Rules for Sensitive Data in DeepSeek Prompts

Generative tools amplify productivity and leakage risk. A simple tier system keeps teams aligned without blocking useful work.

Tier A — never paste

Passwords, full payment data, unreleased financials, personal health records, and secrets under NDA.

Tier B — redact first

Customer names, account numbers, internal project codenames. Replace with placeholders like [CLIENT_A].

Tier C — OK with care

Generic process descriptions, public marketing copy, anonymized examples. Still human-review before external send.

Log incidents

If someone pastes Tier A by mistake, document it per your security policy — don’t treat it as “just a prompt.”

← All playbooks