SERVESSolo · Small · Mid-sized firms
FORMATFixed-fee · 1-8 wks
JURIS.50 states + DC
BOOKINGThrough July 2026
STATUSAccepting
IXSOR® EST 2026 · SINCE 2020 [ TEL ]919.901.0001SMS FILE NO. P / 2026
IXSOR.   RESOURCE / TEMPLATE
ixsor.com/resources/templates/firm-ai-usage-policy-template · AI implementation for legal practitioners · Not legal advice
[ RESOURCE / TEMPLATE ]

Firm AI Usage Policy — fillable template.

A 12-section AI usage policy for a law firm, mapped to ABA Model Rules 1.1, 1.4, 1.6, 5.3, and 1.5. Bracketed placeholder fields throughout. Designed as a starting draft the firm reviews with ethics counsel, not a finished policy. Operationalises the Rule 5.3 expectation that AI-using firms have written governance.

Use case:Rule 5.3 supervision documentation; firm-level AI governance file; audit-defensible policy artifact Category:Governance & Templates Tools:Word, Google Docs, Pages, any text editor

Read this first

IXSOR is not a law firm and this is not legal advice. This resource is a starting artifact you, the lawyer, customize and apply with judgment. Verify every assertion against primary sources. Cross-check against your jurisdiction’s rules and your specific situation before relying on it. Full disclaimer below.

The template

Copy this into Word, Google Docs, or your text editor of choice. Replace the bracketed placeholder fields with firm-specific values.

Download as PDF 
[FIRM NAME] — Artificial Intelligence Usage Policy
Effective Date: [YYYY-MM-DD]
Version: 1.0
Approved by: [MANAGING PARTNER NAME], [TITLE]

──────────────────────────────────────────────────────────────────
PREAMBLE
──────────────────────────────────────────────────────────────────

[FIRM NAME] (the "Firm") is committed to the competent, ethical, and
confidential use of artificial intelligence ("AI") tools in the practice
of law. This Policy operationalises the Firm's obligations under the
[STATE BAR — e.g., North Carolina State Bar] Rules of Professional
Conduct, the ABA Model Rules of Professional Conduct, and applicable
state-bar formal opinions on AI use, including ABA Formal Opinion 512
(July 2024).

──────────────────────────────────────────────────────────────────
SECTION 1 — SCOPE AND DEFINITIONS
──────────────────────────────────────────────────────────────────

1.1 "AI" or "artificial intelligence" means any machine-learning system
that produces outputs in response to user inputs, including but not
limited to: large language models (e.g., GPT-4, Claude, Gemini), legal-
research AI (e.g., CoCounsel, Vincent, Lexis+ AI, Harvey), document-
review AI (e.g., Kira, Luminance, Everlaw), and AI features embedded
within practice-management platforms (e.g., Clio Duo, MyCase IQ).

1.2 This Policy applies to all attorneys, paralegals, secretaries,
contractors, and any other personnel of the Firm (collectively,
"Personnel"), and governs all AI use in connection with Firm work,
client matters, and Firm-issued devices.

1.3 The Firm's Designated AI Compliance Officer is [NAME, TITLE].

──────────────────────────────────────────────────────────────────
SECTION 2 — APPROVED TOOLS
──────────────────────────────────────────────────────────────────

2.1 The following AI tools are approved for use by Firm Personnel as of
the effective date:

    [TOOL NAME, TIER, e.g., "ChatGPT Enterprise"]
    [TOOL NAME, TIER, e.g., "Claude for Work"]
    [TOOL NAME, TIER, e.g., "Clio Duo (within Clio Manage)"]
    [TOOL NAME, TIER, e.g., "CoCounsel (Westlaw subscription)"]

2.2 Use of any AI tool not on the approved list, including consumer-tier
versions of the tools listed above, is prohibited for any work
involving client information, client identifiers, or client matter
content.

2.3 The approved-tools list is reviewed quarterly by the Designated AI
Compliance Officer. Personnel may propose additions in writing.

──────────────────────────────────────────────────────────────────
SECTION 3 — COMPETENCE OBLIGATION (Model Rule 1.1)
──────────────────────────────────────────────────────────────────

3.1 Every attorney using an AI tool must complete tool-specific training
before use, sufficient to make competent decisions about when to rely
on the tool's output.

3.2 Training records are retained by the Designated AI Compliance Officer
and reviewed annually.

3.3 When a tool changes materially (model update, vendor acquisition,
new feature category), affected Personnel complete refresher training
within 30 days of the change.

──────────────────────────────────────────────────────────────────
SECTION 4 — CONFIDENTIALITY (Model Rule 1.6)
──────────────────────────────────────────────────────────────────

4.1 Personnel may not input client information into any AI tool that has
not been added to the approved list under Section 2.

4.2 The following client information may be input into approved
enterprise-tier AI tools where the data-protection addendum has been
executed:
    (a) Document drafts the Firm produced;
    (b) Public-record information about a client matter;
    (c) Anonymised facts where personal identifiers are removed;
    (d) [OTHER FIRM-SPECIFIC CARVE-OUTS]

4.3 The following client information may NOT be input into any AI tool,
regardless of tier or vendor:
    (a) Information protected by attorney-client privilege where the AI
        provider's terms do not preserve confidentiality;
    (b) Protected health information (HIPAA) without a Business
        Associate Agreement;
    (c) Material non-public information of public-company clients;
    (d) [OTHER FIRM-SPECIFIC RESTRICTIONS]

──────────────────────────────────────────────────────────────────
SECTION 5 — SUPERVISION (Model Rule 5.3)
──────────────────────────────────────────────────────────────────

5.1 The supervising attorney for each matter is responsible for non-
attorney use of AI on that matter, including paralegal use of AI for
document drafting, document review, and research.

