TL;DR: An AI use policy does not need to be long; it needs to be specific. Six sections cover the ground: scope and definitions (what counts as AI use, who is bound); approved tools by name, in three tiers, with a request path; client-data rules (what may enter which tools, anchored to vendor commitments like no training on your data); the verification duty (no output relied on until a lawyer checks it against its cited source); client disclosure (a standing engagement-letter sentence plus case-by-case candour); and training, breach handling, and a six-month review. Write it in plain language, keep it under three pages, and name an owner.
By mid-2026 the question inside firms is no longer whether lawyers use AI - they do, approved or otherwise - but whether the firm has written down the rules. The gap matters: unwritten norms produce shadow use on personal accounts, inconsistent client disclosure, and the worst possible position after an incident (we had no policy). The fix is neither a ban nor a fifty-page framework nobody reads. It is a short, specific policy that makes the safe path the easy path. This walkthrough builds one, section by section, with the drafting choices explained so you can adapt each to your firm.
Why your firm needs this in writing now
Three forces converge on the same conclusion. Regulators and bars have moved from silence to expectation: competence duties are now widely read to include understanding the AI tools used on client matters, and a growing body of bar guidance addresses confidentiality, supervision, and candour with courts about AI-assisted work. Clients have moved too - outside counsel guidelines increasingly ask what tools touch their data and under what controls, and a firm that answers with a shrug loses the panel spot. And the incidents are real: courts have sanctioned lawyers for filing fabricated AI citations, a failure mode a one-line verification rule would have prevented.
A written policy converts each pressure into an answer: it is the artefact you show the client audit, the training baseline for new joiners, and the evidence of a system of supervision if something goes wrong despite it. For the broader governance picture around the policy, see our guide to AI governance for law firms.
Section 1: Scope and definitions
Open by drawing the boundary. Who is bound: everyone who touches client work - partners, associates, trainees, paralegals, staff, and contractors, on firm or personal devices. What counts as AI use: define it functionally rather than technically - any tool that generates, summarises, analyses, translates, or extracts from text or documents - so the policy covers the AI features quietly embedded in ordinary software, not just the obvious chatbots. What the policy is for: one sentence - to let the firm use AI productively while protecting client confidences, work quality, and professional obligations - so readers understand the policy enables rather than merely forbids.
Resist the temptation to define AI by named technologies; the definitions rot in months. The functional definition plus the approved-tools appendix (next section) does the same work and survives updates.
Section 2: Approved tools and the approval path
This is the section that determines whether the policy governs reality or coexists with shadow use. Name tools explicitly, in three tiers, in an appendix updatable without re-approving the policy:
| Tier | Meaning | Example criteria |
|---|---|---|
| Approved for client work | May process client and matter data | No training on firm data; encryption; role-based access; audit trail; vendor terms reviewed |
| Permitted for non-client work | Internal drafting, learning, admin - never client data | General tools without the guarantees above |
| Prohibited | Not for firm work at all | Consumer tools on personal accounts; tools with training rights over inputs |
Two drafting details carry the weight. State the criteria for the approved tier, not just the names - it teaches the firm what good looks like and speeds the next approval. And give the policy a request path: a named person to whom anyone can propose a new tool, with a committed response time. Shadow use is mostly a symptom of a missing legitimate route; build the route into the policy.
Section 3: Client data and confidentiality rules
The confidentiality section should fit on an index card, because it must be recalled at the moment of pasting. Three rules do it. Client data only in approved-tier tools - never in consumer chatbots, never on personal accounts. The vendor guarantees are the reason: approved tools must not train on your data (Judicio commits to this), must encrypt, must control access by role, and must keep an audit trail - so the rule is anchored to verifiable commitments rather than vibes. Anonymisation is not a loophole: stripping names rarely strips identifiability from legal facts, so anonymised client scenarios in unapproved tools still need permission.
Add the engagement-specific overlay: some clients impose their own AI terms in outside counsel guidelines, and the policy should require checking them at matter open - the firm default yields to the stricter client rule. For the underlying security analysis your approved-tier criteria should reflect, see legal AI data security and confidentiality.
Section 4: Verification and supervision duties
This is the section that prevents the sanctions headlines, so make it personal and unambiguous: no AI output is relied on, filed, or sent until a lawyer has verified it - and for anything citing authority, verification means opening the cited source, not admiring the citation's formatting. Assign the duty to the lawyer using the tool, and make supervision explicit for delegated work: the supervising lawyer owns verification of AI-assisted work product exactly as they own a trainee's research memo.
Two practical notes strengthen the section. First, prefer tools that make verification cheap: where every finding, extracted date, and research answer links to the page and passage it came from - as in Judicio - the verification duty costs minutes, which is why it gets done. Second, require that verification be evidenced where the stakes demand it: a note that citations were checked, or reliance on a platform activity trail showing the review happened. The policy's credibility rests on this duty being enforced the one time it is breached - see our piece on human-in-the-loop legal AI for why the loop is the safety mechanism.
Section 5: Client disclosure and engagement letters
Disclosure is where firms most want a bright line and the landscape least provides one: bar positions vary and continue to evolve, and client expectations range from indifference to detailed questionnaires. Draft for that reality with a two-layer approach. The standing layer: a sentence in the engagement letter - the firm uses secure, professionally supervised AI tools to assist with document review, research, and drafting; all work product is reviewed by the responsible lawyer - which normalises routine, verified use. The specific layer: a duty of candour for uses that materially shape the representation or that a court or client has specifically asked about, escalated to the relationship partner.
Pair the section with a billing note - AI-accelerated work should be billed honestly for the time actually spent - and a pointer to the firm's answers for outside counsel guideline questionnaires, so the disclosure story is consistent across the front door and the fine print. Track your bar's current guidance by jurisdiction; our survey of state bar AI ethics opinions is a starting map.
Section 6: Training, breaches, and review cadence
Close with the operational spine. Training: a short onboarding module for new joiners and an annual refresher - the verification duty and the data rules, taught on the firm's actual approved tools rather than in the abstract. Breach handling: a no-fault reporting path for near misses (the pasted document, the unapproved tool) so the firm learns before an incident, and proportionate consequences for knowing violations. Review: the policy names an owner and a six-month review cycle; each review reconciles the approved-tools appendix against observed use - platform activity records make this factual rather than anecdotal - and against whatever the bar published since.
Keep the whole document under three pages. Every section beyond these six is a candidate for deletion: a policy lawyers read beats a framework they navigate around, every time.
How Judicio helps: a platform your policy can point to
A policy is easier to write - and to keep - when the approved tool already embodies its rules. Judicio gives the approved tier its criteria in practice: no training on your uploads, encryption with role-based access through projects and organisation roles, and a searchable activity trail of who ran what, on which files, and when - the supervision and review sections' evidence base. The verification duty runs on citations: every review finding, matrix cell, timeline event, and research answer links to the page and passage behind it, so checking is a click rather than a re-performance. And shared templates let the firm standardise the workflows the policy approves.
See the law firms solution page for the platform view, and our AI governance guide for the structures around the policy.
Getting started with Judicio
Draft the policy this month: one partner, one afternoon, the six sections above, under three pages. Then make the approved tier real by evaluating a platform against the criteria your own policy sets - the 7-day free trial (500 credits, no credit card) lets the evaluation run on real workflows, and Professional access is $200 per month for 5,000 credits when it passes. Explore the feature set or contact us for the security details your appendix will ask about. And as your own policy will now say: verify every output - including this one - against its sources; outputs are not legal advice.
