Download PDF (140 KB)
PDF version — print or share with your team.
Municipal staff want to know whether Claude Cowork can take on report and document work without breaching MFIPPA or mishandling a record headed for a freedom-of-information request. According to Statistics Canada, 12.2% of Canadian businesses now use AI, double the rate a year earlier, and public-sector teams are no exception. The duty to protect resident information stays with the municipality.
Mike Pearlstein, CISSP, MSc AI, founder of Fusion Computing, which has secured IT for Ontario organizations across Toronto, Hamilton, and Metro Vancouver since 2012.
Key takeaways
- A municipality can use Claude Cowork for administrative work on a Team or Enterprise plan with scoped access and a written policy.
- Keep personal information out of the tool, de-identify it, or run an MFIPPA assessment. Prompts reach Anthropic.
- Anthropic’s Compliance API excludes public-sector organizations, so central oversight is limited from the start.
- Scope it to an admin folder, never the records or property system.
Can Ontario municipalities use Claude Cowork under MFIPPA?
Yes, a municipality can use Claude Cowork for administrative work on a Team or Enterprise plan, with access scoped to a folder that holds no personal information and a written policy. Personal information and records subject to a freedom-of-information request need an MFIPPA assessment first. Anthropic’s Compliance API excludes public-sector organizations, so a municipality has even less central oversight than a private firm.
The duty to protect personal information is the municipality’s, and no vendor setting removes it. What a council controls is the scope: which files the agent opens, which plan governs the data, and whether any resident information is involved at all.
It’s the same secure-adoption logic from the pillar guide on using Claude Cowork securely in your business, applied to a MFIPPA institution, and it sits alongside our broader IT for Ontario municipalities work.
What Claude Cowork safely does for a municipality
Claude Cowork is strongest at municipal administration, not resident records. The safe jobs use no personal information: drafting council reports and agendas, organizing policies and by-laws, writing public notices and communications, assembling grant and funding applications, and organizing records that contain no resident identifiers. Each output is a draft for staff to review before it goes anywhere public.
Here’s how those administrative jobs map to the work, with the guardrail that keeps each one inside MFIPPA. Fusion Computing walks councils through this before any pilot, the same way we scope any AI services engagement.
Book a 30-minute call to scope Claude Cowork for your municipality safely →
| Task | What Cowork does | The guardrail |
|---|---|---|
| Council reports and agendas | Drafts reports, agendas, and minutes from staff notes | No personal information in the source folder |
| Policy and by-law organization | Sorts and updates policies and by-laws | Internal documents, no resident data |
| Public notices and communications | Drafts notices and communications | De-identified or public content only |
| Grant and funding applications | Assembles applications from program materials | Internal program data, reviewed before filing |
| Records and FOI-response prep | Organizes records that hold no personal information | PI stays out unless assessed under MFIPPA |
The MFIPPA and records guardrails
The core guardrail is keeping personal information out of the tool by default. Because Cowork sends prompts to Anthropic, putting resident information in moves it outside the municipality’s direct control. Scope the agent to an administrative folder, de-identify anything that must be processed, and run an MFIPPA assessment before any personal information is used. Keep the records and property systems off limits.
The mistake we flag most often is scope. When a municipality points the agent at a records system, every task risks touching personal information. Scope it to an administrative folder with no identifiers and you’ve cut most of the MFIPPA exposure.
Field note. In the public-sector pilots I’ve run, the first thing I do is draw a hard line around anything with resident information. We start with reports, policies, and grant applications, prove the workflow, and only revisit personal information after the clerk and a privacy lead have signed off on an assessment.
The policy is the other half. A short rule set, the kind we cover in our guide on what belongs in an AI acceptable use policy, names the approved tool, states that personal information stays out unless assessed, and says who may run it. Fusion Computing pairs that with a cybersecurity review so the municipality has a defensible position.
The oversight gap for FOI and records audits
Claude Cowork stores its conversation history locally on each user’s computer, and that activity is not captured by audit logs, the Compliance API, or data exports. For a municipality the gap is wider, because Anthropic’s Compliance API excludes public-sector organizations entirely. MFIPPA and records duties assume the institution can account for how information is used, so a municipality has to build that record itself.
According to Anthropic’s guidance on using Cowork on Team and Enterprise plans, the local history “is not subject to Anthropic’s standard data retention policies and cannot be centrally managed or exported by admins.” The Enterprise audit logs that do exist capture metadata, not the work.
That gap is a strong reason to keep personal information out of Cowork. For the administrative work that stays in scope, Fusion Computing wires the OpenTelemetry stream into the same monitoring we run for managed detection and response, so the municipality sees tool calls and file access.
