# Educational Governance Guide

This guide is educational and must be reviewed against local organizational policy, legal, privacy, security, and compliance requirements before use.

## Purpose

The goal is to help teams ask better questions before using AI in healthcare operations work. This guide is not a substitute for local policy or formal review.

## Practical Questions

Before using AI, ask:

1. What data is being used?
2. Could the content identify a patient, employee, provider, facility, system, or internal process?
3. Is the data synthetic, de-identified, public, internal, or sensitive?
4. What tool will process the data?
5. Who can access the input, output, and logs?
6. What human review is required before use?
7. What local approval or review is needed?

## Public-Safe Reusable Material

Reusable public examples should use:

- Synthetic examples
- De-identified scenarios
- Generic templates
- Educational descriptions
- No internal logs, screenshots, tickets, or records

## Escalate For Local Review

Pause and seek appropriate local review when a workflow involves:

- Patient-identifiable information
- Employee-identifiable information
- Internal incident details
- Non-public system configuration
- Contractual, legal, financial, or security-sensitive content
- Unclear platform retention, access, or logging behavior

## Human Review Standard

AI output should be treated as a draft. The accountable human reviewer should verify facts, remove unsupported claims, check data boundaries, and decide whether the output can be used.