Your First AI Experiment as a Board Member: Low-Risk, High-Learning

Eran Goldman-Malka · July 13, 2026

The fastest way to build AI literacy is to use AI yourself—but do it in a way that is safe, low-stakes, and educational. The goal is not “to become a power user.” The goal is to understand where AI helps, where it misleads, and what controls matter in real life.

The Two Rules That Keep You Safe

  1. Don’t paste anything you wouldn’t put on a projector in a public meeting. (Assume the text could end up in logs, screenshots, or a vendor system you don’t control.)
  2. Treat outputs as drafts, not facts. Always verify claims that matter.

A 30-Minute, Board-Relevant Experiment (No Sensitive Data)

Pick a public document and ask the AI to:

  • summarize the key arguments in 10 bullets
  • extract decision points and open questions
  • write 5 board-level oversight questions
  • identify assumptions and missing data

Then do the “verification step”:

  • ask it to cite where each claim comes from (or quote exact passages)
  • check 3–5 claims yourself against the source

This gives you direct experience with both the upside (speed) and the core weakness (plausible errors).

Safe Use Cases for Personal Learning

These are high-learning and usually low-risk:

  • rewriting your notes into clearer language (using non-sensitive content)
  • preparing for a meeting: “what questions should I ask about X?”
  • comparing two public policy documents or news articles
  • drafting agendas, talking points, and action lists

Common Mistakes (and What They Teach You)

  • Over-trusting fluency: the model sounds confident; you stop verifying. Lesson: governance needs verification design.
  • Sharing sensitive information: you treat a chat like a private notebook. Lesson: data handling and training/retention terms matter.
  • Using AI for consequential decisions (hiring, performance, coverage, pricing) without safeguards. Lesson: high-impact domains require stronger controls and human oversight.

Privacy and Data Protection: What to Keep in Mind

If AI use involves personal data, organizations need to think about lawful basis, purpose limitation, transparency, and safeguards—especially when AI models might “absorb” personal data into parameters or reproduce it in outputs.

Two useful regulator resources:

  • The EDPB’s Opinion 28/2024 on AI models and personal data (EU perspective) (EDPB PDF)
  • The UK ICO’s guidance on AI and data protection (practical controls, fairness, lifecycle thinking) (ICO guidance)

Turn Your Personal Learning Into Board Oversight

After your first experiment, you’ll be able to ask management better questions:

  • Where do we verify outputs, and where do we “trust” them?
  • What data can staff put into tools, and how is that enforced?
  • What is our policy for shadow AI usage?
  • What is our incident plan when AI produces harmful outputs?

Before experimenting at scale, learn the safe patterns. My board courses cover practical AI usage, cyber hygiene for AI, and governance basics. I also consult with boards on responsible AI adoption. Contact me.


Relevant Sources

  1. EDPB Opinion 28/2024 on AI models and personal data (PDF) — European Data Protection Board — https://www.edpb.europa.eu/system/files/2024-12/edpb_opinion_202428_ai-models_en.pdf
  2. Guidance on AI and data protection — UK ICO — https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/artificial-intelligence/guidance-on-ai-and-data-protection/
  3. AI Risk Management Framework (overview) — NIST — https://www.nist.gov/itl/ai-risk-management-framework
  4. Generative AI Profile (NIST AI 600-1) — NIST — https://www.nist.gov/publications/artificial-intelligence-risk-management-framework-generative-artificial-intelligence
  5. Article 4: AI literacy — EU AI Act Service Desk — https://ai-act-service-desk.ec.europa.eu/en/ai-act/article-4

Twitter, Facebook