Lexington, Kentucky’s combined city-county government has enacted one of the most specific municipal AI policies in the country, directing its 3,000 employees to use Microsoft Copilot for any generative AI tasks and explicitly banning a long list of risky uses—including feeding citizen data into prompts. The rules, presented by CIO Liz Rodgers to a council committee on June 2, 2026, mark a shift from vague guidance to enforceable, auditable governance over how public servants interact with AI.

What the Policy Actually Covers

The new rules are not a generic “use AI responsibly” memo. They draw bright lines around four areas: tools, data, decision-making, and public-facing content.

  • Approved tool: Employees must use Microsoft Copilot (the enterprise version integrated with Microsoft 365) rather than ChatGPT, Google Gemini, or other consumer chatbots. The city already runs on Microsoft 365 for email, calendars, and meetings, so Copilot fits into existing identity, security, and compliance controls.
  • Data guardrails: No one may enter “sensitive information about specific people” into an AI tool—that includes constituent addresses, health information, and other personal identifiers. Copilot’s commercial data protection framework promises that organizational data is not used to train foundation models, a key point for municipalities that handle birth records, tax data, and police reports.
  • Human review mandatory: Any AI-assisted output, especially material shared with the public, must be checked by a human employee for accuracy before it is relied on. The policy does not define the depth of review, but Rodgers emphasized that supervisors and department heads can set stricter standards.
  • No automated decisions: Staff cannot outsource decision-making to an AI agent. Functions like eligibility determinations, enforcement actions, or budget allocations must remain under human control. This aligns with broader international principles for algorithmic governance.
  • Supervisor override: Even when a use is technically permitted, a supervisor can forbid it. For example, the city’s communications department already advises divisions not to publish AI-generated art on social media, even though the policy doesn’t ban it outright. As Rodgers put it, “Acceptable use does not imply appropriate use.”
  • Enforcement and exceptions: The city can monitor employee activity on city-owned devices and accounts to catch violations. Penalties for misuse can include losing access to AI tools. Employees may request exceptions—to use a different AI tool or to perform a task normally prohibited—through a process managed by Rodgers’ office.

What It Means for Lexington Residents

If you live in Lexington or do business with the city, this policy directly affects how your personal information is handled—and how the government interacts with you.

Your data stays out of AI prompts. City employees cannot paste an address, a medical record, or a social security number into Copilot to draft a letter or summarize a case. Because the city’s Copilot tenant is configured with enterprise-grade data protections, the information that employees do type in stays within the city’s controlled environment and is not used to train Microsoft’s public models. This reduces the risk that sensitive details end up in a future chatbot response somewhere else.

AI will not decide your permit, benefit, or fine. The ban on automated decision-making means a human must sign off on any official action. If AI helped draft a denial letter or rank service requests, a person still makes the final call. This is a critical backstop for fairness and accountability—you can appeal a human decision, but an automated one may be harder to challenge.

Government communications may feel more human-checked. Because all AI-assisted public content must be reviewed, you’re less likely to encounter a hallucinated date, wrong phone number, or awkward phrasing in a city press release. The communications department’s stance against AI-generated art also means that official social media imagery will come from actual photos or human-made graphics, preserving a level of authenticity.

Transparency is still a work in progress. The policy does not mandate public disclosure whenever AI was used in crafting a letter or summary. For now, that decision is left to departments. If you want to know whether a response from the city involved AI, you may need to ask—or submit a public records request. Expect this to be a point of tension as other governments adopt similar rules.

What It Means for Government IT Leaders

Lexington’s approach is a playbook for any city, county, or school district grappling with the same question: now that everyone has access to AI, how do we prevent chaos without stifling productivity?

The Copilot mandate is a procurement strategy, not a brand endorsement. The city didn’t choose Microsoft because its model is magically smarter. It chose Copilot because the tool inherits the same identity, permissions, logging, and compliance controls that IT already uses for email, files, and Teams. If an employee pastes a confidential memo into a consumer chatbot, the government has almost no visibility. If the same action happens inside a managed Copilot tenant, IT can audit the prompt, restrict access, and prove to regulators that proper security was in place. For a mid-sized government with a lean IT staff, controllability trumps novelty.

Monitoring is the teeth of the policy. Rodgers confirmed that the city can monitor employee activity on city-owned devices and accounts. This is not unique to AI—most organizations already log email, chats, and file access. But adding AI prompts to the surveillance scope means employees should treat Copilot like any other government record system: no side conversations, no personal experiments on sensitive data. If a violation occurs, the consequence is proportional: loss of AI access for minor or accidental misuse, with the possibility of stronger discipline for repeated or willful breaches.

