Spell-check for privacy
Blog
GDPR and workplace AI 11 min read

Using AI Safely in HR: 7 Privacy Rules for Recruitment and People Operations

AI saves HR teams real time, but HR handles the most sensitive data an organisation holds. The biggest risk is rarely the AI itself - it is the moment a CV, a sickness record, or a review note is pasted into an open AI tool, and the moment an AI output is trusted without checking. Seven rules, and what settings do not solve.

ChatGPT5
Summarise my notes from this performance review into a short write-up.
Paste the notes below and I'll turn them into a concise summary.
ChatGPT can make mistakes. Check important info.

The example above is interactive. Click a highlighted value to see your action options.

Quick answer

AI can be used safely in HR, but HR processes special-category and highly sensitive personal data. The biggest privacy risk is not the AI itself - it is the input moment, when a CV, sickness record, or appraisal note is pasted into an open AI tool. On top of that, many HR uses are classed as high-risk under the EU AI Act, which makes meaningful human oversight a legal requirement. Anonymise before the prompt, keep a human in the loop, and offer safe alternatives instead of bans.

01

Pasting CVs, sickness records, or appraisal notes into a free AI tool is a direct data breach under GDPR

02

AI learns from historical data and can quietly discriminate by age, gender, or background

03

Many HR uses are high-risk under the EU AI Act - meaningful human oversight is legally required

04

AI hallucinates: an invented incident in an appraisal can end up in an official personnel file

05

Bans backfire; safe enterprise tools and AI literacy are what actually prevent Shadow AI

A recruiter has forty applications on her desk and a deadline. She drops ten CVs into a free AI tool and asks for a summary of each candidate. The documents hold full names, dates of birth, addresses, and - for two people - a note about a previous period of long-term sick leave. The summaries arrive in thirty seconds, and the data has left the building.

Across the office, a manager is writing up his notes from a performance review. He asks an AI to turn them into a polished narrative. The text reads well and feels complete. What he does not notice: one paragraph describes an incident that never happened. The model invented it to round out the story. The write-up goes into the personnel file unchecked.

These are not edge cases. They are the two most common ways AI goes wrong in HR: sensitive data entered too easily, and outputs trusted too readily.

Is AI safe to use in HR?

AI can be used safely in HR, and the time saved is real: summarising, rewriting, structuring, drafting job adverts. But HR is not an ordinary function. HR handles special-category and highly sensitive personal data every day - health, finances, appraisals, identity. A small mistake is easy to make, and the consequences are larger than in almost any other team.

The biggest risk is not the AI technology itself. It sits in two human moments: when someone pastes sensitive data into a tool, and when someone accepts an AI output as fact. Since 2024 there is a legal dimension too - the EU AI Act classes a large share of HR uses as high-risk, with explicit requirements for human oversight. The seven rules below cover both moments.

Which AI tools does HR use - and where the risk sits

Before you set policy, it helps to know which tools your team is probably already using. They fall into two broad groups, and each carries a different kind of risk.

The first group is general-purpose AI tools that people paste text into:

  • ChatGPT (OpenAI) - drafting job adverts and emails, and summarising CVs and review notes. By far the most widely used, and exactly where the paste risk in rule 1 begins.
  • Microsoft Copilot - built into Word, Outlook, and Teams. Many HR teams already use it without thinking of it as "AI," so sensitive content gets processed unnoticed.
  • Google Gemini - the same role inside Google Workspace.

The second group is HR-specific systems that help make decisions:

  • LinkedIn Recruiter - AI-driven candidate matching and suggested messages; it shapes who you even get to see.
  • HireVue - AI video interviews and assessments. Tools like these often fall into the EU AI Act's high-risk category, with duties around human oversight and transparency.

The distinction decides where you intervene: in the first group the risk is in what an employee enters, in the second it is in what the system itself decides.

Seven privacy rules for AI in HR

1. Never paste CVs into public AI

Uploading a CV or cover letter to a free tool for a quick summary is a direct data breach. You lose control of personal data a candidate entrusted to you, and you have no clear basis for the processing under GDPR. Many free consumer tiers can also use submitted content for model improvement unless the user actively turns that off - and that is an individual setting, not an organisation-wide safeguard.

Use only approved, contained AI workspaces covered by a data processing agreement, or strip every identifying detail before you enter anything.

2. Watch for the bias trap

AI systems learn from historical data. If that data carries a past preference - for certain schools, ages, names, or a gender - the model reproduces it, without anyone meaning to. An algorithm that ranks "the strongest candidates" can quietly discriminate on age, gender, or background.

