// Pillar Guide · 2026 Update · ~25 min read

AI FOR SMALL BUSINESS: USE CASES, RISKS, AND THE POLICIES THAT KEEP YOU OUT OF TROUBLE.

What AI actually does for a small business in 2026, where it quietly creates regulatory and contractual exposure, how to write a one-page acceptable-use policy, what a governed multi-vendor AI gateway looks like in practice, and a phased 90-day rollout plan. Written by a veteran-owned managed IT provider headquartered in Ocala, FL — pro-adoption with explicit governance, allergic to hype.

By Steve Condit, USMC Veteran · 30+ yrs ITPublished 2026-05-13Updated 2026-05-13
Get an AI Readiness Assessment →Jump to Guide ↓
// What's In This Guide

ELEVEN SECTIONS PLUS FAQ. ABOUT 4,000 WORDS.

  1. // 01What “AI for Small Business” Actually Means in 2026
  2. // 02The Real Use Cases SMBs Are Deploying
  3. // 03What AI Cannot (Reliably) Do — And Where SMBs Get Burned
  4. // 04Data Risk: What Goes Into the Prompt Goes Into the Model
  5. // 05Regulatory and Contractual Constraints SMBs Forget About
  6. // 06The Bring-Your-Own-AI Problem (Shadow AI)
  7. // 07Building an AI Acceptable-Use Policy: Sample Framework
  8. // 08The Governed AI Gateway Pattern (What Simply AI for Business Does)
  9. // 09Cost Models: Token Pricing, Seat Pricing, and SMB Total Cost
  10. // 10Industry-Specific AI Notes
  11. // 11The Practical AI Adoption Roadmap for SMBs
  12. // 12Frequently Asked Questions
// 01

WHAT “AI FOR SMALL BUSINESS” ACTUALLY MEANS IN 2026.

When a small-business owner says “we should use AI,” they almost always mean one specific class of technology: large language models (LLMs) and the generative AI tools built on top of them. ChatGPT (OpenAI), Claude (Anthropic), Gemini (Google), Copilot (Microsoft) — plus the dozens of embedded copilots now baked into Microsoft 365, Google Workspace, Adobe, Notion, Slack, every modern CRM, every modern IDE, and every modern marketing platform. That is what this guide is about. We are not talking about computer vision in manufacturing, predictive maintenance in fleet, or fraud-scoring in payment processing — all of which are also “AI” but operationally different from the generative tools knowledge-workers actually touch.

There is a fundamental difference between consumer ChatGPT (a personal account on the free or Plus tier at chat.openai.com) and enterprise-governed AI (ChatGPT Enterprise, Claude for Work, Microsoft Copilot for M365, or a managed AI gateway). The model behind both is roughly the same; what changes is the contract: data-handling guarantees, retention windows, training opt-outs, audit logging, role-based access, single-sign-on integration, and the legal posture for regulated data. Most of what this guide warns about — data leakage, shadow AI, compliance exposure — flows from one foundational mistake: treating the consumer product as if it had the enterprise product's guarantees. It does not.

The other thing to internalize about AI in 2026: capability is still moving fast. The gap between “the model your team used last quarter” and “the model that just shipped” is bigger than the gap between most enterprise software versions across an entire decade. A use case that was unreliable in 2024 is routine in 2026. A use case that is unreliable today will probably be routine by 2027. That speed of change is what makes governance — not tool selection — the durable investment. Tools will change. Your acceptable-use policy, your audit-log discipline, your training cadence, your data-classification rules — those carry forward.

// 02

THE REAL USE CASES SMBs ARE DEPLOYING.

Strip away the hype and the actually-useful SMB AI use cases in 2026 land in a fairly tight set. Almost every business we work with is using AI for some combination of the following, and almost none of them are using it for the more exotic things vendors put in pitch decks.

Drafting. First drafts of proposals, statements of work, sales emails, follow-up notes, RFP responses, marketing copy, blog posts, social posts, internal memos, policy documents. The pattern is identical across industries: a human supplies the context and the intent, the AI produces a draft, the human edits and ships. This is the single highest-leverage use case at most SMBs and the one with the cleanest ROI.

Summarization. Long PDFs (contracts, reports, regulations) into structured summaries. Meeting recordings into action-item lists. Email threads into decision summaries. Customer-support tickets into trend reports. This is where AI quietly recovers hours per week per knowledge worker.

