Most small nonprofit teams already have staff using AI tools informally. Most executive directors have no clear picture of which tools, for what tasks, or what data is going into them. This is not a sign that something has gone wrong. Virtuous found that 81% of nonprofits use AI individually and ad hoc, without a formal strategy. The question is not whether it is happening in your organisation. It almost certainly is. The question is how to get visibility so you can support what is working and help everyone work safely. The process for that is simpler than most leaders expect, and it starts with a conversation, not a compliance review.

Why your team is almost certainly already using AI

Research consistently shows that informal AI use is widespread across workplaces, and nonprofits are no exception.

TechSoup and Tapp Network found that 85.6% of nonprofits are experimenting with AI without a formal strategy. Across all sectors, UpGuard’s State of Shadow AI Report found that 81% of employees report using unapproved AI tools. MIT research puts the figure even higher at 90% of workers using personal AI tools for job tasks outside any formal programme.

For a small association of 10 to 20 staff, the realistic starting assumption is not “does anyone use AI?” It is “how many people, for what tasks, and with which tools?” Your program coordinator may be drafting grant report narratives in ChatGPT. Your communications person may be editing social copy in Claude. Your development director may be summarising board meeting notes in Gemini. All of these are plausible. None of them are problems in themselves. The problem is not knowing.

Why a formal audit is the wrong approach for a small team

A structured staff conversation achieves more than a formal review process, and is far less likely to push AI use underground.

When organisations approach AI tool use as a compliance issue, staff respond predictably. Candid’s guidance is direct: fear-based policies drive AI use underground, where staff use unapproved tools, do not disclose AI assistance, and stop asking questions. UpGuard found that 45% of workers find workarounds to access blocked AI tools. Blocking without explanation does not stop the use. It removes your visibility without improving safety.

WalkMe also found that 51% of employees already experience conflicting guidance about appropriate AI use at work. Your staff are likely confused, not defiant. The right approach at small-org scale is conversation. Its purpose is to understand and support, not to discipline or police.

How to hold the conversation without creating anxiety

Framing the conversation as curiosity about what is helping people, not a policy review, makes honest disclosure much more likely.

The setting matters as much as the framing. Small-group or one-to-one conversations work better than anonymous surveys for organisations where staff may already feel uncertain about AI. WalkMe found that 45% of workers admit to pretending they know how to use an AI tool in a meeting to avoid scrutiny. A survey with a form feels closer to a test. A conversation feels like someone is genuinely asking.

The framing that works: “We want to understand what is helping people, so we can support more of it and make sure everyone is working safely.” Position it as catching up with what is already happening, not investigating whether something is wrong. Gallup found that employees whose manager supports AI use are 8.7 times more likely to say AI has changed how much work gets done. The conversation itself is the first act of that support. Keep it entirely separate from any performance or disciplinary process.

What questions to ask

Five plain questions, asked in a low-stakes setting, will give a small team enough information to act on.

The sequence below works in a one-to-one or a small group of three or four people. It is a conversation guide, not a questionnaire. Ask them in order.

  1. Which AI tools do you use for work tasks? Name any. ChatGPT, Claude, Gemini, Copilot, Grammarly, anything with an AI feature.
  2. What tasks do you use them for? Drafting, editing, summarising, research, something else?
  3. How often, roughly? Daily, a few times a week, occasionally?
  4. Do you use a free account or a paid one? Either is fine to say.
  5. What kind of information do you put into it? Your own writing, research, meeting notes, anything with names or contact details?

The fifth question is the most operationally important, even though it feels the most personal. Follow it with a door-opener: “Is there anything about how you are using these tools that you are unsure about?” This invites concerns without implying that something is already wrong.

What are the actual data risks you are listening for?

The main risk is not which tool a staff member uses but what data they are putting into it and on which account tier.

Most staff do not know the difference between a free consumer account and a paid business account. On the free consumer tier of ChatGPT, inputs may be used for model training unless the user has opted out. OpenAI’s data use policy confirms that ChatGPT Business, Enterprise, and API tiers are excluded from training on customer inputs. Anthropic’s commercial terms state the same for paid tiers. The free tier does not carry that protection.

The data categories that matter most are: beneficiary names or case notes, donor contact details, personnel records, legal documents, and passwords. BlackFog found that among employees already using unsanctioned AI tools, 27% had shared employee information and 23% had shared financial data. ASU Lodestar reports that AI-enabled cyberattacks increased 89% in 2025 year on year. The risk is real. It is also specific and manageable once you know what you are dealing with.

What to do with what you find out

After the conversation, three steps move the organisation from visibility to a basic safety baseline without requiring a formal policy document straight away.

