Using Public LLMs with Sensitive Data – Are We Being Careful Enough?

rom_c

Hi everyone,

With the rise of public LLM tools (ChatGPT, online AI assistants, etc.), many of us use them to debug code, generate SAS scripts, or analyze problems faster.

But I’ve been wondering about something important —

If we paste real client data, production code, or sensitive datasets into public tools, there may be privacy and compliance risks.

Some things to consider:

Data may be stored or logged externally
Possible exposure of confidential information
Regulatory concerns (HIPAA, GDPR, company policies)
Intellectual property leakage

A few safer practices I’ve started following:

Use dummy/sample data instead of real data
Mask sensitive fields
Check company policies before uploading
Prefer internal/enterprise AI tools if available

Curious how others here handle this —
Do you use LLMs with your SAS workflow? Any best practices you follow?

Would love to hear different perspectives.

Rachel_McLawhon

I'm with you! It’s a challenging balance—leveraging these tools while keeping sensitive information protected. Your best practices are spot‑on, and I also make a point to be more cautious than necessary when handling anything sensitive.

Thankfully in my role, the situations that demand heightened data privacy are usually pretty clear. Still, it’s always better to be safe than sorry!

Using Public LLMs with Sensitive Data – Are We Being Careful Enough?

Re: Using Public LLMs with Sensitive Data – Are We Being Careful Enough?

SAS Innovate 2026 Registration is Open

Using Public LLMs with Sensitive Data – Are We Being Careful Enough?

Re: Using Public LLMs with Sensitive Data – Are We Being Careful Enough?

SAS Innovate 2026 Registration is Open

SAS Training: Just a Click Away