Mission/Shift · Essay · Issue 04 | June 2026

The AI Policy Nobody Reads — and Why It Matters

Most organizations have an AI use policy buried somewhere. Fewer have one their team actually understands.

Stephanie Hall
By Stephanie Hall·~7 min read

Most organizations have an AI use policy buried somewhere. Fewer have one their team actually understands.

According to the Virtuous 2026 Nonprofit AI Adoption Report, 92% of nonprofits are now using AI in some form, yet 47% have no AI governance policy at all. A separate study from the 2025 AI Equity Project found only 15% of surveyed U.S. and Canadian nonprofits have successfully implemented an AI policy.

The gap isn't surprising. Writing a policy is one thing. Writing one people will actually follow is another.

Why Policies Fail

Most AI policies fail because they're written like legal documents, not operational guides. They're long, dense, and disconnected from daily work. Staff skim them once, file them away, and return to whatever tool they were already using.

A policy alone is not enough. Responsible AI depends on AI literacy. Staff need to understand how these tools work, where risks arise, and how to make good decisions in their daily work.

What Actually Works

The most effective AI policies share three characteristics:

  1. They're grounded in values, not just rules. Ground the policy in values like privacy, transparency, equity, accessibility, consent, human oversight, and accountability. These values signal to staff—and the public—what you refuse to trade away for speed and efficiency.
  2. They're specific about use cases. Include reference to AI use cases relevant to your organization. Generic policies get ignored. Policies that address the actual tools your team uses get read.
  3. They clarify what NOT to use AI for. This is often more important than listing approved uses. Staff need to know where the lines are.

Where to Start

Several free templates can help you build a policy quickly:

  • NTEN AI Resource Hub (nten.org) — Practical, plain-language guidance with an emphasis on building policies that actually change behavior
  • Candid's Responsible AI Policy Guide (candid.org) — Particularly valuable for its emphasis on what NOT to use AI for
  • AI4NGO Free Template (ai4ngo.org) — Practical and adaptable language reviewed by independent legal experts
  • Charity Excellence Framework (charityexcellence.co.uk) — A simple, practical template for anyone using AI in the charity sector

Save the Children offers a good example of mission-specific AI guidelines. Their approach focuses specifically on child protection and privacy, ensuring AI applications enhance educational and health outcomes for children without compromising safety. It shows how organizations can tailor policies to their unique mission requirements.

The Real Test

A policy works when someone on your team can answer this question in 30 seconds: "Can I use AI for this task, and if so, what do I need to do first?"

If the answer requires digging through a 15-page document, you don't have a policy. You have a liability document no one reads.

Download: AI Policy Starter Kit

A one-page checklist for building an AI policy your team will actually follow. Includes:

  • 5 questions every AI policy must answer
  • Template language for common nonprofit use cases
  • Red/yellow/green classification framework for AI tasks
  • Sample approval workflows for high-risk uses
Stephanie Hall
— Stephanie
Written by Stephanie Hall · Lilac Creative

Read more issues of Mission/Shift on LinkedIn.

Subscribe on LinkedIn →