How to Use ChatGPT Without Sharing Client Names

AI tools like ChatGPT and Claude can save professionals hours every week — drafting letters, summarising documents, researching precedents, preparing reports. But for lawyers, accountants, doctors, and financial advisors, there's a fundamental problem: these tools require you to share your prompt, and your prompts often contain sensitive client information.

The good news: you can get all the productivity benefits without exposing a single piece of client data. Here's exactly how.

Method 1: Manual Placeholder Replacement

The simplest approach is to replace identifying information with placeholders before you type your prompt. Instead of writing "Draft a letter for John Smith regarding his divorce from Sarah Smith," you write "Draft a letter for [CLIENT] regarding their divorce from [SPOUSE]." The AI produces a perfectly good letter. You fill in the real names afterwards.

This works, but it's slow and error-prone. You have to remember to replace every piece of identifying information — names, dates of birth, account numbers, case references, medical record numbers. Miss one and you've sent real data to a third party.

Method 2: Use a Generic Scenario

For some tasks, you can describe the situation in general terms without any client specifics at all. Instead of "My client John Smith has a capital gains liability of $47,000 from the sale of his property at 123 Main Street," you write "A client has a $47,000 capital gains liability from a property sale. What are the options for reducing this liability?"

This works well for research and general advice questions. It doesn't work as well when you need the AI to draft something personalised.

Method 3: Structured Token Replacement

A more systematic approach uses structured tokens — consistent placeholders that allow the AI to work naturally with the anonymised text. Instead of ad-hoc replacements, you use a system:

• [NAME_1] for the primary person's name
• [NAME_2] for secondary names
• [DOB_1] for dates of birth
• [SSN_1] for social security numbers
• [ACCOUNT_1] for account numbers
• [CASE_REF_1] for case or matter references

You maintain a local lookup table (a spreadsheet or even a piece of paper) that maps each token to the real value. You anonymise before sending, the AI responds using the tokens, and you restore the real values in the final output.

Method 4: Use Snitch (Automatic Anonymisation)

Methods 1-3 all require manual effort — and manual processes have a failure rate. The more reliable approach is to automate the anonymisation so you never have to think about it.

Snitch does this automatically. You type normally, including real client names and all sensitive details. Before anything leaves your browser, Snitch's two-layer detection system identifies and replaces PII with structured tokens. The anonymised prompt goes to Claude. Claude responds using the tokens. Your browser restores the real values in the final response.

The result: you work exactly as you normally would, and your clients' real data never leaves your browser.

What to Do When You've Already Sent Client Data

If you've been using AI tools without anonymisation, you're not alone — most professionals have. Here's what to do:

1. Don't panic. The risk varies significantly based on what data was sent and to which platform.
2. Review the AI provider's privacy policy and data handling practices for the account type you're using.
3. Consider whether any of the data sent was particularly sensitive — financial account numbers, SSNs, medical information.
4. Implement anonymisation going forward.
5. If you're in a regulated profession, consult your compliance officer or professional body about your obligations.