal function for your business. You’ll have an experienced lawyer as your single point of contact who works as part of your operations team.

For Legal Teams

We work with small in-house legal teams that need additional support on a flexible basis without adding to headcount.

But first, cookies 🍪