The risk reality before your first prompt
Start here: what is safe, and what is not
AI drafts fast and invents confidently. Knowing which is which is the whole skill.
Raw AI output is malpractice-risky if you skip the check, because it fabricates plausible citations, holdings, and clauses with total confidence. Then the second danger: pasting client data into the wrong tool can waive attorney-client privilege or breach confidentiality. These two free lessons set the rule the rest of the track runs on: AI drafts, a qualified human verifies and signs off, always.
- What AI genuinely does for legal work (and the one check that keeps it safe)
- Privilege and confidentiality 101: what breaks them when you use AI
Worth knowing:The fix for a hallucinated citation is not a smarter model. It is a verification habit you run every single time. Once you have it, AI becomes safe to use.
Lawyers who have heard 'AI hallucinates' and want to know exactly how it bitesParalegals and legal-ops handling client documentsAnyone whose firm has no written AI policy yet
Start Module 1 →Useful output without the sanctions headline
Your first safe assists
Pick a safe tool, strip the client out, verify every fact.
Set up safe first use: read the tool's terms for retention and training, choose an enterprise or zero-retention tool over a consumer one for any work data, and de-identify by habit. Then get your first genuinely useful outputs: a plain-English summary of a contract or case you can trust once you check it, plus reusable canned responses and pre-meeting briefings built from your documents.
- Your first real legal AI win, set up safely
- Summarize a contract or case in plain English
Worth knowing:The single rule that prevents the sanctions headline is small: never rely on a summary, citation, or fact you have not checked against the original source.
Lawyers taking their first careful steps with AIParalegals who draft routine correspondenceAnyone walking into a meeting who wants a fast, checkable brief
Start Module 2 →From pasted text to actual documents
Work with real legal files
Hand the AI the real Word, PDF, or Excel file and ask it to work.
Move past copy-pasting. Have the AI read and redline a Word document, read or extract a PDF (even a scanned one), and read or build an Excel sheet. Then the multi-document workflow: point it at a folder of contracts and get one spreadsheet back, a row per document, with a citation in every cell so every answer is checkable against its source.
- Work with real legal files: Word, PDF, and Excel
- Tabular review: many documents into one cited spreadsheet
Worth knowing:The point of tabular review is not the spreadsheet. It is the citation in every cell, which is what lets you trust a hundred-document review you did not read line by line.
Paralegals running document-heavy reviewsLawyers comparing terms across many agreementsLegal-ops building checkable review artifacts
Start Module 3 →Redlines, triage, and never a fabricated cite
Review against a playbook
Load your standard positions, flag every clause, verify, sign off.
Load your firm's standard positions (the playbook) and have the AI flag each clause as aligned, negotiate, or escalate, with redline suggestions and rationale. Then the NDA triage workflow: sort incoming NDAs GREEN, YELLOW, or RED, spot the common landmines, and generate redlines. Both lessons carry the cite-check habit hard: verify every cited authority exists and says what it is claimed to say before anything is sent.
- Contract review against your firm's playbook
- NDA triage and review: GREEN / YELLOW / RED
Worth knowing:A playbook turns subjective review into consistent triage. The same NDA gets the same risk call whether you read it at 9am or 9pm.
In-house counsel reviewing vendor and customer agreementsLawyers triaging a steady stream of NDAsLegal-ops standardizing how the team reviews contracts
Start Module 4 →Wire it in, then point AI at your own documents
Compliance and grounding
Compliance is architecture, not a strongly worded prompt.
You cannot make AI compliant with a clever prompt. Compliance has to be wired into the workflow: approved data flows, DPAs with vendors, retention rules, audit trails, and policy documents that actually govern, with a lawyer reviewing every generated clause. Then grounding (RAG): point the AI at your own trusted case files and precedent so answers come from your documents instead of its memory, which cuts hallucination and keeps every answer citable.
- Compliance is architecture, not prompts
- Ground the AI in your own documents (RAG over case files and precedent)
Worth knowing:Grounding does not just make answers more accurate. It makes them citable, which is what turns AI output into something a lawyer can actually stand behind.
Privacy and compliance counsel drafting GDPR or CCPA artifactsLegal-ops wiring AI into a governed workflowLawyers who want answers from their own precedent, not the model's memory
Start Module 5 →The top of the climb
Build and automate, with a human gate
More autonomy, and the lawyer still signs off.
Turn a repeatable task into a reusable legal skill (your NDA-triage method becomes one click) and set up sentinels that watch for a deadline or trigger and flag it, all without writing code. Then the capstone: multi-step legal-ops pipelines (intake, research, draft, redline) that run with more autonomy but always behind a human gate, with red-team verification finding the errors and a lawyer approving before anything is filed or relied on.
- Build your own reusable legal skill
- Autonomous legal agents with a human gate
Worth knowing:The more autonomous the pipeline, the more the human gate matters. The EU AI Act and your professional duties make a lawyer's sign-off non-optional, not a nicety.
Legal-ops automating repeatable, high-volume workLawyers who want a consistent skill instead of re-prompting each timeAnyone designing an AI workflow that a regulator could ask about
Start Module 6 →