First, note what you heard in a simple list: which tools are in use, which account tiers, and which task types. A shared document is fine. The goal is a picture of what is actually happening, not a spreadsheet audit.

Second, identify any cases where sensitive data categories are going into free-tier tools. For those staff members, give a practical alternative rather than a reprimand. If a team member has been pasting beneficiary information into free ChatGPT because it is the only tool they have access to, the fix is access to a safer tool. Paid ChatGPT Team starts at around $25 per user per month. Google Workspace AI features are available at no cost or steep discount through Google for Nonprofits. Either option is a more useful response than a warning.

Third, share back what you heard in a short team note. Tell staff what you found, what you are doing about it, and what comes next. Virtuous identifies that high-impact nonprofits pair awareness with a written AI use policy and codified prompts. The visible action following the conversation is the thing that earns trust for the policy step.

Do you need an AI policy after this?

Yes, but a short policy your team helped create is far more useful than a long template adopted without discussion.

The staff conversation is step one. The policy is step two. The good news is that the infrastructure for a small nonprofit AI policy already exists and is free. NTEN’s Generative AI Use Policy Template is designed as a living document you adapt to your organisation’s reality. The ANB Advisory and NTEN AI Policy Template takes an equity-focused approach developed by Afua Bruce and Rose Afriyie. Candid’s four-component framework is the plainest starting point for an org that has never written a tech policy before.

For a 14-staff association, the policy does not need to be long. What it does need to cover: approved and prohibited uses, which data must not go into public AI tools, which account tier is required for which task type, and who is responsible for keeping the policy current. Candid, NTEN, and One Hundred Nights all warn against adopting any template verbatim. The template is the starting point. The conversation you have already held is what makes the policy reflect your organisation’s real situation rather than a generic compliance document.

For Marcus-level planning and board reporting, NTEN’s AI Governance Framework for Nonprofits covers six modules including data privacy, tool evaluation, and IT governance. It is free and designed for organisations building out a more structured approach.

Starting today: what a small nonprofit can do this week

A shadow AI audit for a small team can be completed in a single week with no budget and no outside help.

The sequence is short. Hold the conversations this week, one-to-one or in small groups of two or three people. Note the tools, the tiers, and the task types in a shared document. Flag any cases where sensitive data is going into a free-tier tool, and point those staff toward a safer alternative. Share back a two-paragraph note to the team describing what you heard and what you will do next. Then set a date, two to four weeks out, to draft a short AI use policy using one of the free templates above.

That is the full process for a small team. No consultant, no IT department, no formal audit. ASU Lodestar found that 70 to 76% of nonprofits lack a formal AI policy even as 92% use AI tools in some form. The gap between use and governance is already there. The conversation closes it.

Frequently asked questions

What is shadow AI, and why does it matter for my nonprofit?

Shadow AI means staff using AI tools that the organisation has not officially approved or even noticed. It matters because those tools may be processing sensitive data on free consumer accounts that offer fewer protections. The goal is not to eliminate shadow AI but to get visibility so you can support safe use and fill any gaps.

Is it legal for staff to use personal AI tools for work tasks?

Using personal AI tools for work is not illegal in most jurisdictions. The legal and governance risks come from what data goes into those tools, not the act of using them. If a staff member pastes beneficiary information or donor records into a free consumer account, that creates a potential data-protection issue regardless of whether the tool was approved.

What data should never go into a free AI tool like ChatGPT?

Beneficiary names and case notes, donor contact details, personnel records, legal documents, and passwords should not go into any free consumer AI account. The practical test is straightforward: if the data would cause a problem in a screenshot on a public website, it does not go into a free-tier prompt. Paid business tiers offer stronger protections but the same categories remain sensitive.

Does a small nonprofit really need a formal AI policy?

Yes, but a short policy your team helped create is far more useful than a long template adopted without discussion. The staff conversation described in this guide is step one. After that conversation, a one-page policy covering approved uses, prohibited data inputs, required account tiers, and a named owner takes about an hour to draft using one of the free templates from NTEN or Candid.

What if staff are worried they will get in trouble for what they have already been doing?

Frame the conversation explicitly as curiosity, not a compliance review. Open with the message that you want to understand what is helping people so you can support more of it. Staff who used free tools in good faith to fill a gap your organisation had not yet addressed are not the problem. The missing guidance was the problem.

What if a staff member has already shared sensitive data with a free AI tool?

Find out exactly what was shared, when, and on which account. If the data includes personal information covered by your data-protection obligations, log it under your existing incident process and check whether reporting thresholds apply. Delete the chat history where possible. Then write the input rule and provide a named safer alternative so the same gap cannot recur.