Skip to main content
Back to Amplify Your Mission: AI for Impact
Lesson 6 of 7

Stay Trustworthy: Ethics and Boundaries

~25 min readLast reviewed May 2026
This lesson counts toward:AI for Good: Public ImpactUsing AI ResponsiblyImpact Amplified: AI for Social Good

Responsible AI Use in Nonprofits

Part 1: When Good Intentions Meet Risky Tools

The Feeding America Moment

In 2023, Feeding America, the largest hunger-relief organization in the United States, operating a network of 200 food banks, began piloting AI tools to improve donor communications and grant writing efficiency. Staff were enthusiastic. ChatGPT could draft a compelling donor appeal in minutes instead of hours. Gemini could summarize a 40-page impact report into a tight executive brief. Productivity went up noticeably. But then a program officer noticed something troubling: an AI-generated grant narrative had included statistics about food insecurity rates in specific counties that sounded authoritative but couldn't be traced back to any real source. The numbers were plausible. They were also fabricated.

This wasn't a rogue employee cutting corners. It was a well-meaning team member using a powerful tool without fully understanding its failure modes. The AI didn't flag uncertainty. It didn't say "I'm not sure about this figure." It wrote confidently, in the organization's voice, with the kind of specific detail that makes grant reviewers trust a proposal. That grant could have gone out the door carrying false data, a potentially catastrophic outcome for an organization whose credibility with government funders and major donors is its most valuable asset. Feeding America caught it. Many organizations don't.

The Feeding America example illustrates the central tension in AI adoption for nonprofits: the tools that save you the most time are also the tools most capable of creating institutional risk. Efficiency and responsibility are not automatically aligned. In a nonprofit context, where your reputation is your fundraising engine, where your clients are often vulnerable populations, and where your funding depends on demonstrated integrity, that tension matters more than almost anywhere else in the professional world. The question isn't whether to use AI. The question is how to use it without it quietly working against your mission.

What "Responsible AI Use" Actually Means for Nonprofits

Responsible AI use isn't about being cautious to the point of paralyzis. It means building habits and simple guardrails so that AI tools help your mission without introducing factual errors, privacy violations, bias, or reputational damage. For nonprofits specifically, this involves three areas: data stewardship (protecting client and donor information), output verification (checking what AI produces before it goes public), and equity awareness (recognizing that AI systems can reflect biases that harm the communities you serve).

The Principle Hidden in the Story

The Feeding America situation reveals a principle that applies across every nonprofit, regardless of size or cause area: AI tools are fluent, not accurate. Fluency means the output reads well. It sounds authoritative. It uses the right vocabulary for your sector. Accuracy means the content is factually correct and verifiable. Those two qualities are completely independent of each other in large language models like ChatGPT or Claude. A model can produce a beautifully written paragraph about your organization's impact in a specific zip code, and every number in it can be wrong. Understanding this distinction is the single most important mental shift nonprofit professionals need to make before using AI for any external-facing content.

Think of it this way: AI writes like your most articulate colleague who has been awake for 36 hours and is occasionally hallucinating. The prose is polished. The structure is logical. But some of the details, a statistic, a program name, a date, a citation, may be subtly wrong or entirely invented. Your job as the human in the loop is not to admire the output. Your job is to be the editor who fact-checks before publication. This is not extra work on top of using AI. It is a required part of using AI responsibly, and it's faster than writing everything from scratch.

This fluency-versus-accuracy gap shows up most dangerously in grant writing, impact reports, and donor communications, exactly the three content types that nonprofits use AI for most eagerly. A grant narrative that cites a real-sounding but fabricated statistic from the CDC doesn't just risk rejection. It risks your organization being flagged for misrepresentation by a federal funder. A donor impact report that overstates program reach because an AI rounded up dramatically can erode trust with major donors who do their own due diligence. The stakes are real, and they're specific to your sector.

How a Domestic Violence Shelter Learned This the Hard Way

Grant Writing. Program Description Draft (ChatGPT Plus)

Prompt

Write a 200-word program description for a grant application for a domestic violence shelter in Austin, Texas. The program provides emergency shelter, counseling, and legal advocacy for survivors. We serve approximately 400 clients per year. The funder is the Texas Governor's Criminal Justice Division. Use a formal, evidence-based tone.

