Strategic Planning, Policy Development & School-Wide Oversight
NAS Jiaxing | Updated: 2026-06-19
A Principal used ChatGPT to draft a strategic plan for next academic year. The document included:
Result: Sensitive strategic data processed on US servers. Potential data breach. No control over retention.
| Task | What Gets Leaked | Risk Level |
|---|---|---|
| Strategic planning documents | School vulnerabilities, competitive intelligence | CRITICAL |
| Staff restructuring plans | Employee names, roles, performance data | CRITICAL |
| Board reports | Financial data, future plans | HIGH |
| Policy drafting | Regulatory gaps, compliance issues | MEDIUM |
| Inspection preparation | School weaknesses, action plans | HIGH |
Current (Dangerous): Upload full plan to cloud AI for "review"
Local AI Method: Use anonymized prompts with specific sections
Current (Dangerous): Use cloud AI to draft entire policies
Local AI Method: Generate framework, then add specific details manually
Current (Risky): Use cloud AI to summarize board reports
Local AI Method: Summarize anonymized data points
Current (Risky): Upload inspection documents to cloud AI
Local AI Method: Generate self-assessment from anonymized criteria
| Task | Cloud Tool (Risky) | Local Alternative (Safe) |
|---|---|---|
| Document drafting | ChatGPT, Claude, Gemini | Ollama + Qwen/Llama (self-hosted) |
| Data analysis | Microsoft Copilot, Google Sheets AI | Local Python + Jupyter + Ollama |
| Presentation creation | Canva AI, Gamma, Beautiful.ai | Local Markdown + Reveal.js + local images |
| Document storage | Google Drive, OneDrive | Nextcloud (self-hosted) + Tailscale |
| Meeting notes | Notion AI, Otter.ai | Local Markdown + Git versioning |
We have already built and deployed these tools:
All data stays on school premises. Full audit logs. Zero cloud exposure.