An internal AI use policy answers one question for every employee and every builder: "am I allowed to do this, and if I'm not sure, who do I ask?" This article is a template — a set of sections with guidance on what belongs in each. It is a starting point, not legal advice; adapt it with counsel, because acceptable-use obligations also flow from your vendor terms (Anthropic's usage policy for Claude, your cloud provider's terms on Bedrock, Vertex AI, or Foundry) and from your industry's regulators.
Section 1 — Purpose and scope
Two or three sentences: what the policy covers (all use of AI systems on company business, whether company-approved tools or not), who it applies to (employees, contractors), and what it does not cover (personal use on personal devices and data). Ambiguous scope is the number one source of shadow AI — if the policy only mentions "approved tools," people conclude unapproved tools are ungoverned rather than prohibited.
Section 2 — Approved tools and platforms
Name the sanctioned routes explicitly — for example, "Claude via our Amazon Bedrock account" or "the Claude API under our corporate organization" — and state that access is provisioned through corporate identity, not personal accounts. Keep the list in an appendix so updating it does not require re-approving the whole policy.
Section 3 — Data handling rules
This is the section employees actually need, so make it concrete. Tie rules to your data classification: what may go into an AI system at each sensitivity level, and through which approved route. Two facts about the Claude commercial platform are worth reflecting when you write this section. First, Anthropic states that by default it does not use inputs or outputs from its commercial products to train its models, and that its stated default for the Claude API is to automatically delete inputs and outputs on its backend within 30 days. Second, there is a notable exception your policy should address: if a user explicitly submits feedback (for example, a thumbs up/down report), Anthropic may retain data associated with that submission for up to five years and may use it for research and model training — so a reasonable policy rule is "do not use in-product feedback buttons on content containing confidential data." On Bedrock and Google Cloud, the cloud provider is the data processor, so cite that provider's terms instead. Confirm all of this against your actual contracts.
Section 4 — Permitted uses
List broad, safe categories affirmatively: drafting and summarization of non-restricted content, coding assistance, internal search and analysis of data the employee is already authorized to access. An explicit permitted list reduces the shadow-usage incentive that a purely restrictive policy creates.
Section 5 — Prohibited and restricted uses
Separate "never" from "only with approval." Prohibited: entering data above the allowed classification into unapproved tools; representing AI output as human work where disclosure is required; using AI for decisions your organization has ruled out entirely. Restricted (requires review): customer-facing deployments, automated decisions affecting individuals (hiring, credit, eligibility), and anything in scope of the high-stakes review. Point restricted uses at the intake process rather than just saying no.
Section 6 — Human oversight and accountability
State the principle once: the human who uses or ships AI output owns it. Require review of AI output before it leaves the company or triggers an action, at a depth proportional to the risk tier.
Section 7 — Escalation and incidents
One named channel (an alias like ai-governance@) for three things: "may I do X?", exception requests, and suspected incidents. Link the incident playbook and the exception process. A policy without an escalation path trains people to guess.
Section 8 — Review and ownership
Name the owning body (typically the steering committee), the review cadence (at least annually — the platform landscape changes faster than most policies), and the version history.
Where to go next
Pair the policy with the employee training program so the rules are taught, not just posted, and record policy authority in the program charter.