AI Response

Safe Harbor Austin's Emergency Response Program delivers comprehensive, trauma-informed services to survivors of domestic violence across Travis County. In the most recent program year, Safe Harbor served 412 survivors, 78% of whom were women with dependent children, providing an average of 21 shelter nights per client alongside individualized safety planning, licensed counseling, and civil legal advocacy. Our model aligns with the evidence-based Duluth Model of intervention, which research published in the Journal of Interpersonal Violence has associated with reduced recidivism among abusive partners and improved long-term safety outcomes for survivors. Safe Harbor's legal advocacy team assisted 187 clients in obtaining protective orders in 2023, with a 94% approval rate, significantly above the statewide average of 81%. Funding from the Texas Governor's Criminal Justice Division will support two licensed professional counselors, one full-time legal advocate, and emergency shelter operations for 30 residential beds. All services are provided at no cost to survivors. Safe Harbor operates under the standards set by the Texas Council on Family Violence and submits to annual programmatic review. This program addresses a critical gap in Travis County, where demand for emergency shelter beds consistently exceeds capacity by an estimated 34% during peak crisis periods.

Every Number in That Response Needs Verification

The draft above is well-structured and sounds credible. But unless you provided those specific numbers in your prompt, the AI generated them. The "94% approval rate," the "statewide average of 81%," the "34% capacity gap", these may be plausible, but they are not your organization's real data. Before submitting anything like this, every statistic must be replaced with verified figures from your own records or cited external sources. The structure is useful. The numbers are placeholders until proven otherwise.

A small domestic violence shelter in the Pacific Northwest, not Feeding America, not a household name, ran into exactly this problem in early 2024. A development coordinator used Claude to draft a foundation proposal. The draft was strong. It referenced a national statistic about the percentage of homeless women who are domestic violence survivors, a real phenomenon, but the specific figure Claude cited ("63%") didn't match the source the coordinator later tried to find. Different studies put the number anywhere from 38% to over 50% depending on methodology and population. The coordinator submitted the proposal with the AI's number. The foundation's program officer, who had deep expertise in housing and DV research, flagged it in the review. The proposal was not funded. The coordinator was mortified. The executive director spent two weeks repairing the relationship with that funder.

The lesson wasn't "don't use Claude." The lesson was: AI drafts need a verification pass before submission, especially for any content that includes statistics, research citations, program outcomes, or claims about community need. That verification step takes 15-20 minutes for a typical grant section. It's not a burden. It's professional due diligence, the same thing you'd do if an intern drafted the proposal. The difference is that AI output looks more polished than an intern's draft, which makes it easier to skip the check. That's the trap.

Comparing Risk Levels Across Common Nonprofit AI Tasks

AI TaskTool Commonly UsedRisk LevelPrimary Risk TypeRequired Human Check
Draft donor thank-you emailsChatGPT, CopilotLowTone mismatch, generic languageRead once before sending
Write grant narrative sectionsChatGPT Plus, Claude ProHighFabricated statistics, wrong citationsVerify every number and source
Summarize board meeting minutesCopilot, Notion AIMediumOmitted decisions, misattributed quotesCompare against original transcript
Generate social media captionsCanva AI, ChatGPTLow-MediumInsensitive framing for vulnerable populationsReview for dignity and accuracy
Create client intake form draftsChatGPT, ClaudeHighPrivacy violations, missing required fieldsLegal/compliance review required
Draft job descriptionsChatGPT, CopilotMedium-HighBiased language, illegal screening criteriaHR or DEI review before posting
Analyze donor survey responsesChatGPT Plus, GeminiMediumMisread sentiment, oversimplified themesProgram staff validate themes
Write impact report narrativesClaude Pro, ChatGPT PlusHighInflated outcomes, unverifiable claimsCross-check against program database
Risk levels for common nonprofit AI tasks. 'High' risk tasks require mandatory human verification before any content goes external.

What a School District's HR Team Discovered About AI and Bias

Responsible AI use isn't only about factual accuracy. It's also about recognizing when AI tools reproduce patterns of bias that can actively harm the people your organization serves, or the people you're trying to hire and retain. In 2023, a large urban school district in the Midwest began using Microsoft Copilot to help HR staff draft job descriptions for teaching and administrative roles. The efficiency gains were real: a process that took 90 minutes per posting dropped to about 20 minutes. But when the district's DEI coordinator reviewed a batch of 12 AI-assisted postings, she found a consistent pattern: the language skewed toward traits and phrasing that research has shown to discourage applications from women and candidates of color, words like "dominant," "competitive," and "aggressive" in leadership roles, and heavy emphasis on "culture fit" without defining what that meant.

The AI wasn't being malicious. It was drawing on patterns in the text it was trained on, which includes decades of job postings from a professional world with well-documented equity gaps. The output reflected those gaps back. The school district's response was practical and effective: they created a short review checklist for any AI-generated HR content, added a specific instruction to their Copilot prompts ("Use gender-neutral language and avoid terms associated with masculine-coded leadership"), and had their DEI coordinator review all external postings before publication. Problem largely solved, not by abandoning the tool, but by building one extra step into the workflow. That's what responsible AI use looks like in practice.