The exception process will make or break governance. Every department will eventually encounter a legitimate need that the policy doesn’t cover—maybe a specialized translation tool, a fraud-detection model, or a GIS analytics package. Rodgers’ office reviews exception requests case by case, which is smart. But without clear criteria, the process can become a rubber stamp or a bottleneck. Other jurisdictions should build a lightweight but documented approval framework that asks: Does the tool meet security and privacy standards? Is the use case low-risk? Can we log and audit it? A good exception process also becomes a source of intelligence about what employees actually need.

Training must go beyond button-clicking. Lexington has already held several training sessions, but the real education lies in teaching staff when not to use AI, how to strip out sensitive information, and how to verify machine-generated text. The hardest skill is learning to distrust the confident tone of a well-written AI summary. Government trainers should build exercises around real city documents: fire reports, code violation notices, council meeting minutes—showing where AI is helpful and where it invents plausible nonsense.

The Road to Regulation: How We Got Here

Two years ago, most public-sector AI policies were aspirational one-pagers: “Employees should exercise caution when using AI tools.” Then came the inevitable headlines: a lawyer submitting a brief with fake citations from ChatGPT, a school board candidate generating deepfaked attack ads, a city clerk accidentally leaking draft ordinances through an unsecured prompt. As the incidents piled up, mayors and county executives realized that vague guidance was no longer enough.

Lexington’s policy arrives at a turning point. The debate has shifted from “Should we allow AI?” to “How do we make AI use auditable?” The city’s emphasis on procurement discipline, human review, and no automated decisions mirrors what many national governments are beginning to codify—but it’s happening at the local level, where the consequences of a mistake can affect a resident’s water shut-off notice or a child’s protective services record.

Microsoft’s role in this evolution is not accidental. By embedding Copilot deeply into Microsoft 365, the company is making the same play it made with the Office suite decades ago: become the path of least resistance for organizations that already manage identity, email, and documents on its platform. For cash-strapped municipalities, the appeal is real. Buying and securing a separate enterprise AI tool is expensive; using the one that comes with the bundle is nearly free—provided you already have the right Microsoft license. The trade-off, of course, is vendor lock-in, and some governments will rightly worry about ceding too much of their workflow intelligence to a single corporation.

Action Plan: How to Build a Municipal AI Policy in 5 Steps

If you work in a city or county IT department and your leadership is asking for an AI policy, here’s where to start—informed by Lexington’s example.

  1. Inventory current AI use. Anonymously survey staff to find out which tools they’re using, how often, and for what. You’ll likely discover a mix of ChatGPT, Grammarly, image generators, and possibly tools you’ve never heard of. This baseline is essential for risk assessment.
  2. Pick a managed AI platform. If you already run Microsoft 365, Copilot is the obvious candidate because it plugs into your existing compliance and identity infrastructure. If you’re a Google Workspace shop, consider Gemini for the same reasons. The goal is not to endorse one vendor but to ensure you can log, secure, and control AI interactions.
  3. Define prohibited data and use cases. List the specific types of information that must never enter a prompt (social security numbers, health records, addresses, personnel files). Explicitly ban automated decision-making and require human review for all public-facing content. Give supervisors the authority to impose additional restrictions.
  4. Set up a lightweight exception process. Create a simple form for employees to request use of a different tool or a special use case. Require a supervisor’s signature and a review by IT or legal. Keep a log of approvals and denials to inform future policy updates.
  5. Train for failure modes, not just button clicks. The training module should teach employees to recognize AI’s limits: its tendency to invent citations, to produce biased summaries, and to sound authoritative when it’s guessing. Give them a checklist: “Did I remove all personal data? Did I verify every fact against a source document? Would I be comfortable explaining this to a resident?”

What’s Next for Lexington and Beyond

Lexington’s policy is a first edition, not a final one. Over the next year, expect the city to refine its exception process, develop more granular guidance on what constitutes “human review” of AI-generated text, and possibly confront a public-records challenge over undisclosed AI use. The policy will also be stress-tested by real incidents: a dateline mismatch in a press release, a mistranslated emergency alert, a benefits summary that subtly misstates eligibility.

The larger trend is clear. Municipal governments across the U.S. are watching Lexington, and many will adopt similar guardrails—not because they fear AI, but because they know that a botched citizen interaction can erode trust faster than any data breach. For Windows administrators and public-sector IT professionals, the message is simple: start treating AI like email. You wouldn’t let employees use a random webmail service for official business; you shouldn’t let them use random chatbots either. Governance isn’t about blocking progress—it’s about making sure progress doesn’t backfire on the people you serve.