Translation and rewriting. Cross-language communication for service businesses with non-English-speaking customers, rewriting technical content for non-technical audiences, tone-shifting (formal to casual, marketing to instructional), and grammar/clarity polishing for non-native English writers on the team.

Grounded customer support (RAG). Retrieval-augmented generation — pairing an LLM with the business's own knowledge base, FAQ, product docs, or policy documents — gives a chat or email assistant that answers from the business's actual content rather than the model's general training. This is where AI starts to be reliable enough for limited customer-facing use, because the model is constrained to source material the business controls.

SMB marketing and SEO drafting. Topic clusters, meta descriptions, schema markup, draft blog outlines, image alt text, social caption variations. With human editing and a clear voice guide, AI takes a 20-hour marketing workload down to 6.

Code assistance. For IT teams and any business with developers, AI pair-programming (GitHub Copilot, Cursor, Claude Code) is now the default. For non-developer SMBs, AI is increasingly useful for writing small scripts, formulas, automations, and Power Automate / Zapier flows that previously required calling an outside developer.

Internal knowledge Q&A. “Where is the latest version of the employee handbook?” “What's our PTO accrual schedule for new hires?” “What did we agree with Acme Corp on payment terms in the contract?” AI grounded against the company's SharePoint or Google Drive content answers these in seconds instead of forcing an employee to interrupt three people. Microsoft Copilot for M365 and Google Gemini for Workspace are both increasingly viable for this if the underlying content is well-organized.

// 03

WHAT AI CANNOT (RELIABLY) DO — AND WHERE SMBs GET BURNED.

The same models that draft a proposal in 30 seconds will, in another 30 seconds, confidently make up a citation, a regulation, a court case, a product specification, or a customer's name. This is not a bug that will be patched out next quarter — it is a property of how LLMs work. They generate plausible text. Plausible is not the same as accurate. SMBs that internalize this stop getting burned. SMBs that don't end up in the news.

Hallucinations on niche-domain facts. Ask a general-purpose LLM for a specific Florida statute number, a particular IRS form, a niche medical billing code, a precise software API behavior, or a specific case citation — and you have an above-50% chance of getting an answer that looks correct but isn't. The model knows what such answers look like and will produce something in that shape whether or not it has the actual information. The fix is grounding the model against authoritative source documents (RAG) or human verification of any citation or specific number before it ships.

Citations that don't exist. The legal industry has produced the canonical examples here — multiple sanctioned cases in 2023-2025 of attorneys filing AI-generated briefs that cited cases the AI invented. Florida Bar Ethics Opinion 24-1 specifically calls out the duty to verify AI output. The same risk applies to any SMB using AI for citation-heavy content: medical content, legal summaries, financial guidance, technical reference material.

Specific legal, medical, or financial advice. An AI tool drafting a contract clause, a treatment recommendation, or an investment view is generating plausible text in the shape of expert advice. For regulated professions, that is professional liability. The right pattern is AI-as-drafter under licensed-professional review, never AI-as-final-answer for the client.

Multi-step agent reliability. “Agentic” AI — where the AI takes multi-step actions in real systems (sending email, booking calendar, modifying records, paying invoices) — is improving fast but is not yet reliable enough for autonomous use at most SMBs in 2026. Every additional step in a chain compounds the probability of a wrong step. The safe deployment pattern is human approval at every external action (send, pay, commit) until the specific workflow has demonstrated reliability over hundreds of runs.

Prompt injection. If an AI tool reads untrusted content — emails, web pages, customer-uploaded documents, scraped data — that content can contain hidden instructions that hijack the AI's behavior. Researchers have demonstrated email-based prompt injection that exfiltrates inbox content via AI assistants. This is a real attack surface and one of the reasons audit logging on AI tools matters: you need to be able to see what the AI did, when, and why.

// 04

DATA RISK: WHAT GOES INTO THE PROMPT GOES INTO THE MODEL (UNLESS YOU GOVERN IT).

The single most important sentence in this guide: the consumer free tier of any major AI tool is not a confidential channel. When an employee pastes a client's tax return, a medical chart, an attorney-client-privileged email, an unredacted contract, or a customer list into the free ChatGPT on their personal account, that data has left the business's perimeter. The vendor's default retention applies. Whether or not it is used for training depends on vendor-specific defaults that change over time and that the typical employee has never reviewed.

