Engagement Walkthroughs

What a Managed AI Engagement Looks Like

Three illustrative walkthroughs of Managed AI engagements with construction, mining, and healthcare clients. Specific enough to plan against. Honest about what's typical and what varies.

A note on these walkthroughs.

Unió Digital launched our productized Managed AI program in Q2 2026. The walkthroughs below describe the engagement shape and deliverables based on our current Founding Pilot Cohort and the methodology we run on every engagement. Outcomes are typical projections based on the assessment work, not promises. As we accumulate published case studies with named clients, those will replace the illustrative engagement walkthroughs on this page.

Every engagement follows the same four-stage flow.

Assessment → Workshop → 90-Day Plan → Agreement. The first stage is free.

1

Free Assessment

30-minute discovery. Five deliverables. No commitment. The 90-Day Plan is yours regardless.

2

Workshop

Half-day Operational Discovery or 90-minute AI 2x2. Output: prioritized roadmap.

3

90-Day Plan

Three to five named initiatives with owners and dollar estimates.

4

Agreement

Recurring program kicks off. Foundation, Operations, or Strategy package.

Walkthrough 1 of 3

Construction General Contractor

A 50 to 150 employee Arizona GC running multiple active projects. Office staff plus field-deployed PMs and superintendents. Microsoft 365 already in use. Project files in SharePoint. Concerned about subcontractor data and bid-pricing exposure as employees adopt AI tools.

Discovery findings (typical)

  • 15-30 distinct AI tools accessed from the company network in the past 90 days, mostly consumer tier.
  • SharePoint project sites set up with broad permissions ("Everyone except external users") that have not been revisited.
  • PMs routinely paste RFI text and submittal content into ChatGPT to draft responses.
  • No written AI Acceptable Use Policy. No sanctioned-tool list communicated to staff.
  • Microsoft 365 Copilot licenses purchased but adoption stalled because oversharing was never remediated.

90-Day Plan output (illustrative)

  • Days 1-30: Publish AI Acceptable Use Policy with construction addendum. Sanctioned-tool list communicated. Cisco Umbrella AI category reporting enabled.
  • Days 30-60: SharePoint oversharing audit and remediation. Sensitivity labels deployed. Copilot pilot scoped to one project team for measurement.
  • Days 60-90: Pilot readout. Decision on full-org rollout vs phased. Rewst-orchestrated RFI auto-routing scoped as the first automation build.

Ongoing Managed AI program (Operations package fit)

After the 90-Day Plan, the engagement continues as a recurring Operations-tier Managed AI Agreement. Eight base components plus AI Security, Microsoft Copilot Managed, and Enhanced Enablement modules. Quarterly governance reviews. Construction-specific addendum to the AI Policy stays current as new submittal-prompt-injection patterns emerge in the broader market. See the Managed AI Agreement structure.

Walkthrough 2 of 3

MSHA-Regulated Mining Operator

A 100 to 300 employee Arizona mining operation with multiple sites. Office staff handling MSHA Part 50 reporting, Part 46 training records, and equipment safety documentation. Connectivity varies by site. Leadership wants AI productivity but is concerned about MSHA documentation integrity and miner-data exposure.

Discovery findings (typical)

  • Decades of accumulated safety procedures, MSDSs, and ventilation plans scattered across SharePoint and shared drives. Search is slow.
  • Safety managers occasionally summarize Part 50 incident reports through public AI tools. No oversight or labeling.
  • HR uses public AI to extract certifications expiring in the next 60 days from training-record exports.
  • No AI Acceptable Use Policy specific to MSHA-regulated documentation.
  • Multi-site IT/OT segmentation is intact, but AI policy hasn't been extended to remote sites.

90-Day Plan output (illustrative)

  • Days 1-30: AI AUP with MSHA addendum published. Sensitivity-label schema deployed (Public, Internal, Confidential, MSHA-Source).
  • Days 30-60: Source-record / derivative-content folder discipline established. AI usage report monitored for shadow tools at all sites. Browser-layer DLP scoped for HR.
  • Days 60-90: Custom AI agent scoped on tenant-scoped knowledge base for safety-procedure search. Training-record gap analysis automated as the first internal AI workflow.

Ongoing Managed AI program (Strategy package fit)

Mining engagements typically progress to the Strategy-tier Managed AI Agreement because the custom-agent work and the regulatory documentation discipline justify the higher engagement. vCAIO Quarterly is included for board-level reporting on safety-procedure search adoption and Part 50 cycle efficiency. See the deeper MSHA + AI write-up.

Walkthrough 3 of 3

Medical Practice (HIPAA-Covered)

A 20 to 75 employee Arizona medical practice. Microsoft 365 in use. Existing EMR is the source of truth for PHI. Staff have started experimenting with consumer ChatGPT and Claude for administrative work. Practice manager wants the productivity benefit but the privacy officer is concerned about PHI exposure.

Discovery findings (typical)

  • Staff using consumer AI tools for vendor contract review, internal memos, and patient-facing communication drafts. PHI sometimes pasted accidentally.
  • No AI AUP. No BAA inventory of which AI vendors have been onboarded.
  • Sensitivity labels not in use. No mechanism to enforce PHI scope-out beyond employee discretion.
  • Microsoft 365 Copilot licensing has been considered but the practice paused over BAA scope concerns.
  • Insurance verification process consumes significant staff hours on multi-system check-and-confirm work.

90-Day Plan output (illustrative)

  • Days 1-30: AI AUP with healthcare addendum. PHI explicitly out of scope for generative AI. BAA inventory completed across existing AI-touching vendors.
  • Days 30-60: Sensitivity labels rolled out (Public, Internal, Confidential, PHI-High). DLP rules block paste of PHI-labeled content into AI tools. Copilot pilot scoped to administrative-only roles.
  • Days 60-90: Staff training on HIPAA-aware AI workflows. Insurance verification process redesign scoped (no PHI in AI; meta-workflow design uses AI). Pilot readout.

Ongoing Managed AI program (Operations package fit)

Healthcare engagements typically settle on the Operations-tier Managed AI Agreement plus the Healthcare (HIPAA) Vertical Compliance Overlay one-time engagement. PHI-scope-out enforcement is reviewed at every quarterly governance meeting. Audit-ready evidence packaging supports HIPAA risk assessment workflows. See the deeper HIPAA + AI write-up.

Founding Pilot Cohort

Be one of our first published case studies.

We're actively building the Managed AI program with a small group of Arizona construction, mining, and healthcare clients. Founding Pilot clients receive priority engagement with the Visionary, preferred pricing on the first 12 months, and the option to be referenced in our published case studies as the program matures.

Apply for the Founding Pilot

Want to map your own engagement?

The free AI Readiness Assessment produces a 90-Day Plan tailored to your environment. The walkthroughs above are illustrative; your assessment is specific.

Book the Free Assessment See the Agreement Structure