Plan tier and a setup checklist for a municipality
The plan tier is the first decision: only Team and Enterprise carry the “not trained on by default” commitment plus the admin controls a council needs. A safe rollout is then short: scope to an admin folder, keep “ask before acting” on, add a personal-information rule, turn on OpenTelemetry monitoring, have the clerk sign off, and run an MFIPPA assessment before any resident information.
Cowork runs on Pro, Max, Team, and Enterprise plans per Anthropic’s release notes, and on the business tiers your content is not used to train models by default, as Anthropic’s privacy commitments set out. Here’s the checklist Fusion Computing runs with a council.
Get a CISSP-led review of where AI tools touch resident information →
Why Canadian firms bring this work to Fusion Computing
CISSP-led, a Microsoft Solutions Partner and a CompTIA Managed Services Trustmark holder, securing IT for Canadian SMBs across Toronto, Hamilton, and Metro Vancouver since 2012.
- Choose Team or Enterprise. Staff running municipal work on a personal account is the first risk to fix.
- Scope to an administrative folder. Never the records or property system.
- Default to “ask before acting.” Cowork always asks before deleting files; keep approvals on.
- Put a personal-information rule in the policy. Personal information stays out unless de-identified or assessed.
- Turn on OpenTelemetry monitoring. It’s the only visibility you have into what the agent did.
- Keep the clerk or a privacy lead signing off. Nothing public-facing ships without review.
- Run an MFIPPA assessment first. Complete it before any resident information goes near the tool.
None of it’s exotic, and most of it takes an afternoon. Fusion Computing sets it up as part of the managed IT work we already do for public-sector clients, and the same pattern carries to non-profits and law firms under their own rules. If you want a second set of eyes before staff pilot Cowork, talk to us or read more about how we work.
Claude Cowork is worth adopting for the report and document load that fills a municipal week. The councils that set the plan, the scope, and the personal-information rule first are the ones that’ll use it calmly while their neighbours are still arguing about whether it’s allowed.
Fusion Computing helps Canadian businesses across Toronto and the GTA, Hamilton, and Metro Vancouver with managed IT, cybersecurity, and Microsoft 365.
Frequently Asked Questions
Can a municipality put resident information into Claude Cowork?
Treat that as a decision, never a default. Personal information sent to Cowork reaches Anthropic, so it leaves the municipality’s direct control. Keep resident information out of the tool, de-identify data before processing, or complete an MFIPPA assessment first. Administrative work with no personal identifiers is the safe starting point for a council.
Is Claude Cowork MFIPPA-compliant?
MFIPPA compliance depends on how a municipality uses a tool, never on the tool alone. Cowork can be used in an MFIPPA-aligned way for administrative tasks with no personal information, on a business plan, with a policy and a privacy lead involved. Using it with resident information requires a documented assessment before you start.
What can a municipality safely use Claude Cowork for?
The safe uses involve no personal information: drafting council reports and agendas, organizing policies and by-laws, writing public notices, assembling grant applications, and organizing records that contain no resident identifiers. Start there, prove the workflow, and keep the records and property systems out of scope until a privacy lead has assessed any personal-information use.
What plan does a municipality need for Claude Cowork?
A municipality should use the Team or Enterprise plan, never a personal Pro or Max account. Only the business tiers carry Anthropic’s commitment not to train on your content by default, plus the owner and admin controls an institution needs. Staff running municipal work on a personal account is the first risk to remediate.
Want an MFIPPA-aware AI use policy before staff pilot Cowork? →
Does the Compliance API cover us?
No. Anthropic’s Compliance API is generally available to Enterprise plans but excludes public-sector organizations, so a municipality cannot rely on it for central oversight. Combined with Cowork’s local session storage, that means a council has to build its own record of AI-assisted work and use OpenTelemetry for what visibility it can get.
Is our data used to train the model?
On Team and Enterprise plans, your content is not used to train Anthropic’s models by default. The bigger point for a municipality is control. Even without training, personal information sent to the tool reaches Anthropic, so the safe default is to keep resident information out unless an MFIPPA assessment says otherwise.
Does Claude Cowork work on Windows or only Mac?
Claude Cowork works on both macOS and Windows through the Claude desktop app, and it reached general availability on both on April 9, 2026. It is not available on the web or on mobile. Some capabilities, such as computer use, arrived first as research previews, so confirm the current feature list for your platform inside the app.
Who at the municipality should run Claude Cowork?
Start with administrative staff and a privacy lead, never the whole organization and never staff handling resident records. Cowork is an organization-wide setting that owners can switch on or off, and granular per-user controls are limited, so a deliberate pilot with named users beats a broad rollout. Pair it with training and a written policy first.