The architecture matters. OpenAI's consumer ChatGPT by default retains conversations and historically used them to improve models (training-data opt-out is now available but requires the user to flip it). ChatGPT Team and Enterprise contractually exclude business data from training, retain conversations for a defined window, and provide admin audit access. The OpenAI API by default retains inputs for up to 30 days for abuse review, does not train on them, and offers Zero Data Retention to qualifying customers under specific contractual terms. Anthropic's Claude consumer product, Claude for Work, and the Claude API have similar tier-by-tier distinctions, with broadly stronger default training opt-out on the consumer side than OpenAI historically had. Google Gemini in consumer mode versus Workspace Enterprise behaves similarly.

For a small business, the practical implication is direct: pasting client data into the consumer free tier of any of these tools is a compliance incident in almost every regulated industry — healthcare (HIPAA), law (state bar confidentiality rules), accounting and financial services (FTC Safeguards, Reg S-P), and any business under a contractual NDA with a customer. The fact that you can do it without any technical block does not make it lawful. The fact that no one has noticed yet does not make it safe.

The remedy is twofold: contractual (an enterprise SKU that gives the business the data-handling guarantees it needs) and behavioral (an acceptable-use policy that tells employees which tools to use and which data types are prohibited from any AI tool regardless of SKU). Sections 7 and 8 of this guide cover both.

// 05

REGULATORY AND CONTRACTUAL CONSTRAINTS SMBs FORGET ABOUT.

HIPAA. Pasting protected health information (PHI) into a non-BAA AI tool is a HIPAA disclosure to a non-BA, full stop. The free consumer tiers of ChatGPT, Claude, and Gemini are not BAA-eligible. The enterprise tiers may be — Microsoft Copilot for M365 is BAA-eligible under the Microsoft Online Services Terms when activated, OpenAI signs a BAA for ChatGPT Enterprise and the API on specific terms, Anthropic offers a BAA for Claude on the Enterprise tier, Google offers a BAA for Workspace Gemini. The SKU and the executed BAA matter; the marketing page does not.

FTC Safeguards Rule. For non-bank financial institutions (CPAs, tax preparers, mortgage brokers, financial advisors, auto dealers, certain retailers), the FTC Safeguards Rule requires written information-security policies, designated qualified individual, risk assessment, employee training, and oversight of service providers handling customer information. An AI tool that processes customer financial data is a service provider under the Rule. The free consumer tier is not a service-provider relationship the firm can document — there is no contract specific to the firm.

Attorney-client privilege. Privilege is fragile. Submitting privileged content to a third-party AI service that may retain it, may use it for training, and provides no contractual confidentiality protection has been read by multiple commentators (and some state bar opinions) as a potential privilege waiver. Florida Bar Rule 4-1.6 and Florida Bar Ethics Opinion 24-1 require attorneys to take reasonable precautions, which we interpret operationally as: enterprise tier with explicit no-training contract, or do not use.

Reg S-P (financial services). Registered investment advisers and broker-dealers have separate SEC privacy and safeguards obligations on customer information. Same logic: AI tool as a service provider, must have contractual privacy protections, free consumer tier does not qualify.

Florida Bar Rule 4-1.6 and Opinion 24-1. Florida Bar Ethics Opinion 24-1 specifically addresses generative AI: a lawyer may use AI but must maintain competence in the technology, protect client confidentiality, verify accuracy (the duty of candor under Rule 4-3.3 has produced sanctions in cases of AI-hallucinated citations), and consider disclosure to the client. We cover this in more detail in the legal industry section.

Contractual NDAs. Many B2B contracts contain confidentiality clauses prohibiting disclosure of the counterparty's information to third parties. A consumer AI tool is a third party. We have reviewed contracts where the boilerplate confidentiality language plainly prohibits the kind of AI use the customer's own employees are now doing routinely. This is a quiet contractual exposure most SMBs have not audited.

// 06

THE BRING-YOUR-OWN-AI PROBLEM (SHADOW AI).

Surveys of SMB workforces in 2025-2026 consistently report that 40-60% of knowledge workers have used generative AI for work, and that the majority of that use happens on personal accounts outside any sanctioned tool. This is “shadow AI,” and it is the largest unmanaged data-leakage surface most SMBs have in 2026.