5.2 Every AI-generated output that leaves the Firm (filings, client
letters, demand letters, opinion letters) is reviewed by the
supervising attorney before transmission.

5.3 The supervising attorney's review is documented in the matter file.

──────────────────────────────────────────────────────────────────
SECTION 6 — COMMUNICATION WITH CLIENTS (Model Rule 1.4)
──────────────────────────────────────────────────────────────────

6.1 The Firm informs clients of AI use in their matters where the use is
material to the representation. Materiality is a judgment call;
disclosure is the conservative practice.

6.2 The Firm's standard engagement letter includes language disclosing
that the Firm uses AI tools as part of its practice and identifying
the categories of work where AI is used.

──────────────────────────────────────────────────────────────────
SECTION 7 — CANDOR TO THE TRIBUNAL (Model Rule 3.3)
──────────────────────────────────────────────────────────────────

7.1 Every cited authority in any document filed with a court or
administrative body is independently verified by an attorney before
filing. Verification is performed against a primary-source legal-
research database (Westlaw, Lexis, CourtListener, Justia, the Federal
Rules), not against AI output.

7.2 Where AI assistance was used in producing a filing, the attorney
who signs the filing is responsible for the accuracy of every cited
authority, every quotation, and every factual representation.
"Mata v. Avianca, Inc., 678 F. Supp. 3d 443 (S.D.N.Y. 2023)" and its
progeny are the operative standard.

──────────────────────────────────────────────────────────────────
SECTION 8 — FEES (Model Rule 1.5)
──────────────────────────────────────────────────────────────────

8.1 The Firm bills only time the Firm actually worked. Time AI did the
work in is not billable.

8.2 For [HOURLY-FEE / FLAT-FEE / CONTINGENT-FEE / MIXED] matters, the
treatment of AI savings is: [DESCRIBE — e.g., "savings reduce the
hour count billed; the hourly rate is unchanged"].

──────────────────────────────────────────────────────────────────
SECTION 9 — DATA RETENTION
──────────────────────────────────────────────────────────────────

9.1 AI-tool conversations and outputs are retained for [N] years after
matter closure, consistent with the Firm's records retention schedule.

9.2 At the end of the retention period, AI-tool records are deleted
along with the matter file.

──────────────────────────────────────────────────────────────────
SECTION 10 — TRAINING
──────────────────────────────────────────────────────────────────

10.1 Each attorney completes annual training covering:
     (a) Updates to approved-tools list;
     (b) New caselaw or bar opinions affecting AI use;
     (c) Firm-specific incidents or near-misses;
     (d) New vendor terms.

10.2 Training is documented; documentation is retained by the Designated
     AI Compliance Officer.

──────────────────────────────────────────────────────────────────
SECTION 11 — ENFORCEMENT
──────────────────────────────────────────────────────────────────

11.1 Violations of this Policy are reported to the Designated AI
     Compliance Officer.

11.2 The Designated AI Compliance Officer determines whether the
     violation requires escalation to the Firm's Ethics Committee or
     external ethics counsel.

11.3 Egregious violations may result in disciplinary action up to and
     including termination.

──────────────────────────────────────────────────────────────────
SECTION 12 — REVIEW AND AMENDMENT
──────────────────────────────────────────────────────────────────

12.1 This Policy is reviewed quarterly by the Designated AI Compliance
     Officer.

12.2 Material amendments require approval by the [MANAGING PARTNER /
     EXECUTIVE COMMITTEE].

──────────────────────────────────────────────────────────────────
SIGNATURE
──────────────────────────────────────────────────────────────────

Approved:

_________________________________
[MANAGING PARTNER NAME], Managing Partner
[FIRM NAME]
Date: [YYYY-MM-DD]

Acknowledged by Designated AI Compliance Officer:

_________________________________
[COMPLIANCE OFFICER NAME], [TITLE]
Date: [YYYY-MM-DD]

──────────────────────────────────────────────────────────────────
AMENDMENT HISTORY
──────────────────────────────────────────────────────────────────

Version 1.0 — [YYYY-MM-DD] — Initial adoption.
[Add amendments here as the policy is revised.]

How to use it

Inputs / fill-ins

The bracketed fields throughout the template. Most-commonly customized:

  • Firm name
  • State bar (jurisdiction-specific Rules of Professional Conduct)
  • Designated AI Compliance Officer
  • Approved-tools list (Section 2)
  • Confidentiality carve-outs and restrictions (Section 4)
  • Fee treatment language (Section 8)
  • Data retention period (Section 9)

What you get

Output

A finalized firm-specific policy document of approximately 8-12 pages depending on customization. Suitable for adoption by a managing partner, distribution to firm personnel, and inclusion in audit-defensible governance files.

Verification — what the lawyer must do

⚠ Risks and failure modes

  • Generic-policy risk: Adopting this template without customisation may miss firm-specific exposures (insurance carrier requirements, client-imposed restrictions, multi-jurisdictional practice).
  • Stale-vendor risk: The approved-tools list reflects a moment in time. Without quarterly review, the policy diverges from actual practice.
  • Compliance-theatre risk: A policy not trained on, not enforced, or not reflecting actual practice is worse than no policy — it creates documented violations.

Citations and further reading

Source: https://ixsor.com/resources/templates/firm-ai-usage-policy-template · © 2026 Ixsor LLC · Free to use, attribution appreciated · This is not legal advice.