The generative AI landgrab has produced a graveyard of stalled pilots. Autopsies almost always reveal the same cause: leaders bought the technology but forgot the humans. Dr. Gleb Tsipursky, a cognitive scientist and CEO of Disaster Avoidance Experts, has been blunt about the failure pattern. Success with AI, he argues, is more psychological than technical. The organizations that thrive will be the ones that start with people, not code.
That is not a soft-skills platitude. It is a hard-won lesson from boardrooms where executives, under pressure to show AI progress, raced to procurement teams and signed vendor deals without ever asking who would actually use the tools and how. The result is a mismatch as predictable as it is wasteful: frontline teams resist, pilots stall, and reputational risk compounds. Meanwhile, organizations that anchored their strategy in human workflows, low-code platforms, and rigorous governance are quietly moving from experiment to operations.
This article synthesizes the arguments Tsipursky has advanced in recent interviews, tests the technical claims around data privacy that make leaders anxious, and lays out a practical, risk-aware blueprint for deploying AI in the enterprise. It draws on community evidence from Microsoft’s Power Platform ecosystem, industry playbooks, and the real-world example of an insurance firm that turned generative AI from a threat into a smart intern.
The psychology-first thesis
Strip away the hype, and the thesis is simple: people who will use AI must be involved early. Their workflows, mental models, and fears should shape the solution. No-code and low-code tools democratize creation and give employees ownership, turning AI from a black box into a controllable tool they can mold. Leaders who ignore anxiety, trust, and change management will see projects stall or fail; those who invest in people see faster, safer adoption.
This pattern cuts across industries. When solutions are purchased as closed vendor packages and imposed from the top, users feel sidelined and threatened. When they are built with the people who will use them, adoption vaults upward and errors plummet. The reason is basic cognition: fear of displacement, loss of craft, and distrust of opaque systems all erode the psychological safety required for teams to experiment and learn.
A Copilot case study: insurance claims and the smart intern
Tsipursky often points to an insurance firm that tried a different path. Claims agents there spent huge portions of their days hunting through more than 100 dense policy forms to answer customer questions. The knowledge lived in individual experience, not a system. Instead of buying an off-the-shelf vendor product, the firm used Microsoft’s Copilot and no-code tools to ingest the policy documents, craft query-language prompts, and—crucially—let the agents themselves test and refine the outputs.
The reported outcome: time to find policy citations dropped, errors fell, and resistance crumbled because agents felt they had shaped the assistant rather than being replaced by it. This is the central behavioral win. AI became a trained intern, not an ominous replacement.
It is worth flagging that the precise operational details—the “over 100 policy forms” figure, the specific error reductions—appear only in interviews and have not been independently audited. They should be treated as an illustrative example, not a rigorously documented trial. Leaders should want the narrative, but they must also demand the metrics and the audit trail before scaling similar patterns.
Why no-code and citizen developer pathways work
No-code and low-code platforms—Microsoft Power Platform (Power Apps, Power Automate, Power Virtual Agents), Copilot Studio, Zapier, and others—make AI accessible to employees who already know Excel, forms, or basic logic. This lowers the learning curve and gives teams the ability to prototype fast, shape prompts and guardrails themselves, and build contextual integrations that fit their specific workflows. Early evaluations from Microsoft and community reports show significant speedups in building automations and chatbots when Copilot is applied to low-code tasks.
But no-code is not governance-free. Democratizing creation without guardrails breeds fragmented automations with overlapping responsibilities, shadow agents touching sensitive data without logging, and overconfident generative outputs that slip into production unchecked. Community forums and enterprise playbooks repeatedly call out these governance gaps as the main reason rollouts “stuck but failed safely” rather than delivering value. No-code must come with centralized governance primitives: agent registries, standardized checklists, logging and audit trails, and escalation paths for surprising or regulated outputs.
The data safety question every leader asks first
Organizational anxiety zeroes in on one fear: will a user prompt containing sensitive information be absorbed into the vendor’s model training corpus? For enterprise-grade offerings, the short answer is no—but the caveats are critical.
Microsoft’s enterprise Copilot and Power Platform documentation state that prompts, responses, and data accessed via Microsoft Graph are not used to train shared foundation models unless a tenant explicitly opts in. The company emphasizes tenant isolation and enterprise controls through Azure OpenAI Service. OpenAI’s enterprise statements for ChatGPT Enterprise and its API business commitments make a parallel claim: business inputs and outputs are not used to improve models by default; customers can opt in if they choose. Both pages highlight encryption in transit and at rest and contractual safeguards for enterprise customers.
Yet public confusion erupts periodically. Major outlets have chronicled media-fueled misunderstandings about Microsoft Office “connected experiences” and whether Office documents were being used for model training. Microsoft had to publicly deny the claims, and the episode shows how even technically correct vendor statements can erode trust if communications are sloppy. The practical rule: always purchase enterprise or tenant licenses, review the vendor’s data residency and training clauses in the contract, and require vendor evidence of isolation such as Data Protection Impact Assessments, SOC reports, and contractual data commitments. Do not assume consumer-grade offerings or free tiers provide equivalent guarantees.