The employee perspective is rational: the tool is genuinely useful, the business has not given them a sanctioned alternative, and signing up takes 30 seconds. From the business's perspective: client data is leaving the building, the business has no audit trail of what was shared, and the business cannot answer a regulator or counterparty asking what AI exposure exists in its environment.

The reflexive response — blocking AI URLs at the firewall — is a non-solution. Employees use AI on their phones (on cellular, off your network), on personal laptops at home, on every embedded copilot now built into the tools you already pay for, and through the dozens of third-party services that proxy LLM access. The firewall block produces a false sense of control without changing employee behavior. We have audited environments with strict firewall blocks where 70% of employees were still using AI on the side, just less efficiently.

The real move is the opposite: sanction a tool that is actually better than what employees were using on the side. Give every employee a governed AI account (single sign-on, no personal credit card required, no data leaving the business's contract envelope), make the experience as good as or better than consumer ChatGPT, publish a clear acceptable-use policy, and audit the sanctioned tool. The shadow problem shrinks because the legitimate path is now the easy path.

Detection helps too. Microsoft 365 audit logs, Defender for Cloud Apps, and similar tooling can surface employee visits to consumer AI URLs, browser-extension installs, and unusual document-export patterns. We use these signals not to punish employees but to identify which workflows need a sanctioned alternative the business has not built yet. The conversation goes from “stop doing that” to “what were you trying to accomplish?” and then “here's the approved tool that does it.”

// 07

BUILDING AN AI ACCEPTABLE-USE POLICY: SAMPLE FRAMEWORK.

An AI acceptable-use policy does not need to be long. The one-page version below covers the practical exposures most SMBs have, can be adapted to a healthcare, legal, or accounting practice with minor edits, and is genuinely operational rather than performative.

  1. Approved tools list. Name the specific AI tools and tiers employees may use for work. Example: “Microsoft Copilot for M365 (firm tenant), ChatGPT Team via firm SSO, Claude for Work via firm SSO. No other AI tool may be used with firm data.”
  2. Prohibited data categories. Name the specific data types that may not be entered into any AI tool regardless of tier. Typical list: protected health information; attorney-client privileged content; client financial records (SSN, account numbers, tax returns); proprietary source code; M&A or other material non-public information; personal information of employees beyond what is already public.
  3. Human-in-the-loop rule. “All AI-generated client-facing content must be reviewed and approved by a qualified human before it is sent, published, or acted on. The employee who signs the final output is responsible for its accuracy.”
  4. Disclosure rules. Define when AI use must be disclosed: to clients (per Bar / professional rules where applicable), in published content (for journalistic or marketing transparency), to counterparties in negotiations (where contractually required). Default to disclosure when in doubt.
  5. Attribution and citation. “AI-generated factual claims, statistics, citations, and quotations must be independently verified before they are included in any client-facing or published document.”
  6. Personal account prohibition. “Employees may not use personal AI accounts for any work involving firm or client data. Use the firm-provided SSO accounts.”
  7. Training cadence. “All employees complete annual AI awareness training. New hires complete training within 30 days. Practical workshops on the approved tools are run quarterly.”
  8. Reporting. “Any suspected data exposure through an AI tool must be reported to the Security Officer within 24 hours. Any AI output later found to contain a hallucinated citation, fabricated quote, or factual error in a client-facing deliverable must be reported.”
  9. Sanctions. “Violations are subject to the firm's general disciplinary policy. Egregious violations — pasting prohibited data into a non-sanctioned tool, ignoring the human-in-the-loop rule on a regulated client deliverable — are grounds for termination.”

The policy is most useful when paired with the sanctioned tools (Section 8) and the training cadence. A policy alone is performative. A policy plus an actually-good sanctioned tool plus annual training plus quarterly practical workshops is operational.

// 08

THE GOVERNED AI GATEWAY PATTERN (WHAT “SIMPLY AI FOR BUSINESS” DOES).

The architectural pattern we deploy at Simply IT clients is a multi-vendor AI gateway: a single control plane that gives every authorized user access to the best models from multiple vendors (OpenAI, Anthropic, Google) under one set of governance controls. Single sign-on tied to the client's Microsoft 365 identity. Per-user, per-role permissions on which models, tools, and features are available. Per-prompt audit logging of inputs and outputs. Mandatory data-classification prompts that block obvious regulated-data submission to non-BAA-tier models. SOC 2 controls on the gateway itself. Configurable data residency. And a single monthly invoice instead of a tangled mess of personal credit-card subscriptions.

