QommonsAI Introduces Three-Layered Defense: Automatic Personal Information Detection, Prohibited Word Blocking, and Detection Logs to Achieve AI-Powered Information Governance for Local Governments

Polimill Inc. (Headquarters: Minato-ku, Tokyo; Representatives: Ayame Ito / Nonoka Taniguchi), a frontrunner in administrative DX, announces that its generative AI for government, "QommonsAI," will launch an update on April 1, 2026, introducing "Automatic Personal Information Detection," "Prohibited Word Blocking," and "Detection and Block Logs" to prevent the unintentional input of confidential information in multiple layers.

"Multilayered Information Governance Functions" to Elevate Rule Effectiveness from "Paper Regulations" to "Technical Mechanisms"

As the adoption of generative AI accelerates in local governments nationwide, it is becoming crucial to implement information management rules within the system and create an environment where employees can use AI without hesitation to further promote its utilization. Many local governments stipulate precautions for input in their generative AI usage guidelines, but their operation often relies on the awareness of individual employees. By elevating the effectiveness of rules from "paper regulations" to "technical mechanisms," employees can fully utilize generative AI with peace of mind, without feeling excessive burden regarding information management.

QommonsAI has now achieved an environment that "prevents leaks as a system, without relying on the judgment of each employee" by incorporating "Automatic Personal Information Detection," "Prohibited Word Blocking," and "Detection and Block Logs" as a three-layered defense. This allows local governments to balance the conflicting demands of "wanting to use it, but not wanting it to leak," and to promote the utilization of generative AI with confidence.

What are Personal Information Alerts / Prohibited Word Settings?

This function detects inputs containing personal information or prohibited words and displays a warning or blocks transmission to the AI.

Overview of the Three-Layered Defense

QommonsAI's information governance functions prevent the leakage of confidential information in three stages: "Detection → Blocking → Recording."

Layer 1: Automatic Personal Information Detection – AI Monitors Input in Real-Time

Personal information patterns are automatically detected at the moment an employee inputs a prompt.

The action upon detection can be individually set to either "Warning Only (alerts the employee, leaving the decision to transmit to the employee)" or "Transmission Block (blocks transmission to the AI itself)," depending on the type of confidential information.

For example, administrators can flexibly configure phased operational rules, such as "Immediately block My Number, display a warning for names and leave the decision to the employee," from the settings screen. This enables realistic governance that aligns with actual business operations.

Layer 2: Prohibited Word Blocking – Implementing Organization-Specific Rules in the System

Administrators can register 100 or more arbitrary prohibited words. Inputs containing registered words are blocked from transmission to the AI itself, preventing them at the system level without employee discretion.

This allows for flexible protection of organization-specific confidential information that cannot be captured by personal information patterns alone—such as names of unannounced policy projects, facility names under internal review, or proper nouns related to personnel matters—at the administrator's discretion.

This goes beyond simply stating "XX is prohibited from input" in the guidelines; it enforces it within the system...