Claude Best Practices & Safety — Claude Foundations

The AI trust equation

A marketing team used Claude to draft a press release about a new product launch. They included internal revenue numbers, unreleased feature names, and competitive pricing analysis in the prompt — all confidential data. The press release was great. But nobody asked: where did that data go?

Using AI effectively means using it responsibly. This module covers the practices that let you get maximum value from Claude while protecting yourself, your team, and your organization.

⚠️This matters more than you think

AI mistakes are amplified mistakes. If Claude helps you write a report with a wrong number, that number goes to your stakeholders with your name on it. If you paste sensitive data into a prompt, it's been shared with a third-party service. The responsibility is always yours.

Data privacy: what to share and what to keep

The golden rule

Never paste anything into Claude that you wouldn't email to a trusted external consultant. That's the baseline. Then layer on your organization's specific AI policy.

✗ Without AI

✗Passwords, API keys, credentials
✗Personal data (SSNs, medical records, credit cards)
✗Confidential financial data not yet public
✗Trade secrets and proprietary algorithms
✗Customer PII without consent
✗Internal security vulnerabilities

✓ With AI

✓Public information and general knowledge
✓Your own writing drafts and notes
✓Publicly available code (open source)
✓De-identified or aggregated data
✓General business questions and scenarios
✓Hypothetical situations based on real ones

Understanding data policies

Claude.ai (free/Pro) — Anthropic's current policy: conversations may be used to improve models unless you opt out. Check the latest privacy policy at anthropic.com.

Claude Team — Conversations are NOT used for training. Your data stays private to your team.

Claude Enterprise — Full contractual data protection. SSO, audit logs, zero data retention options.

Claude API — Data is NOT used for training by default. API data is retained for 30 days for abuse monitoring, then deleted.

💡Check before you paste

Before using Claude with any work data, check: (1) Does your organization have an AI usage policy? (2) Which Claude tier are you using? (3) Is the data you're about to share classified as confidential? When in doubt, anonymize.

There Are No Dumb Questions

Can I opt out of data training on the free tier?

Check Anthropic's current settings — opt-out options may be available in account preferences. For guaranteed data protection, use Claude Team, Enterprise, or the API.

Is Claude HIPAA compliant?

Claude Enterprise can be configured for HIPAA-compliant use cases with a Business Associate Agreement (BAA). The free tier and Pro plans are not HIPAA compliant. Never paste patient data without proper agreements in place.

What happens to file attachments?

Files you upload are processed for the conversation and subject to the same data policies as text. They're not stored permanently, but they are sent to Anthropic's servers for processing.

Understanding Claude's limitations

Being effective with Claude means knowing exactly where it fails:

Hallucinations

Claude can generate plausible-sounding information that is completely wrong. This is called hallucination and it's the most important limitation to understand.

High hallucination risk	Lower hallucination risk
Specific statistics and numbers	General concepts and explanations
Quotes and citations	Summarizing text you provide
Recent events (after training cutoff)	Widely known historical facts
Niche domain claims	Logic and reasoning
URLs and links	Code (verifiable by running it)

Mitigation: Always verify specific facts, numbers, quotes, and citations. Use Claude for reasoning and drafting, not as a fact database.

Knowledge cutoff

Claude's training data has a cutoff date. It doesn't know about events, product updates, or publications after that date. When you need current information:

Tell Claude the date and provide relevant context
Paste in current data rather than asking Claude to recall it
Use Claude's tool-use capabilities with web search for live data

Context window limits

Even with 200K tokens, you can hit limits on very long conversations or massive documents. When you approach the limit:

Start a new conversation with a summary of prior context
Break large documents into focused sections
Use /compact in Claude Code to summarize and free up space

⚡

Spot the hallucination risk

25 XP

For each of these tasks, rate the hallucination risk (Low/Medium/High) and explain why: 1. "Summarize this report I'm pasting in" 2. "What were Anthropic's exact revenue numbers in 2025?" 3. "Explain how photosynthesis works" 4. "Give me the citation for the 2023 paper by Smith et al. on transformer efficiency" 5. "Debug this Python function that returns incorrect results"

The verification habit

The most important practice for working with Claude: always verify before you share.