The reason multi-vendor matters: different models are better at different things. Anthropic's Claude tends to be stronger on long-document reasoning and on careful writing. OpenAI's GPT tends to be stronger on code and on broad knowledge tasks. Google's Gemini integrates tightly with Workspace and has strong multimodal handling. Locking the business into one vendor forecloses optionality — and given how fast capability is moving, that's an expensive choice.

The reason audit logging matters: when a regulator, counterparty, or insurance carrier asks “what AI exposure does your firm have?” the answer needs to be a real answer. With a gateway, the answer is “every AI interaction by every employee is logged, retained, and searchable.” Without one, the honest answer is “we have no idea.”

The reason data-classification matters: even sophisticated employees occasionally forget. A gateway that pops up a warning when the model detects what looks like PHI or financial-account numbers in the prompt — and either blocks the submission, requires confirmation, or routes to a BAA-tier model only — catches the kind of routine human error that turns into a notifiable incident.

For enterprise clients with stricter requirements, the gateway supports bring-your-own-key (BYOK) deployment, where the client's own API keys with OpenAI / Anthropic / Google are used so the underlying contract envelope is the client's rather than the gateway provider's. For most SMBs that is overkill; the gateway's own enterprise contracts with the underlying vendors are sufficient. This pattern is part of the Simply Secure and Simply Compliant managed tiers.

// 09

COST MODELS: TOKEN PRICING, SEAT PRICING, AND SMB TOTAL COST.

AI pricing comes in two flavors. Token-based (pay-per-use, charged in fractions of a cent per input/output token) is how the underlying vendor APIs work. Seat-based (flat fee per user per month with included usage) is how most consumer-facing products price — Microsoft Copilot for M365, ChatGPT Team and Enterprise, Claude for Work. Most SMBs are better served by seat-based pricing for predictability; token pricing is for power users and for purpose-built API integrations.

Typical SMB monthly AI spend in 2026 lands in the $20 to $150 per user per month range for governed access, with most clients clustering in the $40-$80 range. Microsoft Copilot for M365 is roughly $30/user/month. ChatGPT Team is roughly $25-30/user/month. ChatGPT Enterprise and Claude for Enterprise are typically negotiated and land in the $60-$100/user/month range with included usage. A multi-vendor managed gateway (with the governance, audit, and consolidated billing described in Section 8) typically runs $50-$120 per user/month all-in.

The 80/20 rule applies to AI cost the same way it applies to most things. About 20% of users at a typical SMB are heavy AI consumers (marketing, sales engineering, developers, analysts) who use AI for hours every day. About 80% are light users who would be well-served by a less expensive tier. A sensible deployment uses a tiered model: power users on the higher-cost SKU with full capability, general staff on a lower-cost SKU sufficient for drafting and summarization. The gateway pattern (Section 8) makes this kind of role-based assignment trivial.

For total IT spend context: Simply IT's managed services are $75/user/month (Simply Managed), $125/user/month (Simply Secure), and $150/user/month (Simply Compliant), with no long-term contracts. The Simply Secure and Simply Compliant tiers include the governed AI gateway. So a 10-person professional services firm on Simply Secure invests $1,250/month total for managed IT plus governed AI — meaningfully less than what most firms were spending on point-product AI subscriptions on personal credit cards before consolidation.

// 10

INDUSTRY-SPECIFIC AI NOTES.

Healthcare

PHI in an AI prompt to a non-BAA tool is a breach — same legal posture as any other unauthorized disclosure to a non-Business Associate. The free consumer tiers of ChatGPT, Claude, and Gemini are not BAA-eligible. The enterprise tiers may be, on specific SKUs with executed BAAs. Microsoft Copilot for M365 is BAA-eligible under the Microsoft Online Services Terms when the BAA is activated — the same activation step that's often missed for the underlying Microsoft 365 tenant (see our HIPAA pillar guide). Practical posture for a Florida medical practice in 2026: deploy AI on a BAA-signed SKU only, restrict to non-PHI use cases initially (internal training material, internal policy drafts, non-patient-identifying summaries), expand to PHI use cases only with BAA-eligible tools and documented workflows.