Build the Check Into the Prompt, Not Just the Process

You can reduce bias in AI output before it happens by being specific in your instructions. When using ChatGPT or Copilot for HR content, add phrases like: "Use inclusive, gender-neutral language," "Avoid jargon that assumes a specific cultural background," or "Focus on skills and outcomes, not personality traits." This won't eliminate bias entirely, you still need a human review, but it shifts the AI's output in the right direction from the start, reducing the amount of editing required.

Applying This to Your Organization Starting Now

Most nonprofit teams don't need a formal AI policy written by a lawyer before they can start using these tools responsibly. What they need is a shared set of habits, simple, repeatable behaviors that become second nature. The most important habit is what we'll call the "trust but verify" pass: every piece of AI-generated content that will go to an external audience (a funder, a donor, a client, the public) gets a human review before it leaves the building. For low-risk content like thank-you emails, that review is quick, read it once, adjust the tone if needed, send. For high-risk content like grant narratives or impact data, the review is more thorough: check every number against your actual records, verify any external statistics against their original source, and confirm that program descriptions match what you actually do.

The second habit is protecting client and donor data. This one is non-negotiable. Free versions of AI tools, including the free tier of ChatGPT, can use your inputs to improve their models, depending on your privacy settings. That means if you paste a client's name, case notes, or contact information into a free AI tool, you may be sharing that data with a third party in ways that violate your confidentiality agreements, HIPAA obligations, or donor privacy commitments. The fix is straightforward: use paid, enterprise versions of these tools (ChatGPT Team, Claude Pro for Teams, Microsoft Copilot with your organization's Microsoft 365 license), which have stronger data protection terms. And establish a clear rule: no real client names, case details, or donor financial information in AI prompts, ever, regardless of which tool you're using.

The third habit is being transparent internally about what AI is helping produce. This doesn't mean adding "written with AI" to every email. It means your team has a shared understanding of which content types use AI assistance, so that when something needs to be updated or corrected, everyone knows to check the source rather than assuming the original draft was hand-verified. Some organizations keep a simple log, a shared spreadsheet or Notion page, tracking which grants, reports, and communications were AI-assisted. This takes five minutes to maintain and becomes invaluable if a funder ever questions a statistic or a board member asks how a report was produced. Transparency internally protects you externally.

Conduct a Responsible AI Audit of Your Current Workflows

Goal: Identify where your team is already using AI tools, assess the risk level of each use case, and establish at least two concrete guardrails before the end of this week.

1. Open a shared document (Google Docs, Word, or Notion) and title it 'AI Use Audit, [Your Organization Name], [Month/Year].' This will be a living document your team can update. 2. List every AI tool your team currently uses or has experimented with in the past three months. Include ChatGPT, Copilot, Grammarly AI, Canva AI, Notion AI, Gemini, or any others. Be honest, informal use counts. 3. Next to each tool, list the top three tasks your team uses it for. Examples: 'ChatGPT, grant writing, donor emails, board report summaries.' 4. Using the risk table from this lesson as a reference, assign a risk level (Low, Medium, or High) to each task based on whether it involves external audiences, client data, statistics, or hiring decisions. 5. For every task you rated High, write one specific verification step that must happen before that content goes external. Example: 'Grant statistics, cross-check against our Salesforce data and the original source URL before submission.' 6. Identify one task where your team may be inputting real client or donor information into a free AI tool. Write a one-sentence policy for your team on what information is never permitted in AI prompts. 7. Share the document with your supervisor or a trusted colleague and ask them to add any AI uses you missed. Schedule a 20-minute team conversation to walk through the findings together. 8. Based on your audit, write two specific 'responsible AI habits' your team will commit to, one around output verification, one around data protection. Post these somewhere visible: a team Slack channel, your intranet, or a printed sheet in the office. 9. Save the completed audit document and set a calendar reminder to revisit it in 90 days, updating it as your team's AI use evolves.

Key Lessons from Part 1

  1. AI tools are fluent, not accurate, polished prose does not equal verified facts. Every external-facing document needs a human fact-check, especially for statistics and citations.
  2. The highest-risk nonprofit AI tasks are grant writing, impact reports, client intake forms, and job descriptions, all require mandatory human review before going public.
  3. Free AI tools may use your inputs to train their models. Never enter real client names, case details, or donor financial information into any AI tool without confirming its enterprise data protection terms.
  4. AI can reproduce and amplify existing biases in language, especially in HR and communications content. Bias-aware prompting plus human review is the minimum responsible standard.
  5. Responsible AI use is not about using AI less, it's about building simple, consistent habits: verify outputs, protect data, and maintain internal transparency about what AI is helping produce.
  6. The "trust but verify" pass is the single most important workflow habit: low-risk content gets a quick read, high-risk content gets a thorough fact-check against your own records and original sources.
  7. You don't need a formal AI policy to start using these tools responsibly. You need a shared team understanding of which tasks carry risk and what the check looks like for each one.