For numbers and statistics — Cross-reference with the original source. Never cite a number just because Claude said it.

For code — Run it. Test it. Don't deploy code you haven't executed. Claude writes good code, but bugs happen.

For factual claims — If you're going to publish it or present it, verify the key claims independently.

For legal or medical content — Claude can draft, but a professional must review. This is non-negotiable.

For emails and communications — Read the final version yourself. Claude might set the wrong tone for your specific relationship.

🔑The 80/20 of verification

You don't need to verify every word. Focus on: specific numbers, names, dates, claims of fact, and anything that would be embarrassing if wrong. Claude's reasoning, structure, and writing quality are usually solid — it's the specific facts that need checking.

Common pitfalls and how to avoid them

Pitfall 1: Over-reliance

The problem: Using Claude for everything without engaging your own expertise.

The fix: Claude is a tool, not a replacement for your judgment. Use it to accelerate your work, not to outsource your thinking. If you can't evaluate whether Claude's output is good, you shouldn't be using it for that task.

Pitfall 2: Prompt laziness

The problem: Typing one-line prompts and complaining about generic results.

The fix: Invest 30 seconds in a good prompt. The ROI is massive. Include context, constraints, and examples. (See Module 4.)

Pitfall 3: Sharing without attribution

The problem: Presenting Claude's output as entirely your own work.

The fix: Know your organization's AI disclosure policy. Many companies now require noting when AI was used in creating documents. Even when not required, transparency builds trust.

Pitfall 4: Ignoring the conversation context

The problem: Continuing a conversation that's become confused or off-track.

The fix: Start fresh. If Claude seems confused or the conversation has drifted, begin a new chat. A clean context produces better results than trying to correct a muddled one.

Pitfall 5: Not learning from good outputs

The problem: Getting great results from Claude but not saving the prompt or workflow.

The fix: When Claude nails a task, save the prompt. Build a personal library of proven prompts for recurring tasks. Share effective prompts with your team.

Responsible AI use at work

Creating an AI usage policy

If your organization doesn't have one yet, here's a framework:

Define approved tools — Which AI tools are sanctioned? What tier? (e.g., "Claude Team accounts only, no personal accounts for work data")

Classify data sensitivity — What data can be shared with AI tools? What's off-limits? Create clear categories.

Set disclosure requirements — When must AI use be disclosed? In client deliverables? Internal reports? Code commits?

Establish review processes — Who reviews AI-generated content before it goes external? What verification is required?

Train the team — Don't just write a policy — teach people how to use AI effectively and responsibly.

The human-in-the-loop principle

The most important principle for AI at work: a human must review and take responsibility for anything that leaves the team. Claude drafts; you sign off. Claude analyzes; you decide. Claude codes; you review and deploy.

100%Human review for external content

0Confidential data in prompts

80%Time savings with proper AI use

The future of working with Claude

Claude is improving rapidly. New capabilities are released regularly — better reasoning, longer context, new modalities (vision, tool use), and deeper integrations. The foundations you've built in this course — understanding the tools, writing good prompts, knowing the limitations — will serve you regardless of which version of Claude you're using.

The professionals who thrive in the AI era aren't the ones who know the most about AI. They're the ones who know how to combine AI capabilities with their own expertise to produce work that neither could do alone.

⚡

Create your personal AI guidelines

50 XP

Write a personal AI usage guide for yourself. Include: 1. What tools you'll use and for what 2. What data you will and won't share 3. Your verification process for different content types 4. How you'll disclose AI use 5. Three specific workflows where Claude adds the most value This becomes your personal operating manual for working with AI.

Knowledge Check

1.What is the safest approach to handling confidential data with Claude?

2.Which type of Claude output has the HIGHEST risk of hallucination?

3.What does the 'human-in-the-loop' principle mean for AI at work?

4.What should you do when Claude gives you a great result?