Legal

Florida Bar Rule 4-1.6 governs client confidentiality. Florida Bar Ethics Opinion 24-1 specifically addresses generative AI: a lawyer may use AI but must maintain technological competence, protect client confidentiality (which generally means not using consumer-tier AI tools with client data), verify accuracy of AI-generated content (Rule 4-3.3, duty of candor — multiple sanctioned cases nationally of AI-hallucinated citations in filed briefs), and reasonably consider disclosure to clients. The privilege waiver concern is real: submitting privileged content to a third party that may retain or train on it has been read by multiple commentators as a potential waiver. Our practical guidance to Florida law firms: enterprise-tier AI with explicit no-training contractual terms, written AUP covering verification and disclosure, and quarterly competence training for attorneys using AI tools.

Accounting and Tax

The FTC Safeguards Rule and IRC 7216 (taxpayer information confidentiality) both apply. Client tax records, financial statements, SSNs, and account information are protected information that should not be submitted to consumer-tier AI tools. The practical path is identical to legal: enterprise-tier AI with contractual no-training terms, a written information-security policy that names the AI tools in scope and the prohibited data categories, employee training, and oversight of the AI tool as a service provider under the Safeguards Rule. AICPA and state CPA society guidance increasingly addresses AI use; firms should track their state society's positions.

Small Business Marketing

AI is a routine drafting tool in 2026 SMB marketing. Google's helpful-content guidance is technology-neutral — the question is whether the content is genuinely useful to readers, not whether it was AI-drafted. The originality threshold matters: content that's thinly AI-generated, lightly edited, and largely indistinguishable from any other AI-generated content on the same topic is unlikely to rank or convert. Content that uses AI as a drafting accelerant on top of genuine practitioner experience, specific examples, and original insight does rank and convert. The practical rule we apply on our own site: AI assists the drafting, a human (usually Steve) edits, real examples and real opinions are added, the final output is something a competent author could have written from scratch — just faster.

// 11

THE PRACTICAL AI ADOPTION ROADMAP FOR SMBs.

A 90-day SMB AI deployment with reasonable governance looks like the following. This is the playbook we run at Simply IT clients when they ask us to stand up AI properly the first time.

  1. Days 1-15: Policy and tool selection. Draft the AI acceptable-use policy (Section 7 framework). Identify the one or two approved tools the business will actually deploy — typically Microsoft Copilot for M365 (if the tenant is already on M365 Business Premium or higher) plus a multi-vendor gateway, or ChatGPT Team plus Claude for Work if the M365 tenant doesn't justify Copilot yet. Confirm BAA / contractual data-handling terms on every approved tool. Communicate the policy to the workforce in plain language.
  2. Days 15-30: Pilot with 3-5 power users. Pick the employees most likely to push the tools hard — usually a marketer, a salesperson, an analyst or operations person, and one developer or IT user. Provision their accounts, train them on the approved tools and the AUP, ask them to bring real use cases. Document what worked, what didn't, what governance edge cases came up.
  3. Days 30-60: Broad rollout under governance. Provision SSO accounts for the rest of the workforce. Run a single one-hour AI orientation per team covering the approved tools, the AUP, the prohibited data categories, the human-in-the-loop rule, the reporting requirement. Make sure the governance controls (audit logging, data-classification prompts, role-based access) are live before broad rollout, not after.
  4. Days 60-90: Measure and iterate. Pull audit-log reports and review usage patterns. Identify which use cases are sticking and which ones aren't. Identify which teams are heavy users and which haven't adopted — the latter usually need a workshop on a specific workflow rather than more general training. Identify any governance near-misses and tighten the controls (or the AUP) where needed.
  5. Ongoing: Quarterly review. Capability is moving too fast for an annual cadence on AI. Quarterly: review the tool mix (is the right vendor doing the right job?), refresh employee training on what's new, re-verify contractual data-handling on any vendor that changed terms, audit-log spot-checks, and a brief written report to the business owner on what AI is and isn't doing for the business.

By day 90, a well-run SMB has: a written AUP everyone's seen, a sanctioned tool stack everyone can use, every employee on SSO, audit logs they can produce on request, no personal-credit-card AI subscriptions floating around in expense reports, measurable productivity gains in marketing and operations, and a baseline they can defend if a regulator, insurer, or counterparty asks about AI governance. That is what “doing AI properly” looks like at SMB scale. It is not exotic and it is not expensive — but it does require deliberate setup, which is what most SMBs have not yet done.

// 12

FREQUENTLY ASKED QUESTIONS.