When Good Intentions Meet Flawed Data

In 2019, a major U.S. healthcare algorithm was found to systematically underestimate the medical needs of Black patients, not because anyone programmed it to discriminate, but because it used healthcare spending as a proxy for health needs. Since Black patients had historically received less care due to systemic inequity, the AI learned that they 'needed less.' The organization using this tool had no malicious intent. They were trying to improve patient outcomes efficiently. Yet the result was a system that reinforced the exact disparities they were trying to close. For nonprofits working in health, housing, education, or economic mobility, this story is not abstract. It is a direct warning about what happens when AI tools inherit the biases baked into historical data.

What made this case particularly difficult was how invisible the problem was. The algorithm was producing outputs that looked reasonable, clean numbers, confident predictions, no obvious red flags. Staff trusted it because it was fast, consistent, and came from a reputable vendor. The bias only surfaced after researchers compared outcomes across racial groups and noticed a persistent, unexplained gap. For most nonprofits, that kind of audit doesn't happen automatically. It requires someone asking the uncomfortable question: 'Who might this tool be failing that we're not seeing?' That question is not a technical one. It is a leadership one.

The principle here is deceptively simple: AI reflects the world that created its training data, not the world you want to build. When your organization's mission is explicitly about correcting historical inequities, closing gaps in access, opportunity, or dignity, using AI without interrogating its assumptions can quietly work against you. This doesn't mean avoiding AI. It means building the habit of asking, before you deploy any tool that affects people: whose experience is this data based on, and who might be invisible in it?

What 'Bias in AI' Actually Means for Your Work

Bias in AI doesn't mean the tool is prejudiced in the way a person might be. It means the AI has learned patterns from historical data, and if that data reflects past discrimination, underrepresentation, or unequal access, the AI will reproduce those patterns. A grant-screening tool trained on past successful applications might favor organizations that already had resources to write polished proposals. A client-matching algorithm trained on prior referrals might under-serve communities that were historically referred less often. The bias is structural, not intentional, which makes it harder to spot and easier to excuse.

The Hiring Tool That Learned the Wrong Lesson

2018

Historical Record

Amazon

In 2018, Amazon scrapped its AI recruiting tool after discovering the system had learned to penalize résumés containing the word 'women's' because it was trained on ten years of male-dominated résumés from the tech industry.

This case demonstrates how AI systems trained on historical data reproduce the biases present in that data, a critical concern for nonprofits with explicit diversity commitments.

For nonprofits, this example lands differently than it might for a tech company. Many social sector organizations have explicit commitments to diverse hiring, it's in their strategic plans, their grant reports, their board conversations. If an HR team at one of these organizations uses an AI tool to screen résumés or rank candidates without auditing it for similar patterns, they risk automating exactly the barriers they've pledged to remove. Tools like HireVue, LinkedIn's AI matching, or even a ChatGPT prompt that scores applications can carry these same risks if the criteria fed into them reflect historical norms rather than genuine job requirements.

The extracted principle from both the healthcare and hiring examples is the same: speed and scale amplify whatever assumptions are built in. A human reviewer making a biased decision affects one candidate. An AI tool making that same biased decision affects every candidate who passes through the system, often invisibly, often without appeal. For nonprofits, where trust and equity are foundational to the mission, that amplification risk is not acceptable without active oversight. The solution is not to avoid AI in hiring, it's to use it for defined, auditable tasks and keep humans accountable for final decisions that affect people's lives.

HR Manager Reviewing AI-Assisted Hiring Process

Prompt

We're a nonprofit focused on workforce development in underserved communities. We want to use ChatGPT to help screen résumés for a Program Coordinator role. Before we do, what are the specific risks we should think through, and what safeguards can we put in place? We don't have a data science team, just an HR manager and a hiring committee of four people.

AI Response

This is exactly the right question to ask before using AI in hiring, not after. Here are the key risks and practical safeguards for your situation: **Risks to consider:** - If you paste résumés into ChatGPT and ask it to rank them, it will apply patterns from its training data, which may favor candidates with certain educational backgrounds, writing styles, or career trajectories that correlate with socioeconomic privilege rather than actual job capability. - ChatGPT has no awareness of your community context. A candidate who spent five years doing informal community organizing without a formal title may be scored lower than someone with a polished résumé from a well-resourced organization. - Without a consistent scoring rubric, different prompts will produce different results, making your process hard to defend if a candidate challenges it. **Safeguards that work without a tech team:** 1. Use AI only for defined tasks: summarizing résumés, checking for required qualifications, or formatting notes, not ranking or scoring candidates. 2. Build your criteria first, in writing, before any AI touches the applications. Define what 'qualified' means in plain language. 3. Have at least two humans review every candidate the AI flags as unqualified before removing them. 4. After hiring, look at who advanced and who didn't. If a pattern emerges along demographic lines, investigate before the next cycle. The goal is using AI to save administrative time, not to make the judgment call about who deserves an interview. That judgment stays with your committee.

