Research consistently finds that a large share of employees using generative AI are doing so through personal accounts - not company-sanctioned platforms. Personal credentials. Company data. No audit trail. This is shadow AI, and it is already happening inside pharmaceutical commercial operations at a scale most organisations have not measured and would rather not see.

What shadow AI looks like in practice

A rep is preparing for a key account meeting. They need talking points tailored to the customer’s situation. So they open ChatGPT on their phone - personal account - and paste in the customer’s purchasing history, competitive positioning, and strategic challenges.

The AI generates excellent talking points.

Also: company data just left the building. It is now on servers the company does not control, subject to terms of service the company never agreed to, potentially used to train models that competitors might benefit from.

Nobody authorised this. Nobody tracked it. Nobody knows it happened.

That is shadow AI. And it is not an edge case.

Why existing controls do not catch it

Most organisations have data security policies. Access controls, encryption requirements, approved vendor lists. Those policies were designed for a world where data stayed inside systems the organisation controlled.

Generative AI broke that assumption. A rep can now extract data, pass it through an external AI, and get a result - all without triggering a single security alert. The controls were not built for this. They are not catching it.

The governance vacuum is not a failure of intent. It is a failure of pace. Policy and tooling have not kept up with the speed at which employees adopted AI to get their work done.

The pharmaceutical risk profile

In pharmaceutical commercial operations, the data at risk is not generic.

Customer intelligence. Prescriber relationships, prescribing patterns, competitive positioning. This is the commercial foundation of the business. If it surfaces outside your control, the damage is not recoverable by policy after the fact.

Pricing information. Discounting strategies, tender responses, margin structures. Competitively devastating if exposed.

Patient-adjacent data. Call reports and customer records sometimes contain information that sits close to patient data. In that context, regulatory exposure compounds commercial risk significantly.

A rep who pastes customer records into a personal AI account is not trying to create a compliance incident. They are trying to do their job. That is exactly what makes shadow AI hard to govern with prohibition alone.

Breaches involving shadow IT - including shadow AI - are consistently found to cost organisations significantly more than breaches within monitored systems. The gap is not marginal. Shadow systems take longer to detect, exposures are harder to scope, and remediation is more complex because no one knows what went where.

What governance actually requires

Visibility first. You cannot govern what you cannot see. Before policy, organisations need to understand the actual extent of shadow AI usage - anonymous surveys, network monitoring, honest conversations. The data will be uncomfortable. That discomfort is the point.

Sanctioned alternatives. Employees use shadow AI because it helps them work. Prohibition without alternative does not eliminate the behaviour; it just drives it underground and removes any visibility. Provide approved AI tools with appropriate guardrails.

Specific policies. What data can be used with AI tools? What cannot? Vague guidance produces inconsistent behaviour. Specific, written rules produce compliance - and a defensible position if something goes wrong.

Technical controls. Where feasible, implement data loss prevention systems configured for generative AI endpoints. These exist and can be deployed without prohibiting AI use entirely.

Training that means something. Not checkbox compliance. Genuine education about why the rules exist and what is at stake. Employees who understand the actual risk behave differently from employees who have simply signed a policy they never read.

The uncomfortable conversation

Many organisations quietly choose not to look for shadow AI. Knowing creates obligation. Ignorance provides a kind of deniability.

This is a dangerous position. Regulators do not accept “we did not know” when the knowing was available. And the evidence is consistent: finding out during incident response is far more expensive than finding out now.

The conversation is uncomfortable. It will reveal behaviour that has been happening without oversight, and it will expose gaps in controls that were assumed to be sufficient.

But the alternative - waiting until a breach forces awareness - is worse. Shadow AI is already in your organisation. The question is whether you govern it proactively or discover it during incident response.

The organisations we work with that have the cleanest answer to this question are the ones who did the uncomfortable audit first, built governed data environments with clear boundaries, and gave their people AI tools they were actually allowed to use.