What's the difference between ChatGPT and a governed AI tool?+
Consumer ChatGPT (the free tier at chat.openai.com on a personal account) is a single-tenant consumer product. By default, conversations may be used to improve OpenAI's models, retention controls are limited, there is no centralized audit log of what employees typed, and there is no Business Associate Agreement for healthcare use. A governed AI tool — ChatGPT Enterprise, ChatGPT Team, Anthropic Claude for Work, Microsoft Copilot for M365, or a multi-vendor AI gateway like the one Simply IT deploys — gives the business contractual data-handling guarantees (no training on your data), per-user audit logs of every prompt and response, role-based permissions on which models and tools each user can access, SOC 2 compliance posture, and a single billing relationship instead of dozens of personal credit cards. The capability of the underlying model is roughly the same. The governance is completely different.
Is it safe to paste client data into ChatGPT?+
It depends entirely on which ChatGPT and which client. On the free consumer tier with default settings: no, it is not safe — the data is subject to retention and may be used for model training unless the user has explicitly disabled it, and there is no audit trail of what was shared. On ChatGPT Enterprise or Team SKUs: data is contractually not used for training, retention is shorter, and audit logs exist — but for regulated data types (PHI, attorney-client privileged material, financial records under FTC Safeguards) the practice should verify whether the vendor signs a BAA and whether the data type falls under a specific contractual carve-out. For most SMB scenarios, the rule we teach clients is: never paste anything into a consumer-tier AI tool that you would not be willing to send in an unencrypted email to a stranger.
Can a small business use AI and still be HIPAA-compliant?+
Yes, but only with vendors that sign a Business Associate Agreement for the specific AI product being used. As of 2026, Microsoft signs a BAA for Copilot for Microsoft 365 (under the Microsoft Online Services Terms, when activated). OpenAI signs a BAA for ChatGPT Enterprise and the API under specific contractual terms. Anthropic offers a BAA for Claude on the Enterprise tier. Google offers a BAA for Gemini under Google Workspace Enterprise plans. The free consumer tiers of all four are not BAA-eligible and should never be used with PHI. A medical practice can absolutely deploy AI productively — for note summarization, patient-facing FAQ drafting, internal training material generation — as long as the tool is on a BAA-signed SKU and the practice's acceptable-use policy reflects that constraint.
Does the Florida Bar permit lawyers to use generative AI?+
Yes, with explicit duties. Florida Bar Ethics Opinion 24-1 (issued in early 2024 and refined since) confirms that Florida lawyers may use generative AI in their practice but must (1) maintain competence in how the technology works and its limitations, (2) protect client confidentiality under Rule 4-1.6, which generally means not entering client information into a consumer AI tool that uses inputs for training, (3) verify the accuracy of AI-generated content before relying on it (the duty of candor under Rule 4-3.3 has produced sanctions in cases where lawyers filed AI-hallucinated citations), and (4) reasonably consider whether to disclose AI use to clients, especially when billing for time the AI accelerated. Florida Bar Rule 4-1.6 and the related ethics opinions are the binding constraint. We address this in detail in Section 10.
What is an AI acceptable-use policy and does a small business need one?+
An AI acceptable-use policy (AUP) is a short written document that defines: which AI tools the business has approved for work use, which data types are prohibited from being entered into any AI tool, what mandatory human-review and disclosure rules apply to AI-generated client-facing content, and what happens when an employee violates the policy. Yes, every small business with employees needs one in 2026. Without an AUP, the business has no documented control over what client data its workforce is pasting into consumer AI accounts — which is the single biggest unmanaged data-leakage risk we see at SMBs right now. Section 7 of this guide contains a usable framework.
Does OpenAI, Anthropic, or Google sign a BAA?+
OpenAI signs a BAA for ChatGPT Enterprise customers and for API customers on specific contractual terms (the BAA is not automatic — it must be requested and executed). Anthropic offers a BAA on the Claude for Enterprise tier for qualifying customers. Google offers a BAA for Gemini and the broader Google Workspace under the Google Workspace Enterprise BAA, which has been in place for years. None of the consumer-tier products (free ChatGPT, free Claude, consumer Gemini) sign a BAA. If your practice or firm needs PHI-eligible AI, the SKU and the executed BAA — not the marketing page — are what matter.
Are AI-generated emails to customers legally enforceable?+