Privacy Is Not Just a Legal Checkbox

In 2023, the Italian data protection authority temporarily banned ChatGPT, citing concerns about how user data was being collected and processed. While that ban was short-lived, it triggered a wave of policy reviews inside organizations across Europe and beyond, including nonprofits. Many discovered, for the first time, that staff had been routinely pasting client information, case notes, and sensitive intake data into AI tools to help draft reports and summaries. No one had told them not to. No policy existed. The tools were free, fast, and helpful. The privacy implications simply hadn't been part of the conversation.

For nonprofits serving vulnerable populations, domestic violence survivors, undocumented immigrants, people in addiction recovery, youth in foster care, the stakes around data privacy are not abstract. A client's name, address, or case details entered into a public AI tool can potentially be stored, used to improve the model, or exposed in a data breach. OpenAI's default settings, as of 2024, allow conversation data to be used for training unless users actively opt out or use enterprise versions with stronger data protections. Most free-tier users, which describes many nonprofits, are operating under the less protective defaults.

The deeper issue is that privacy in the nonprofit context is not just a compliance matter, it is a trust relationship with people who are often already in precarious situations. A domestic violence organization that accidentally exposes a client's location through a data breach isn't just facing a legal problem. It may be putting someone's life at risk. This is the level of seriousness responsible AI use requires. The good news: the practical steps to protect privacy are not complicated. They require policy, training, and clarity, not technical expertise.

AI Use CasePrivacy Risk LevelSafer Alternative Approach
Pasting client case notes into ChatGPT to draft a reportHigh, identifiable client data enters a third-party systemAnonymize all details first; replace names with 'Client A,' remove locations and dates
Using Copilot inside Microsoft 365 (enterprise license) to summarize meeting notesLow-Medium, data stays within your org's Microsoft tenantConfirm your license includes data protection terms; check with your IT contact
Uploading a donor list to an AI tool to generate personalized emailsHigh, donor PII sent to external systemUse mail merge tools within your CRM; only use AI to write template language
Asking ChatGPT to help write grant narrative (no client data included)Low, no personal data involvedProceed; review output carefully for accuracy before submitting
Using Notion AI to summarize internal staff meeting notesLow-Medium, depends on Notion's enterprise data termsReview Notion's data processing agreement; avoid including client names in notes
Generating social media content with Canva AI using stock imagesVery Low, no personal data involvedProceed; standard content review process applies
Privacy risk varies significantly by how AI is used, not just which tool. The key variable is whether personal data about clients, donors, or staff enters an external system.

A Teacher's Lesson About Transparency

Consider a high school teacher working for an education nonprofit in Chicago. She starts using Claude to help draft differentiated lesson plans for students with varying reading levels, a task that used to take her Sunday afternoons. The AI-assisted plans are genuinely better: more varied, more creative, better scaffolded. She doesn't tell her students or their parents. She doesn't mention it in her team meetings. She figures it's just a productivity tool, like spell-check. Then a parent asks her directly, at a conference, how she designs her lessons. She gives a vague answer. The parent, who works in tech, later notices similarities between her lesson plans and AI-generated content online. The trust conversation that follows is far more damaging than any honest disclosure would have been.

This story plays out in nonprofit contexts constantly, not as deception, but as omission driven by uncertainty. Staff aren't sure if they're supposed to disclose AI use. Leadership hasn't set a policy. Everyone assumes someone else has figured it out. The result is a culture of quiet, uncoordinated AI adoption where no one is accountable for the outputs and no one has thought through what transparency means for the people the organization serves. For nonprofits, where public trust is the foundation of fundraising, partnerships, and community relationships, this ambiguity carries real risk.

The Transparency Test: Three Questions Before You Use AI

Before using AI for any output that will go to clients, donors, funders, or the public, ask yourself three questions: (1) Would the person receiving this be surprised to learn AI helped create it? (2) Does it matter to them, would it change how they interpret or trust it? (3) Does your organization have a stated position on this? If the answer to any of these is 'yes' or 'I don't know,' that's a signal to pause, disclose, or escalate to leadership before proceeding. Transparency doesn't always mean a disclaimer on every email. It means operating in a way you'd be comfortable explaining if asked.

Building Responsible AI Practice Into Your Daily Work

Responsible AI use in nonprofits is not a policy document you write once and file away. It's a set of habits that get built into how your team works day to day. The most effective organizations treat it the same way they treat financial controls or data security: not as a one-time project, but as an ongoing practice with clear ownership. That means someone, even if it's not a full-time role, is responsible for keeping track of which AI tools are in use, what they're being used for, and whether the outputs are being reviewed before they affect people or go public. In a small nonprofit, this might be the operations director. In a larger one, it might be a cross-functional working group.