So never let an algorithm decide who the best candidate is on its own. Keep reviewing outputs, monitor for unequal effects across groups, and be ready to explain why a candidate did or did not make the shortlist.

3. Always keep a human in the loop

Under the EU AI Act, many HR uses - automated screening tools, systems that rank candidates, tools that evaluate performance or allocate work - fall into the high-risk category. For those systems, meaningful human oversight is not a recommendation but a legal requirement. GDPR likewise restricts decisions based solely on automated processing that produce significant effects on a person.

Treat AI as your assistant, not the final decision-maker. When hiring, appraising, promoting, or dismissing people, a person should make the decision and be able to justify it.

4. Anonymise the data before the prompt

Using AI to turn exit-interview or appraisal notes into a clean write-up? Remove every identifying detail before you enter it. The AI needs the substance of the conversation to rewrite it - it does not need the name, the national identifier, or the date of birth.

Work with placeholders and swap them back afterwards:

  • "James Carter (Sales)" → [Employee A]
  • "Client X" → [Company]
  • "DOB 12 March 1987" → [date of birth]

5. Beware of hallucinations

A major risk is over-reliance on AI. Language models can invent facts - "hallucinate" - to make text feel complete and convincing. In a marketing draft that is annoying. In an appraisal or a dismissal file it is dangerous: an invented incident in an official personnel record can affect a career and expose the organisation legally.

Check AI-generated write-ups word for word. AI may handle the form; the facts remain your responsibility.

6. Be fully transparent

Employees and candidates must know when and how AI is used in the HR process. Where algorithms influence recruitment, promotion, or appraisals, both GDPR and the AI Act require you to communicate that openly. Transparency is not only a duty but a matter of trust: people who discover that AI quietly helped decide their career lose confidence faster than you can rebuild it.

Reflect AI use concretely in your privacy notice, your hiring process, and your staff handbook, and be clear about who makes the final decision.

7. Offer safe alternatives

Bans backfire. Surveys consistently find that a large majority of employees use unapproved AI tools at least sometimes - often because the approved route is missing or too cumbersome. This is Shadow AI, and a ban only pushes it further into the shadows.

Instead, make sure your HR team has access to safe enterprise versions, and invest in AI literacy so everyone knows what is and is not allowed. The goal is not less AI, but safer AI on a route people actually use.

The cheat sheet: what you never paste into public AI

HR handles data that, in the wrong context, is a breach. These are the categories that should never go unfiltered into an open AI tool - and the safer alternative.

DataWhy it is sensitiveSafer approach
National ID & copies of ID documentsDirectly identifying; misuse for identity fraudNever enter; replace with [identifier]
Sickness & absence recordsHealth data - special category under GDPRContained workspace or full anonymisation
Full name + job titleMakes a person and their statements traceableReplace with [Employee A]
Date of birth & demographic dataFeeds age and origin bias; identifyingOmit or generalise
Payslips & contract termsFinancially sensitive; usually confidentialRemove or mask figures
Unredacted CVs & cover lettersContain a cluster of personal dataEnterprise workspace or anonymise the passage
Appraisal notesJudgements about people; affect career and fileUse placeholders, verify facts yourself
Employee bank account detailsFinancially identifyingNever enter

What is really at stake

When sensitive HR data reaches an AI tool or the wrong recipient, the consequences range from awkward to severe.

Under GDPR, entering identifiable personal data into an unsuitable tool can be a data breach. Organisations must assess every breach: where there is a risk to people's rights and freedoms, it must be reported to the supervisory authority - the ICO in the UK - within 72 hours of becoming aware of it. Health data, national identifiers, or financial details usually bring an incident within that duty. GDPR fines can reach up to 20 million euro or 4% of global annual turnover. Liability sits with the organisation, not the individual employee.

On top of that comes the EU AI Act. For HR systems classed as high-risk, there are obligations around human oversight, transparency, and documentation - with their own enforcement and penalties, separate from GDPR. A hiring algorithm that decides without human review is not just a privacy risk; it may be a breach.

And then there is reputation. A candidate who learns their CV was fed into an AI tool without consent, or an employee who finds an invented incident in their file, will talk about it. In a labour market built on trust, that damage is hard to undo.

Verified incidents

2018 - Amazon scraps its AI recruiting tool

Amazon stopped using an experimental AI system that scored CVs after finding it disadvantaged women. The model had been trained on a decade of applications, mostly from men, and had learned to downgrade CVs that signalled "women's." The system never went live. Source: Reuters, October 2018.

2023 - iTutorGroup and the EEOC

The US Equal Employment Opportunity Commission settled a case against tutoring company iTutorGroup for $365,000. The company's recruiting software automatically rejected applicants by age - women aged 55 and over, and men aged 60 and over. It is an early example of enforcement against age discrimination by an automated HR system. Source: U.S. EEOC, August 2023.