The anxieties to name and manage
Generative AI introduces a distinct set of emotional and cognitive challenges. Fear of displacement hits junior staff especially hard; they see automation as a threat to future opportunity. Employees worry about loss of craft—the routinized decision-making that made them experts being eroded. Hallucinations, where models confidently assert falsehoods, introduce a trust tax that makes teams hesitate to use outputs. And reputation damage from public AI errors is a real, brand-level concern.
Good leaders name these anxieties directly and build mitigation strategies: transparent communication about intent and roles, reskilling pathways, and human-in-the-loop decision rules where a final human sign-off is required for any consequential output. Practitioner communities and recent corporate playbooks emphasize training, transparent labeling, and easy escalation as high-impact measures.
A concrete adoption playbook: start with people, ship with governance
The following blueprint distills behavioral science, enterprise tech capabilities, and early-adopter lessons into an actionable sequence.
- Map human workflows, not software. Document who does what, who makes decisions, and where errors are costly.
- Target high-frequency, low-risk pilots. Choose tasks where AI can demonstrably speed work without legal or regulatory exposure—internal summarization, draft responses, form lookups.
- Use no-code tools for pilots. Enable frontline staff to co-design and iterate with Copilot in Power Platform or controlled Zapier workflows to avoid vendor lock-in.
- Define human checkpoints. For every automation, specify where a human must review and accept results.
- Enforce logging, DLP, and lineage. All agent interactions must be auditable and tied to a responsible owner.
- Measure hard and soft metrics. Track time saved, error rates, and also employee confidence and perceived control.
- Publish an internal AI Charter. Make it simple: what data is permitted in prompts, how to escalate, and what licensing the organization uses.
- Stage scaling only after independent audits. Require vendor transparency on training and data usage, and validate bias, security, and accuracy before expanding.
This staged approach puts people first while preserving the speed and innovation benefits of modern platforms. It transforms AI from an imposition into a capability employees can shape.
A governance checklist for IT and legal teams
Community experience and industry playbooks insist that the following are minimum baseline controls, not optional extras.
- Contracts: Explicit language that business data will not be used to train public models unless opted in.
- Logging and telemetry: Full prompt-and-response audit trails for agents touching regulated data.
- DLP and masking: Policies to block PII or financial data from generative endpoints without approved safeguards.
- Human-in-loop rules: Codify which decisions require human approval and how that approval is recorded.
- Vendor assurance: SOC 2 or ISO certifications, Data Protection Impact Assessments, red-team results, and third-party audits for critical systems.
- Training: Mandatory training on prompt privacy, hallucination risk, and escalation protocols for every employee using AI tools.
The strategic upside when you get it right
When organizations pair people-first change management with appropriate technical controls, the payoff is tangible. Frontline decision-making accelerates because employees can retrieve and synthesize institutional knowledge in seconds. Onboarding friction drops as new hires query agents loaded with standard processes. Staff retention improves when people feel they shape their own tools rather than being managed by them. And entirely new roles emerge—agent ops, prompt auditors, AI quality control—that raise digital maturity and create career paths without simply displacing existing work.
Five red flags during pilot-to-scale
Any one of these is reason to pause and remediate; taken together, they demand a governance reset.
- Declining human verification. If teams stop checking AI outputs, cognitive atrophy and error cascades follow.
- Shadow agents. Automations spawned without IT review that touch sensitive data.
- Vendor opacity. An unwillingness to provide DPIAs, logs, or contractual training guarantees.
- Measurement blindspots. Focusing on “hours saved” without assessing error impact or customer satisfaction.
- Poor communications. Employees who do not understand the difference between consumer and enterprise AI offerings will default to risk-averse behavior or unsafe workarounds.
Looking forward: agents, autonomy, and the next psychological frontier
Leaders must prepare for a future where agents handle multi-step outcomes, not just single tasks. The psychological stakes rise when AI manages entire customer journeys. Trust, accountability, escalation, and anthropomorphism all become more salient. Early multi-stage agents will likely have higher error rates, and error propagation is a real technical and reputational risk. Organizations will need roles that manage agent networks: orchestration, auditing, and ethical oversight. Explainability must be preserved: agents should record why they took each step and what data informed the choice. The next wave shifts the question from “can we build it?” to “who should be allowed to let it decide?”—a fundamentally human question.
Conclusion: a practical synthesis
Generative AI can be transformative, but the transformation is social as much as technical. The most reliable path to adoption is not to dash to procurement and plug in a vendor product. It is to design pilots with the people who will use the tools, choose no-code pathways that allow frontline shaping, and pair those pilots with hard governance: logging, DLP, contractual protections, and measurement.
Start with people. Map workflows, co-design with end-users, surface anxieties and address them directly. Use no-code to build ownership, but govern like code with audit trails, human checkpoints, and vendor assurances. Validate every technical claim: purchase enterprise-grade licenses and insist that vendors demonstrate data isolation commitments in writing. Treat AI like a trained intern—useful, fast, and capable but requiring supervision, context, and ongoing training. That framing reduces fear, increases accountability, and turns a potentially disruptive technology into a durable competitive advantage. Leaders who internalize these principles will be the ones who move beyond pilots into reliable, scalable, and human-centric AI at work.