The practical starting point is an AI use inventory, a simple list of every AI tool currently being used across your organization, what it's being used for, who approved it, and what data it touches. Most nonprofits that do this exercise for the first time are surprised by how many tools are already in use without any central awareness. Staff have signed up for free tiers of AI writing tools, volunteers are using AI to draft social posts, a program manager is running grant drafts through ChatGPT. None of it is malicious. All of it is uncoordinated. The inventory creates the foundation for a policy that reflects reality rather than pretending AI isn't already in the building.

From the inventory, two things become possible: establishing clear boundaries (what AI can and cannot be used for, what data can and cannot be shared with AI tools) and identifying where AI is adding genuine value that should be supported and expanded. Responsible AI practice is not about restriction, it's about intentionality. When your team knows the rules, they can use AI more confidently, not less. The organizations that get the most value from AI are the ones that have done the work of deciding what they stand for first, then built their AI use around those values rather than letting the tools drive the decisions.

Conduct Your Organization's AI Use Inventory

Goal: Create a clear, honest picture of how AI tools are currently being used across your nonprofit, so you can build responsible policies based on reality, not assumptions.

1. Open a shared document or spreadsheet and create five columns: Tool Name, Who Uses It, What It's Used For, What Data It Touches, and Approved By Whom. 2. Send a brief, non-judgmental message to your team explaining that you're mapping AI tool usage to build better guidelines, emphasize that this is not about finding fault, but about getting organized. 3. Ask each team member or department to fill in one row for every AI tool they use regularly, including free tools, browser extensions, and built-in features like Grammarly, Canva AI, or Copilot. 4. Review the completed inventory and highlight any rows where client data, donor data, or other sensitive information is listed under 'What Data It Touches.' 5. For each highlighted row, note whether the tool has a privacy policy or data processing agreement that covers your organization's obligations, check the tool's website under 'Privacy' or 'Enterprise' sections. 6. Identify two or three AI use cases from the inventory that are clearly low-risk and high-value, these are candidates for your first formal AI use guidelines to endorse. 7. Identify one or two use cases that involve sensitive data or client-facing outputs without a clear review process, these need a decision before continuing. 8. Draft a one-page summary of your findings for leadership or your board, framing it as 'here's where we are, here's what we recommend', not as a compliance audit. 9. Schedule a 30-minute team conversation to share findings, answer questions, and agree on the next step, even if that's just 'we'll revisit this in 90 days.'

Key Principles from Part 2

  1. AI tools inherit biases from historical data, and in equity-focused work, those biases can directly undermine your mission without anyone intending harm.
  2. Speed and scale amplify whatever assumptions are built into an AI system, making human oversight of consequential decisions non-negotiable.
  3. Privacy risk in AI use is determined by what data enters an external system, not just which tool you're using, always ask 'what information am I sharing, and where does it go?'
  4. Vulnerable populations served by nonprofits often face higher real-world consequences from privacy failures than typical consumers, this requires a higher standard of care, not just compliance.
  5. Transparency about AI use is a trust issue, not just a legal one, the standard is whether you'd be comfortable explaining your process if asked directly.
  6. Responsible AI practice requires ongoing habits and clear ownership, not a one-time policy document, treat it like financial controls or data security.
  7. An AI use inventory is the essential first step for any nonprofit that wants to move from uncoordinated adoption to intentional, values-aligned practice.

Takeaways

  • Bias in AI is structural, not intentional, it reflects the data the tool was trained on, which often encodes historical inequities your organization is trying to correct.
  • Use AI in hiring and screening for administrative tasks only; keep humans accountable for decisions that affect people's opportunities.
  • Never enter identifiable client, donor, or staff information into a free-tier AI tool without first checking the platform's data retention and training policies.
  • The transparency standard for nonprofits is higher than for commercial organizations, your stakeholders trust you with their stories, their money, and their communities.
  • Start with an AI use inventory before writing any policy, you need to know what's already happening before you can govern it effectively.
  • Responsible AI use is a competitive advantage in the nonprofit sector: funders, partners, and communities are increasingly asking about it, and organizations with clear practices will stand out.

When Good Intentions Meet Flawed Data

In 2021, the St. George's Hospital Medical School in London discovered that its AI-assisted shortlisting tool had been quietly discriminating against female applicants and those with non-European names for over a decade. The system had been trained on historical admissions data, data that reflected the biases of the humans who made those decisions before it. Nobody programmed discrimination into the tool. It learned discrimination from the past. The hospital's intention had been to save time and reduce human error. The outcome was the opposite: systematic unfairness, amplified at scale and hidden inside an algorithm.

