Data Privacy & AI: What Never Goes Into an AI Tool
This might be the most important page in this entire guide. Data privacy is where AI ethics gets real for your church. One mistake — putting the wrong information into the wrong tool — can violate trust, break the law, and damage your church’s reputation.
The Golden Rule
Never put any confidential church or member information into any AI tool. Period.
Not ChatGPT. Not Claude. Not Gemini. Not any of them. Here’s why:
- AI tools learn from your inputs. The data you enter may be used to train future models.
- AI tools store your conversations. They may be reviewed by human moderators, accessed by hackers, or subpoenaed by courts.
- AI tools can leak data. Other users may see fragments of your data in their own AI responses.
- AI tools have terms of service you agreed to — and those terms almost certainly don’t include permission to process confidential church data.
The Never List
The following types of information should never be entered into any AI tool:
Personal Information
- Member or attendee names (especially combined with any other data)
- Addresses, phone numbers, email addresses
- Birth dates, anniversaries, or other identifying dates
- Children’s names, schools, or activities
- Employment information
- Health or medical information
- Any information from membership rolls or directories
Pastoral & Counseling Information
- Counseling notes or session summaries
- Prayer requests (they often contain deeply personal information)
- Marriage or family issues
- Substance abuse or mental health information
- Disciplinary matters
- Any information shared in confidence by a member
Financial Information
- Giving records or donation amounts
- Budget details or financial reports
- Bank account or credit card information
- Staff compensation information
- Building project costs or fundraising goals
Church Operations
- Attendance records
- Membership applications or removal records
- Personnel files or performance reviews
- Insurance or legal documents
- Security procedures or access codes
Safe Alternatives
What if you need AI help with something that involves sensitive information? Here are safe approaches:
| Instead of… | Do this… |
|---|---|
| “Help me write a letter to John Smith about his giving record” | “Help me write a general letter to a church member about financial stewardship” |
| “Review these counseling notes and suggest next steps” | “What are general best practices for pastoral counseling follow-up?” |
| “Analyze our church attendance data for trends” | Use a spreadsheet locally, or ask AI about general church attendance trends |
| “Draft a response to the Johnson family’s complaint” | “Help me draft a general response to a church conflict situation” |
The key principle: Ask AI for general guidance, templates, and frameworks — never for help with specific, identifiable situations involving real people.
What About Church Management Software with AI?
Many church management systems (Planning Center, Breeze, Church Community Builder, etc.) are starting to add AI features. These are generally safer than public AI tools because:
- They have specific data processing agreements
- They’re designed for church data
- They’re subject to the same privacy laws as the rest of the software
But you should still:
- Read the terms of service carefully
- Understand what data the AI features access
- Ask the vendor specific questions about data handling
- Get approval from your leadership before enabling AI features
What If Someone Already Did It?
If you discover that a staff member or volunteer has been putting confidential information into an AI tool:
- Don’t panic. But take it seriously.
- Stop the practice immediately. Make sure it’s not continuing.
- Assess the scope. What data was entered? How much? How sensitive?
- Contact the AI provider. Some providers allow you to request data deletion.
- Notify affected individuals if the data was highly sensitive (counseling, financial, etc.).
- Update your policy. Make sure this specific scenario is covered going forward.
- Train your team. Use this as a learning opportunity, not just a punishment.