Many use personal AI accounts for business purposes - raising risks for employers who must know rules for data privacy
Cybersecurity risks facing Canadian employers are largely limited to outside actors breaching a firewall.
But increasingly, thanks to new tech, the risks begin inside the organization – with an employee typing a performance management scenario into a free ChatGPT account or pasting a spreadsheet into an AI tool to sort data faster.
Nearly two-thirds (64.5 percent) of all activity on personal and free-tier AI accounts is business use, not personal use, according to an analysis released this month by Harmonic Security, which studied more than 1.9 million classified AI session minutes across tools including ChatGPT, Claude, Google Gemini, and Microsoft Copilot.
More than 70 percent of employees are using AI tools every week, and up to one-third are doing so without IT oversight.
Cybersecurity risks rising
According to Tammy Sergie, chief HR and privacy officer at Edgewood Health Network (EHN), these everyday free-use and unsanctioned employee habits are creating exposures that compound in ways most employers have not thought through.
And with AI capabilities advancing rapidly, the window for getting ahead of it is narrowing.
Sergie, who oversees HR, legal, payroll, and privacy for both patients and employees at Edgewood Health Network, says the pattern is already visible in her own workplace.
"We rarely have conversations with employees that do not come from suggested script from ChatGPT," she says.
"In order for them to generate a response that's scripted through the tool, they need to input their specific scenario – and so they're putting personal information of themselves and the scenarios and sometimes names of the individuals involved right directly into unsanctioned personal and sometimes free [accounts]."
The risk is not theoretical, she explains. Data entered into free AI tools is stored by those platforms, and that information can become part of a much larger data ecosystem.
"What we [think] has very little risk is something that is a part of a much larger platform, where the risk is much larger than we realize," Sergie says.
"The data gets transported by vendors. There's cyber attacks and privacy breaches that happen on a regular basis."
How employee data becomes cyber threat
What makes this particularly dangerous is how data points accumulate, Sergie says. A name, a company, a city, a personal detail shared in passing; individually, each seems low-risk, but together they enable sophisticated attacks.
"If the same fraudulent body gets a hold of multiple data points and they're able to match the individual to those data points, they are then able to engage in more active and proactive cyber attacks, identity hijacking,” Sergie says.
This risk is compounded by the emergence of more powerful AI models. The April 2026 launch of Anthropic's Mythos model – made available to only a controlled group of organizations including Amazon, Microsoft, Nvidia, and Apple through a program called Project Glasswing – prompted alarm because the model can identify and exploit previously unknown software vulnerabilities faster than organizations can patch them.
For HR professionals managing payroll systems, employee health records, and sensitive personnel data, that kind of capability represents a direct threat to the integrity of their data infrastructure.
HR data governance gap
The challenge for HR goes beyond cybersecurity in the traditional sense. It is also a question of data governance – specifically, whether employee data collected for one purpose is being used, shared, or exposed for another.
Sergie sees this as a foundational privacy principle that Canadian organizations routinely fail to apply: that data collected for a specific purpose must not then be used for other purposes, without consent.
"An employee coming into work for an employer is providing us private information for the purposes of being employed at a company – they're not handing off their private information for us to use it for any other purpose,” she says.
“But in the meantime, we may come up with a partnership with another company that will help productivity levels go up, and we may share with the vendors that we partner with within the organization some of that data."
According to Sergie, HR professionals need to be asking one question consistently: what was the purpose of collecting this information, and are we still acting within the scope of that purpose?
Those managing employee privacy and HR compliance in Canada, she adds, should note that organizations sharing data with vendors – even through legitimate enterprise AI tools – may be doing so in ways that fall outside the original consent employees provided when they were hired.
"If the purpose does change, the right thing to do is to ask for consent for that personal information to be used outside of that scope," Sergie says.
“But big data is a big obsession of corporate America and corporate Canada, and so it is not often being used within the scope of the purpose that was collected, and that in itself is a large risk.”