For nonprofits, this story carries a specific warning. Organizations working in social services, housing, health equity, or education often use historical program data to inform decisions about who gets resources, who gets flagged for follow-up, or who gets prioritized for services. If that historical data reflects past inequities, and it almost always does, then an AI tool trained on it will perpetuate those inequities with alarming efficiency. The mission says 'serve everyone fairly.' The AI, unchecked, says 'serve who you've always served.'

The principle here is not that AI is dangerous. It is that AI is a mirror. It reflects whatever patterns exist in the data you feed it. The St. George's case wasn't fixed by banning AI, it was fixed by auditing the training data, setting explicit fairness criteria, and keeping humans in the decision loop. That combination, audit, criteria, human oversight, is the responsible use framework every nonprofit team can apply starting this week.

Bias in AI Is a Data Problem, Not Just a Tech Problem

When an AI tool produces unfair or skewed outputs, the root cause is almost always the data it was trained on or the prompts it received, not a mysterious malfunction. Nonprofits can reduce bias risk by reviewing what information they feed into AI tools, checking outputs against their equity commitments, and never automating final decisions that affect vulnerable people without human review.

Transparency With Clients and Communities

Crisis Text Line is one of the largest mental health text services in the United States, handling millions of conversations with people in acute distress. In 2022, it came under significant criticism when it was revealed the organization had been sharing anonymized conversation data with a for-profit spinoff to train commercial AI products. Crisis Text Line argued the data was anonymized and the research was beneficial. Critics, including mental health professionals and privacy advocates, argued that people texting a crisis line had a reasonable expectation that their words would not fuel a commercial AI product. The backlash was swift. The data-sharing arrangement was ended within days.

The lesson is not about whether the data sharing was technically legal. It almost certainly was. The lesson is about the gap between what is permissible and what communities trust. Nonprofits operate on trust. The moment a beneficiary community feels their information was used in ways they didn't understand or consent to, that trust fractures, and rebuilding it is far harder than protecting it in the first place. Responsible AI use means telling people, in plain language, when AI is involved in your work and what happens to their information.

Practical transparency doesn't require legal documents or technical explanations. It means adding a sentence to intake forms: 'We use AI tools to help staff respond faster. Your information is never shared externally.' It means briefing your board. It means training frontline staff so they can answer a client who asks, 'Did a computer make this decision about me?' honestly. Transparency is not a compliance checkbox, it is a relationship practice.

Drafting a Plain-Language AI Transparency Statement for Clients

Prompt

I work for a nonprofit that provides housing assistance to low-income families. We're starting to use ChatGPT to help staff draft case notes and summarize client intake forms. Write a plain-language transparency statement we can add to our client intake paperwork. It should be honest about how we use AI, reassure clients their data is protected, and be written at a 6th-grade reading level. Keep it under 100 words.

AI Response

How We Use Technology to Serve You Better Our staff sometimes use an AI writing tool to help them take notes and organize information more quickly. This means they can spend more time with you and less time on paperwork. Here's what that means for you:. A staff member always reviews everything before it's used.. No computer makes decisions about your case. People do.. Your personal information stays within our organization. We do not share it with outside companies.. You can ask us any questions about this at any time. We use technology to support our team, not to replace the human care you deserve.

The Accountability Gap in Smaller Organizations

Feeding America, the largest hunger relief organization in the United States, has a dedicated data science team and formal AI governance policies. Most nonprofits do not. A food pantry with four staff members and a $200,000 annual budget doesn't have a Chief Data Officer. When that food pantry starts using ChatGPT to write grant proposals and Canva AI to design outreach materials, nobody has written down what the rules are. That accountability gap is where responsible AI use breaks down, not through malice, but through the absence of any agreed standard.

The solution is not to hire a data scientist. It is to have a 30-minute team conversation and write one page of guidelines. Which AI tools are approved? What data can staff paste into them? Who reviews AI-generated content before it goes out? What do we do if something goes wrong? Small organizations can govern AI responsibly with a simple internal policy document, the equivalent of deciding who can sign contracts or who approves social media posts. The size of your team does not change your accountability to the people you serve.

Risk AreaWhat Can Go WrongWhat Responsible Practice Looks Like
Biased OutputsAI recommends resources based on patterns that disadvantage certain groupsAudit outputs regularly; compare results across demographic groups
Data PrivacyStaff paste client personal information into public AI toolsSet clear rules on what data can enter AI tools; use enterprise versions with privacy protections
TransparencyClients don't know AI is involved in their caseAdd plain-language disclosure to intake forms and client communications
AccountabilityNo one knows who is responsible when AI output causes harmAssign a named staff member to review AI use; document your AI policy in writing
Over-RelianceStaff accept AI outputs without critical reviewTrain staff that AI is a first draft, not a final answer, human judgment always closes the loop
Five responsible AI risk areas for nonprofits, with practical responses for small and large teams alike.

