Redaction Checklist: What to Remove Before Using AI with Client Data

How to Use This Checklist

Before pasting any client, patient, or employee data into an AI tool, scan the relevant section below and remove or replace every listed identifier. Replace names with consistent placeholders (e.g., "Client A," "the patient"), dates with relative references (e.g., "three months ago"), and numbers with generic markers (e.g., "[ACCOUNT NUMBER]").

This checklist applies to all AI tools, including those with enterprise agreements. De-identification is a best practice even when a tool has appropriate data handling terms — it reduces risk if data is ever logged, leaked, or subpoenaed.

Healthcare (HIPAA Protected Health Information)

Must Remove

• Patient name and names of family members
• Date of birth, admission dates, discharge dates, date of death
• Social Security number
• Medical record number (MRN)
• Health plan beneficiary number
• Phone numbers, fax numbers, email addresses
• Street address, city, county (zip code first 3 digits may be retained if population exceeds 20,000)
• Device identifiers and serial numbers (including implanted devices)
• Certificate and license numbers
• Full-face photographs or comparable images
• Biometric identifiers
• Account numbers
• Web URLs and IP addresses
• Any other unique identifying number or code

Generally Safe to Include

• Age (if under 90), sex, race/ethnicity (in aggregate or de-identified context)
• Diagnosis codes (ICD-10) without patient linkage
• Medication names, dosages, and routes (without patient identifiers)
• Lab values and vital signs (without patient identifiers)
• Procedure descriptions (CPT codes without patient linkage)

Legal (Attorney-Client Privilege and Case Data)

Must Remove

• Client names (individual and organizational)
• Opposing party names
• Case numbers and docket numbers
• Court names and jurisdictions (if they could identify the case)
• Specific dates of incidents, filings, or hearings
• Addresses and location details
• Financial terms of settlements or agreements
• Names of judges, opposing counsel, witnesses
• Privileged communications and attorney work product notations
• Confidential business information disclosed by the client

Generally Safe to Include

• Legal issues and questions of law (framed generically)
• Statutory and regulatory citations
• General fact patterns with identifiers removed
• Procedural posture described generically
• Contract clause language (with party names replaced)

Human Resources (Employee PII)

Must Remove

• Employee names
• Social Security numbers and tax identification numbers
• Employee ID numbers
• Home addresses, phone numbers, personal email addresses
• Date of birth and age (if it could identify the individual in a small team)
• Salary, compensation, and benefits details tied to an individual
• Performance review scores or disciplinary records with identifying details
• Medical or disability information
• Immigration status or work authorization details
• Emergency contact information

Generally Safe to Include

• Job titles and department names (in organizations large enough for anonymity)
• General role descriptions and responsibilities
• Policy language and handbook excerpts
• Aggregate compensation data (salary ranges, not individual figures)
• Generic performance criteria and evaluation frameworks

Financial Services (Client Financial Data)

Must Remove

• Client names (individual and entity)
• Account numbers (brokerage, bank, retirement, insurance)
• Social Security numbers and tax identification numbers
• Portfolio holdings tied to a specific client
• Transaction histories with identifying details
• Net worth, income figures, or asset values tied to an individual
• Beneficiary names and information
• Financial plan details linked to a specific client
• Employer names and compensation details
• Trust names and details that identify the grantor or beneficiaries

Generally Safe to Include

• General financial planning scenarios with placeholder figures
• Tax concepts and strategies described generically
• Market data and publicly available financial information
• Regulatory requirements and compliance questions
• Asset allocation models without client linkage

Real Estate (Client and Transaction Data)

Must Remove

• Client names (buyers, sellers, landlords, tenants)
• Property addresses
• Purchase prices, offer amounts, and sale prices tied to specific transactions
• Loan amounts, interest rates, and lender names tied to a specific client
• Pre-approval letters and financial qualification details
• Social Security numbers and tax identification numbers
• Inspection report details that identify the property
• Appraisal values tied to a specific address
• HOA account numbers and details
• Title and escrow account information

Generally Safe to Include

• General market conditions and comparable price ranges
• Property descriptions with address removed (type, size, features, general area)
• Standard contract clause language
• Transaction process questions and timeline planning
• Regulatory and disclosure requirements