1
Context and constraints
- Staff were already using public AI tools informally, with no guidance on what data was safe to share.
- Leadership wanted to encourage innovation but needed assurance that pupil data and safeguarding obligations were protected.
- The school had no existing AI policy and needed practical guidance, not a theoretical framework.
2
Approach pattern
- Classified data into tiers: public, internal, sensitive, and restricted, with clear rules for each in AI contexts.
- Selected enterprise AI tools with appropriate data processing agreements and UK data residency.
- Ran role-specific training sessions for teachers, admin staff, and leadership with real workflow examples.
3
Operational handover
- Delivered a practical AI acceptable use policy written in plain language for all staff.
- Created a simple decision tree for staff: 'Can I use AI for this?' with clear yes/no/ask guidance.
- Established a termly review process to update policy as AI tools and school needs evolve.