A Teacher Who Got It Right

Maria is an adult literacy instructor at a community learning center in Phoenix. She started using ChatGPT to generate customized reading exercises for students with different skill levels. Before using it with students, she did something small but significant: she told them. She explained that a computer program helped her create the worksheets, that she reviewed everything before using it, and that the goal was to give each of them materials that fit their learning pace. Her students, many of whom were immigrants navigating complex systems, responded with curiosity rather than suspicion. Several asked to see how it worked.

Maria's approach embodies what responsible AI use looks like at the individual practitioner level. She didn't wait for an organizational policy. She applied her own professional judgment: be honest with the people you serve, stay in control of what goes out under your name, and use AI to extend your capacity without outsourcing your care. That instinct. AI assists, humans decide, is the standard every nonprofit professional can hold themselves to, regardless of what tools their organization has officially approved.

The One-Page AI Policy Any Team Can Write This Week

Gather your team for 30 minutes. Answer four questions together: (1) Which AI tools can staff use for work tasks? (2) What types of information should never be entered into an AI tool, client names, case details, financial data? (3) Who reviews AI-generated content before it's sent externally? (4) Who do staff go to with questions or concerns? Write the answers down. Share the document. Review it in six months. That's a responsible AI policy for a small nonprofit.

Putting Responsible AI Into Daily Practice

Responsible AI use is not a one-time decision, it is a daily habit. The most effective nonprofit teams treat AI outputs the way a good editor treats a first draft: useful raw material that needs a human eye before it goes anywhere. This means reading AI-generated grant language for accuracy before submitting, checking AI-summarized meeting notes against what was actually said, and questioning AI-suggested outreach lists to see whether they reflect the full community you serve or just the part your data over-represents.

It also means building a culture where staff feel safe flagging problems. If someone notices that AI-generated client letters sound cold, or that a suggested resource list is missing services used by Spanish-speaking families, that feedback should be welcomed, not dismissed as being difficult about technology. The organizations that use AI most responsibly are the ones where critical thinking about AI outputs is encouraged at every level, not just at the top.

Finally, responsible AI use means revisiting your practices as the tools change. ChatGPT, Claude, and Gemini are updated regularly. Capabilities expand. New risks emerge. Setting a calendar reminder to review your AI practices every six months, the same way you review your data security or financial controls, keeps your organization ahead of problems rather than reacting to them. The goal is not perfection. It is continuous, honest attention to whether the tools you use are serving your mission and the people who depend on it.

Create Your Nonprofit's First AI Responsibility Checklist

Goal: Produce a one-page, working AI responsibility document your organization can use immediately, covering approved tools, data boundaries, human review steps, and a plain-language client disclosure statement.

1. Open a free tool: Google Docs, Microsoft Word, or Notion. Create a new document titled 'Our AI Use Guidelines, [Your Organization Name].' 2. Write one sentence stating your organization's overall principle for AI use. Example: 'We use AI tools to extend our team's capacity, while keeping humans responsible for all decisions that affect the people we serve.' 3. List the AI tools currently used by your team, include anything from ChatGPT to Canva AI to Grammarly. Note what each tool is used for. 4. Write a 'Do Not Enter' list: specific types of information staff should never paste into AI tools (client names, case numbers, Social Security numbers, medical details). 5. Name one staff member who will serve as the point of contact for AI questions and concerns. 6. Write a two-sentence transparency statement you could add to client intake forms explaining your AI use in plain language. Use the prompt example in this lesson as a starting point. 7. List three AI output types your team currently produces (grant drafts, social posts, case note summaries) and note who reviews each before it goes out. 8. Set a review date, six months from today, when your team will revisit and update these guidelines. 9. Share the document with your team and schedule 20 minutes to walk through it together.

  1. AI tools reflect the patterns in the data they're trained on, historical bias in your data becomes automated bias in your outputs if left unchecked.
  2. The gap between what is legally permissible and what communities trust is where nonprofit credibility is won or lost. Transparency about AI use is a relationship practice, not a compliance task.
  3. Small organizations can govern AI responsibly without technical staff, a one-page policy, a named point of contact, and a regular review schedule is enough to start.
  4. Responsible AI use is a daily habit: read outputs critically, flag problems openly, and treat AI content as a first draft that always needs human review before it represents your organization.
  5. Revisit your AI practices every six months. The tools evolve quickly, and what was low-risk six months ago may carry new considerations today.

Featured Reading

This lesson requires Pro

Upgrade your plan to unlock this lesson and all other Pro content on the platform.

Upgrade to Pro

You're currently on the Free plan.

Practice this in a lab

Prompt a Better Business Plan Section

beginner · 10 min

Fix the Broken Brief: Writing AI Prompts That Actually Help a Crisis Hotline

beginner · 12 min