2023 - Samsung restricts generative AI

Samsung restricted the use of generative AI tools after employees entered confidential company information into ChatGPT. The incident captures the core risk of public AI at work: not an outside attack, but data that employees enter themselves. Source: Bloomberg, May 2023.

2024–2025 - Mobley v. Workday

A US federal court allowed a discrimination case against HR software vendor Workday to proceed, on allegations that its AI-based screening tools disadvantaged applicants by age, race, and disability. In 2025 the court permitted an age-discrimination claim to advance on a collective basis. The litigation is ongoing, but it signals that the providers of AI hiring tools - not only the employers using them - may face scrutiny. Source: reporting on Mobley v. Workday, U.S. District Court, 2024–2025.

The common thread is not a single vulnerability in one tool. It is the combination of human action, trust in the output, and the speed at which AI processes data.

What settings and policy do not solve

Settings decide what an AI tool may do with your data. Policy decides what is allowed. Neither decides what an employee actually types into the box on a busy Tuesday afternoon.

No setting stops someone copying a CV into a free tool. No policy intercepts a date of birth or a national identifier in a meeting note before it is submitted. The most common privacy mistakes in HR are not configuration errors - they are decisions made in a few seconds, during ordinary work, by people who are not thinking about privacy at that moment. That is the point settings and policy do not reach.

How BeeSensible helps before the prompt

BeeSensible checks for personal data in text fields - including the input box of AI tools - as you type or paste. The extension automatically recognises more than eighty kinds of sensitive data: names, national identifiers, dates of birth, phone numbers, bank account numbers, and more. When sensitive content appears, BeeSensible highlights it inline and shows a panel with what was found and how serious it is. The employee can remove it, replace it with a placeholder, or mask it - before the text goes to the AI.

Analysis runs on an EU-based detection service, in working memory, and the text is discarded after detection. Message content is not stored. The employee makes every decision.

For HR, that means in practice: a CV summary, a performance write-up, or an exit note containing a name, a national identifier, or a date of birth is flagged in the input box - before the prompt is sent.

AI is fast, and that speed is exactly what makes it useful. But the same speed causes most privacy mistakes in HR. Settings, policy, and AI literacy reduce risk structurally, yet they do not reach the moment when someone pastes a CV or asks for a write-up. That is where most incidents begin - and also where real-time awareness makes the difference: not by blocking, but by making the content of the prompt visible to the sender before it leaves the organisation.

FAQ

Common questions

Can I paste a CV into ChatGPT to summarise it?

Not into an open, free AI tool. A CV contains personal data - usually a name, contact details, date of birth, and sometimes health or background information. Entering it into a tool that may retain the content or use it for model improvement is, under GDPR, processing without a clear basis and usually a reportable breach. Use only an approved, contained AI workspace covered by a data processing agreement, or remove all identifying details before you enter anything.

Do HR uses of AI fall under the EU AI Act?

Many do. The AI Act classifies AI systems used for recruitment, selection, task allocation, and evaluating or terminating employment relationships as high-risk. Those systems carry additional duties, including meaningful human oversight, transparency to affected people, and documentation. Treat AI as an assistant, not the final decision-maker.

What is the biggest privacy risk of AI in HR?

The input moment. Most incidents do not come from a breach at the AI vendor; they come from an employee pasting sensitive data - a CV, a sickness record, salary data, or appraisal notes - before policy or technology can intervene. The second major risk is over-trust: AI hallucinates, and invented facts end up in an official personnel file.

Do we have to tell employees we use AI in HR processes?

Yes. Both GDPR and the EU AI Act require transparency. Employees and candidates must know when and how AI influences recruitment, promotion, or appraisal decisions. Reflect it clearly in your privacy notice, your hiring process, and your staff handbook, and be specific about the role AI plays and who makes the final call.

How do we stop AI from discriminating in hiring?

Never let an algorithm decide who the best candidate is on its own. AI learns from historical data and can reproduce past preferences - for certain ages, genders, or backgrounds - without anyone intending it. Always review outputs with a human, monitor for unequal effects across groups, and keep a record of why each decision was made so you can explain and defend it.

What should HR never paste into an AI tool?

National identifiers and copies of ID documents, sickness and absence records (health data), full names combined with job titles, dates of birth and demographic data, payslips and contract terms, unredacted CVs and cover letters, appraisal notes, and employee bank account details. The safe alternatives are to anonymise with placeholders or to use a contained enterprise workspace.

See how BeeSensible works

Detect sensitive data before it leaves your team, in any app, in real time.