The Question
Our team uses Anthropic's Claude (Team plan) for drafting client communications, analyzing portfolios, and advisory work. Can we include client-identifying information — names, account numbers, and other NPI — in Claude conversations? No law prohibits it outright, but rules govern how we protect client data with third-party service providers. We need a documented, defensible approach.
Rules That Apply
Regulation S-P — SEC Privacy Rule
We can share NPI with service providers under a written agreement prohibiting misuse. Amended Reg S-P (deadline: June 3, 2026 for smaller firms) adds vendor oversight, incident response plans, and 72-hour breach notification.
Compliance Rule — 206(4)-7
Written AI use policies are required — approved tools, permitted uses, supervision, data handling. SEC examiners actively review AI governance in every exam cycle.
Books & Records — Rule 204-2
AI outputs sent to clients or used in advisory decisions must be retained for 5 years. Internal prompts are not explicitly required but create a useful audit trail.
Fiduciary Duty & AI Washing
SEC has brought enforcement actions against advisers overstating AI capabilities ($225K–$400K+ penalties). All AI outputs require human review before reaching clients.
Our Claude Team Plan — Current Status
✓ What we have
Anthropic will not train on our data (contractual). DPA auto-incorporated. SOC 2 Type II, ISO 27001, ISO 42001 certifications. AES-256 encryption at rest, TLS 1.2+ in transit. Admin usage data exports for audit logging.
✗ Gaps
No Zero Data Retention — 30-day standard retention applies. Breach notification says "without undue delay," not the specific 72 hours Reg S-P requires. No custom retention controls. No SSO/SCIM or role-based access.
Our Options
Option A — Recommended
Don't include NPI — describe, don't identify
Advisors describe client situations without names or account numbers. "A 58-year-old with $1.2M retiring next year" instead of "John Smith, Schwab #4829." Add personal details manually after Claude generates output.
Zero NPI exposure
Cost: $0
Effort: Low
Option B — For Documents
Strip NPI from files before uploading
For custodial reports, export to CSV and delete identifying columns before upload. Or build a simple internal tool to scrub known client identifiers from PDFs before they reach Claude.
Minimal exposure
Cost: $0–$2K
Effort: Medium
Option C — Higher Risk
Allow NPI with documented controls
Accept NPI processing under commercial terms with formal vendor due diligence and written policies — analogous to how we share client data with our CRM, financial planning, and portfolio management tools.
Moderate exposure
Cost: $0
Effort: Medium
Option D — Most Compliant, Future Consideration
Upgrade to Claude Enterprise
Full compliance stack: SSO/SCIM, Zero Data Retention, HIPAA BAA, negotiable breach notification terms. 20-seat minimum at ~$60/seat/month (~$14K+/year). Not our starting point, but worth revisiting as usage scales.
Lowest risk
Cost: ~$14K+/yr
Not yet
Recommendation
Start with Option A immediately — zero NPI exposure, requires only a policy update and team training.
Add Option B for document workflows where advisors need Claude to analyze custodial reports. Together, these create a defensible, zero-exposure position on our existing Team plan at no additional cost. Revisit Option C if de-identification creates meaningful friction.
Looking ahead: once we build AI agent workflows, we can automate NPI redaction — stripping identifiers before data reaches the AI and re-inserting them programmatically — making Options A and B seamless with zero manual friction.
What Changed
The SEC amended Regulation S-P on May 16, 2024, significantly strengthening how RIAs must protect client data when working with third-party service providers. Firms under $1.5B AUM must comply by June 3, 2026. These amendments apply to any vendor that touches client NPI, including AI tools like Claude.
New Requirements
Written Incident Response Program
Firms must adopt written procedures to detect, respond to, and recover from unauthorized access to client information. This must be in place before the deadline, not after an incident occurs.
Vendor Breach Notification: 72 Hours
Service providers that handle client data must contractually agree to notify your firm within 72 hours of discovering a breach. Review every vendor contract that touches NPI.
Client Breach Notification: 30 Days
If client data is accessed without authorization, you must notify affected clients within 30 days of discovery. Prepare a notification template and escalation process now.
Vendor Oversight Contracts
Any third-party service provider handling customer information must be contractually obligated to implement appropriate safeguards. This includes AI vendors. Review Anthropic's DPA against this requirement.
Disposal of Customer Information
Written policies for secure disposal of customer information, including data stored in or processed by third-party tools. Document retention and deletion procedures for every system.
Updated Privacy Notices
Annual privacy notices must reflect how customer information is used and shared, including any new AI tool usage that changes data handling practices.
Impact on Our Claude Usage
If we stay with Option A/B (no NPI in Claude)
Claude is not a "service provider handling customer information" under Reg S-P. The amended requirements apply to vendors that actually receive NPI. Staying NPI-free keeps Claude outside the scope of these obligations entirely.
If we move to Option C (NPI with controls)
Anthropic becomes a covered service provider. We need: (1) contractual 72-hour breach notification from Anthropic, (2) a written incident response program, (3) a client notification template, (4) documented vendor oversight. Anthropic's DPA says "without undue delay," not 72 hours. That gap must be resolved.
Action Items Before June 3
1. Draft a written incident response program covering AI-related data incidents.
2. Review Anthropic's DPA against 72-hour notification requirement.
3. Audit all vendor contracts that touch client NPI for breach notification terms.
4. Prepare a client breach notification template.
5. Update annual privacy notice to reflect AI tool usage.
6. Coordinate with Polaris on all of the above.