Generally yes, with the same legal status as any other email sent by an employee on behalf of the business. AI-generated text becomes the company's communication the moment it leaves the company's domain. That's precisely why the human-in-the-loop rule in any reasonable AUP is non-negotiable: an employee should always review an AI-drafted client email before it sends, because the business owns the legal and reputational consequences of whatever the AI wrote. We have seen cases where AI-drafted promises (refunds, pricing, service commitments) became contractually enforceable obligations the business did not intend to make.
Can AI replace my receptionist or customer support team?+
In 2026, generally no — not completely, and not without significant risk for most SMBs. AI is genuinely good at first-line triage (booking simple appointments, answering FAQ questions, routing inquiries) and at drafting responses for human agents to review and send. AI is not yet reliable enough to handle complex customer interactions, billing disputes, complaint resolution, or anything requiring judgment about edge cases — and a hallucinated answer to a customer question on price, policy, or eligibility can create real liability. The right pattern for most SMBs is augmentation: AI as a draft layer and routing layer, with humans in the loop on anything that touches money, contract, or client harm.
What is the typical cost of AI tools for a small business in 2026?+
For governed access (the only kind we recommend for business use), expect $20 to $150 per user per month depending on tool mix and usage. Microsoft Copilot for M365 is in the $30/user/month range. ChatGPT Team is around $25-30/user/month. ChatGPT Enterprise and Claude for Enterprise are typically negotiated and land in the $60-$100/user/month range. A multi-vendor AI gateway (giving each user access to OpenAI, Anthropic, and Google models with centralized billing and audit) typically runs $50-$120 per user/month all-in. The 80/20 rule applies: most users are light users who could be served on the lower end, while a few power users (developers, marketers, analysts) drive most of the actual token consumption.
How does Simply IT govern AI access for clients?+
We deploy a multi-vendor AI gateway as part of our standard managed offering. Every user gets a single sign-on identity tied to their Microsoft 365 account, role-based access to which models they can use (OpenAI, Anthropic Claude, Google Gemini), per-prompt audit logging that the business owner can review, mandatory data-classification prompts that prevent regulated data from being submitted to non-BAA models, and a single monthly invoice instead of dozens of personal credit-card subscriptions. This is part of the Simply Secure ($125/user/month) and Simply Compliant ($150/user/month) tiers. There is a No long-term contracts.
What is “shadow AI” and is it a real risk?+
“Shadow AI” is the term for AI tool use inside a business that the business does not know about and has not approved — typically employees pasting work data into personal ChatGPT, Claude, or Gemini accounts. Yes, it is a real and pervasive risk in 2026. Surveys of SMB workforces consistently find that 40-60% of knowledge workers have used AI at work, and the majority of that use is on personal accounts outside any policy. The data exposure is unmonitored, the audit trail is non-existent, and the business has no way to respond to a discovery or breach inquiry about what was shared. The fix is not to block AI — it's to give employees a sanctioned, governed AI tool that's actually better than what they were using on the side.
Should I block ChatGPT at the office firewall?+
Generally no, and here's why: blocking the URL stops nothing. Employees will use AI on their phones, on personal laptops, on home networks while remote, or via the dozens of AI features now embedded in tools they already use (Microsoft 365, Google Workspace, Notion, Slack, every modern IDE). The block creates a false sense of control without changing employee behavior. The better answer: deploy a sanctioned AI tool that's actually good, publish an acceptable-use policy that says what data types are prohibited everywhere (including the approved tool), and audit usage on the sanctioned tool. The objective is governance, not prohibition.
// Related Resources

CONTINUE READING.

Pillar Guide
HIPAA Cybersecurity Guide →
Pillar Guide
Florida Bar Rule 4-1.6 Guide →
Pillar Guide
FTC Safeguards for CPAs →
Solution
Cybersecurity Services →
Reference
IT Glossary →
FAQ Hub
Frequently Asked Questions →
Get Started
AI Readiness Assessment →
READY TO DEPLOY AI WITH ACTUAL GOVERNANCE?

Get a free AI readiness assessment from a veteran-owned managed IT provider headquartered in Ocala, FL. We'll review your current AI exposure (sanctioned and shadow), help you draft a one-page acceptable-use policy, and show you what a governed multi-vendor AI gateway looks like at your firm — with honest pricing and no long-term contracts.

By submitting you consent to be contacted by Simply IT via phone, email, or SMS. Reply STOP to opt out of SMS at any time. Privacy Policy

Or call us directly: 352-723-5003